User section encryption in app / web.config

Question

User section encryption in app / web.config

I need to encrypt / decrypt user sections in app.config as well as the web.config file. I read that aspnet_regiis can be used for web.config, but I need to do this programmatically.

After opening mappedExeConfiguration, I define the section as follows:

ConfigurationSection connStrings = config.AppSettings;

to encrypt / decrypt the AppSettings section.

How to specify the name of the custom section? When I type the name of my custom section after the configurationSection object, intelli-sense does not recognize it. (It recognizes only a few known sections)

PS In my function, I need to take the name of the user section as a string parameter.

Example:

eg.

 <Configuration> <MyCustomTag> <... data /> </MyCustomTag> </Configuration>

where MyCustomTag is the section I need to encrypt / decrypt.

+8

c # encryption configuration-files

Karan May 13 '13 at 9:43

source share

3 answers

S. Baggy · Answer 1 · 2013-05-13T10:21:37+0000

I achieved this using the code I found at http://www.a2zmenu.com/Blogs/CSharp/How-to-encrypt-configuration-file.aspx

I would embed my code, but basically it is almost identical to the code on this web page, except for changing application names.

Edit: for a custom section, I'm not sure, since I didn't need to use it, but you could examine what the configuration object gives in the next line.

 Configuration config = ConfigurationManager.OpenExeConfiguration(GetAppPath() + "MyAppName.exe");

Here is my entire UpdateKey () method, which I now understand is a bit adapted from the web page. Perhaps this helps.

 public static void UpdateKey(string key, string newValue) { Configuration config = ConfigurationManager.OpenExeConfiguration(GetAppPath() + "MyAppName.exe"); config.AppSettings.Settings[key].Value = newValue; config.Save(); }

Then, after I saved my key (s), I call

 EncryptAppSettings("appSettings");

and perhaps you can also adapt the parameter value to fit that.

Haever · Answer 2 · 2013-05-13T09:52:15+0000

The command for encryption is called from CommandPromt VS 2010:

 %windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis -pef "connectionStrings" "YOUR_PROJECT_NAME" -prov "DataProtectionConfigurationProvider"

Decrypt:

 %windir%\Microsoft.NET\Framework64\v4.0.30319\aspnet_regiis -pdf "connectionStrings" "YOUR_PROJECT_NAME"

Ɖiamond ǤeezeƦ · Answer 3 · 2013-05-13T10:06:38+0000

To encrypt, use the command line sent by HaGever in response.

There is sample code in this question for reading app.config files from code. The code does not work because the encryption key was not installed on the computer used to decrypt the app.config file.

User section encryption in app / web.config

More articles: