Re: Encrypting and Decrypting AppConfig

Hi Dilum,

use RsaProtectedConfigurationProvider instead of
DataProtectionConfigurationProvider

for Details start reading here:
http://msdn.microsoft.com/en-us/library/cc511527.aspx

Dirk

Hi,

You can encrypt and decrypt AppConfig using the
"ConfigurationSection.SectionInformation.ProtectSection" method as follows.

//To Encrypt
Configuration config =
ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
ConfigurationSection cons = config.AppSettings;

cons.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
cons.SectionInformation.
cons.SectionInformation.ForceSave = true;
config.Save(ConfigurationSaveMode.Full);

//To Decrypt
Configuration config =
ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
ConfigurationSection cons = config.AppSettings;
cons.SectionInformation.UnprotectSection();
cons.SectionInformation.ForceSave = true;
config.Save(ConfigurationSaveMode.Full);


But the limitation here is that it is machine specific, in the sense that
you can only decrypt in the same machine where you encrypted it. For an
example say that you want to deliver a solution to a customer with sections
in AppConfig encrypted, once you encrypted it in the developer pc, you wont
be able to access information in AppConfig in client's pc even through the
program.

So this is not possible if the machines are changed in the process. Seems it
takes internal machine specific keys to do the encryption and seems there is
no way to specify a custom key which can be delivered to the customer for
decryption. Even the class "SectionInformation" is seeled so that cannot
derive it and do any modifiations.

One way to overcome this is by, encrypting it while installing using a post
action command in the Setup project. So then it will become machine specific
and can decrypted as needed. But what I want to know is, is there any other
work arround for this? I would like to know all the other ways if there are
possibilities to do this.

Please let me know if you know anything regarding this.

Thank you
Dilum
.

Relevant Pages

  • Encrypting and Decrypting AppConfig
    ... You can encrypt and decrypt AppConfig using the ... Configuration config = ...
    (microsoft.public.dotnet.framework.windowsforms)
  • RE: ??? Which Key Encrypts .Config Files ???
    ... encryption and decryption key is stored when you encrypt the configuration ... mechanism, to encrypt the configurations. ... machine level key container by default. ... When we decrypt the configuration information, ...
    (microsoft.public.dotnet.framework)
  • RE: NTE_BAD_DATA
    ... They are NOT used DIRECTLY to encrypt / decrypt data; ... you should generate a RANDOM SESSION KEY and select a SYMMETRIC ENCRYPTION ... // imported from a BLOB read in from the source file or having ...
    (microsoft.public.platformsdk.security)
  • Re: Back Doors
    ... >> Design into the system a master key. ... Encrypt that with public key. ... Decrypt random symmetric key with private key. ...
    (sci.crypt)
  • Re: CAPI and RC4: can not decrypt when Final parameter is set to F
    ... to store ASYMMETRIC key pairs - never symmetric keys like RC4, ... Now when you need to encrypt at one place and decrypt at the other normally ... Get a HCRYPTPROV handle to a key container with CryptAcquireContext ...
    (microsoft.public.platformsdk.security)
Quantcast