Loading blog entries.. loading

Encrypt .Net Configuration file

Friday, June 11, 2010 10:10 AM
Written by Wayne Ye
Font Size: S  M  L 

Under some scenarios the developers want to encrypt some sections inside app.config or web.config file, this article How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA describes how to do so clearly, Scott Guthrie also posted one: Encrypting Web.Config Values in ASP.NET 2.0.

However, in the posts above they uses aspnet_regiis.exe and seems it doesn’t directly support app.config, if we want to encrypt app.config for Windows Form or WPF applications, while I tried use it to encrypt my app.config file, it generates a web.config which means my Winform definitely can’t use it, even if I copy the encrypted appSettings section from this generated web.config to my own app.config(ConfigurationManager.AppSettings[EncryptedKeyName] is null after I did that).

Config Encrypt

Encrypted WebConfig

After several minutes google search and testing I found the code below is simple and very straight forward to achieve this:

Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);

SectionInformation appSettingsSecInfo = config.GetSection("appSettings").SectionInformation;
if (!appSettingsSecInfo.IsProtected)
{
    Console.WriteLine("The configuration file has NOT been protected!");

    // Encrypt this section by using security provider (RsaProtectedConfigurationProvider or DpapiProtectedConfigurationProvider).
    appSettingsSecInfo.ProtectSection("RsaProtectedConfigurationProvider");
    appSettingsSecInfo.ForceSave = true;

    config.Save(ConfigurationSaveMode.Full);
}

This code snippet will do the encryption job and works for both app.config/web.config, here is the MSDN definition page for SectionInformation.ProtectSection:
http://msdn.microsoft.com/en-us/library/system.configuration.sectioninformation.protectsection.aspx

References:

Overview of Protected Configuration:

http://msdn.microsoft.com/en-us/library/hh8x3tas.aspx

RsaProtectedConfigurationProvider Class:
http://msdn.microsoft.com/en-us/library/system.configuration.rsaprotectedconfigurationprovider.aspx

DpapiProtectedConfigurationProvider Class:
http://msdn.microsoft.com/en-us/library/system.configuration.dpapiprotectedconfigurationprovider.aspx

 

Permalink: http://wayneye.com/Blog/Encrypt-DotNet-Configuration-File 3583 Views  0 Comments
Tag: Category:Programming».Net Framework»Essence

 

 


↓Comments↓

No comments so far, be the first one!

Your view point or opinion?
Nickname *
 
Gravatar *
Required (not shown), used only for displaying Gravatar and receiving future notification when new comment(s) posted on this blog.
 
Website/Blog
 
Content *
Current length:     Maximum allowed: charactors