In .Net application (web/window) configuration file we used to make application setting as configurable. Each and every time you need not to compile your project for any setting changes in the configuration file. This configuration file present in virtual directory of the application. When you deploy the application, it can be editable by the users who have all permission for that deployment server and one server can have several applications, this time it is necessary to keep your application configuration file secure or use encrypted configuration file to secure your application setting data.
Previously we used to write encryption decryption function using different .Net notation (like: SHA, MD5 etc) and manually updating configuration file. Here I am giving new way to do same task programmatically, you can do encrypt or decrypt any project configuration file appSettings or connectionStrings sections programmatically
ASP.NET 2.0 and above makes it extremely easy to encrypt connection strings, encrypt application settings, and encrypt config sections in Web.config either via the command prompt with aspnet_regiis or programmatically in your web applications.
Source Code:
Create application to encrypt or decrypt configuration file using C#/VB.Net windows or web application.
Here I am creating window application using C#.net, Follow the simple four steps to create application.
1) app.config file sections Before Encryption
For example:
2) app.config file sections After Encryption
For example:
2) You can design your window form something like below
3) Code for Encrypt and Decrypt button
NameSpace
using System.Web.Configuration;
Call following function from Encrypt button code behind
Function for Encryption
private int EncryptConfigurationSection(string fileName, string sectionName, string provider)
{
//Creates a FileMap Object to store the File Name of Configuration File
ExeConfigurationFileMap FileMap = new ExeConfigurationFileMap();
//Assigning the File Name to the File Map
FileMap.ExeConfigFilename = fileName;
//Retrieving the Configuration from the File Provided
Configuration config =
ConfigurationManager.OpenMappedExeConfiguration(FileMap, ConfigurationUserLevel.None);
//Checking if the File Provided is a Configuration File Or Not
if (config.HasFile) {
//Retrieve the Section from the Configuration Object
ConfigurationSection section = config.GetSection(sectionName);
//Check if the Section is not null or is not Previously Protected
if (section != null && !section.SectionInformation.IsProtected) {
//Provide Protection to the Section as per the provider
section.SectionInformation.ProtectSection(provider);
//Save the Configuration object and the File
config.Save();
return 1;
}
else{
if (section != null) {return 3;}
else {return 0;}
}
}
else {return 2;}
}
Function for De-Encryption
Call following function from Dncrypt button code behind
private int DncryptConfigurationSection(string fileName, string sectionName)
{
//Creates a FileMap Object to store the File Name of Configuration File
ExeConfigurationFileMap FileMap = new ExeConfigurationFileMap();
//Assigning the File Name to the File Map
FileMap.ExeConfigFilename = fileName;
//Retrieving the Configuration from the File Provided
Configuration config =
ConfigurationManager.OpenMappedExeConfiguration(FileMap, ConfigurationUserLevel.None);
//Checking if the File Provided is a Configuration File Or Not
if (config.HasFile) {
//Retrieve the Section from the Configuration Object
ConfigurationSection section = config.GetSection(sectionName);
//Check if the Section is not null or is not Previously Protected
if (section != null && section.SectionInformation.IsProtected) {
//Remove the Protection from the Section
section.SectionInformation.UnprotectSection();
//Save the Configuration Object and the File
config.Save();
return 1;
}
else {
if (section != null) {return 3;}
else {return 0;}
}
} else {return 2;}
}
Note:
In the above functions 0 to 3 used for
0 --> Wrong Section as per Configuration file
1 --> Successful Encyprtion/Decryption Information
2 --> Wrong Configuration File name
3 --> Configuration section in file is not encrypted
H/W Platform: Dual Processor with 1 GB RAM
S/W Environment: ASP.NET, VB.NET and C#.NET
Posted by Ritesh_Kesharwani at 1:24 AM
2 comments:
Mark Boyer said...
How do you use the encrypted conf file in the target application?
How does the target application access the encrypted values?
9:52 AM
Ritesh_Kesharwani said...
Hi Mark,
From the .NET code if you type configurationManager.Appsettings["Key"], .NET will internally decript and give the value of "Key" from the config file.
You have to create different utility like .exe and give it to client for encript and decript the data.
No comments:
Post a Comment