Previously we used to write encryption decryption function using different .Net notation (like: SHA, MD5 etc) and manually updating configuration file. Here I am giving new way to do same task programmatically, you can do encrypt or decrypt any project configuration file appSettings or connectionStrings sections programmatically
ASP.NET 2.0 and above makes it extremely easy to encrypt connection strings, encrypt application settings, and encrypt config sections in Web.config either via the command prompt with aspnet_regiis or programmatically in your web applications.
Source Code:
Create application to encrypt or decrypt configuration file using C#/VB.Net windows or web application.
Here I am creating window application using C#.net, Follow the simple four steps to create application.
1) app.config file sections Before Encryption
<appSettings>
<add key="ServerName" value="Your Machine Name" />
<add key="Password" value="123.456.78" />
</appSettings>
2) app.config file sections After Encryption
For example:
<appSettings configProtectionProvider="DataProtectionConfigurationProvider">
<EncryptedData>
<CipherData>
<CipherValue>MSDFSDFGSSD$SFSD%VAAAAAAGDFGDFGGGGGGGVBCXBVBVCBBVCVBVCBBBTYRTYRTY%UUUUUUUU</CipherValue>
</CipherData>
</EncryptedData>
</appSettings>
3) Code for Encrypt and Decrypt button
NameSpace
using System.Web.Configuration;
Call following function from Encrypt button code behind
Function for Encryption
private int EncryptConfigurationSection(string fileName, string sectionName, string provider)
{
//Creates a FileMap Object to store the File Name of Configuration File
ExeConfigurationFileMap FileMap = new ExeConfigurationFileMap();
//Assigning the File Name to the File Map
FileMap.ExeConfigFilename = fileName;
//Retrieving the Configuration from the File Provided
Configuration config =
ConfigurationManager.OpenMappedExeConfiguration(FileMap, ConfigurationUserLevel.None);
//Checking if the File Provided is a Configuration File Or Not
if (config.HasFile) {
//Retrieve the Section from the Configuration Object
ConfigurationSection section = config.GetSection(sectionName);
//Check if the Section is not null or is not Previously Protected
if (section != null && !section.SectionInformation.IsProtected) {
//Provide Protection to the Section as per the provider
section.SectionInformation.ProtectSection(provider);
//Save the Configuration object and the File
config.Save();
return 1;
}
else{
if (section != null) {return 3;}
else {return 0;}
}
}
else {return 2;}
}
Function for De-Encryption
Call following function from Dncrypt button code behind
private int DncryptConfigurationSection(string fileName, string sectionName)
{
//Creates a FileMap Object to store the File Name of Configuration File
ExeConfigurationFileMap FileMap = new ExeConfigurationFileMap();
//Assigning the File Name to the File Map
FileMap.ExeConfigFilename = fileName;
//Retrieving the Configuration from the File Provided
Configuration config =
ConfigurationManager.OpenMappedExeConfiguration(FileMap, ConfigurationUserLevel.None);
//Checking if the File Provided is a Configuration File Or Not
if (config.HasFile) {
//Retrieve the Section from the Configuration Object
ConfigurationSection section = config.GetSection(sectionName);
//Check if the Section is not null or is not Previously Protected
if (section != null && section.SectionInformation.IsProtected) {
//Remove the Protection from the Section
section.SectionInformation.UnprotectSection();
//Save the Configuration Object and the File
config.Save();
return 1;
}
else {
if (section != null) {return 3;}
else {return 0;}
}
} else {return 2;}
}
Note:
In the above functions 0 to 3 used for
0 --> Wrong Section as per Configuration file
1 --> Successful Encyprtion/Decryption Information
2 --> Wrong Configuration File name
3 --> Configuration section in file is not encrypted
H/W Platform: Dual Processor with 1 GB RAM
S/W Environment: ASP.NET, VB.NET and C#.NET
3 comments:
How do you use the encrypted conf file in the target application?
How does the target application access the encrypted values?
Hi Mark,
From the .NET code if you type configurationManager.Appsettings["Key"], .NET will internally decript and give the value of "Key" from the config file.
You have to create different utility like .exe and give it to client for encript and decript the data.
Thanks
Ritesh
hello, can be downloaded, or you could send email ami?
please!! :(
E-mail: mascodigo.net@hotmail.com
Post a Comment