Created
August 31, 2012 01:02
-
-
Save alexanderscott/3547051 to your computer and use it in GitHub Desktop.
app.config encryption mechanism in .NET
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/* | |
* Encrypt private data such as authentication keys and db connection strings inside app.config | |
* or web.config of a .NET project. Import this class inside a project and call | |
* ProtectConnectionString() to encrypt and UnprotectConnectionString() to decrypt the XML data. | |
* With a standalone executable, the config file will be built alongside the exe with .config | |
* appended. Manage multiple config files for different production environments. | |
* Important: make sure the process is single-threaded for security. | |
*/ | |
using System; | |
using System.Collections.Generic; | |
using System.Linq; | |
using System.Text; | |
namespace Example.Settings | |
{ | |
public static class ConfigEncryptor | |
{ | |
public static void ProtectConnectionString() | |
{ | |
ToggleConnectionStringProtection | |
(System.Windows.Forms.Application.ExecutablePath, true); | |
} | |
public static void UnprotectConnectionString() | |
{ | |
ToggleConnectionStringProtection | |
(System.Windows.Forms.Application.ExecutablePath, false); | |
} | |
private static void ToggleConnectionStringProtection | |
(string pathName, bool protect) | |
{ | |
// Define the Dpapi provider name - choose DP or RSA | |
//string strProvider = "DataProtectionConfigurationProvider"; | |
string strProvider = "RSAProtectedConfigurationProvider"; | |
System.Configuration.Configuration oConfiguration = null; | |
System.Configuration.ConnectionStringsSection oSection = null; | |
try | |
{ | |
// Open the configuration file and retrieve | |
// the connectionStrings section. | |
// For Web | |
// oConfiguration = System.Web.Configuration. | |
// WebConfigurationManager.OpenWebConfiguration("~"); | |
// For Windows | |
// Takes the executable file name without the config extension. | |
oConfiguration = System.Configuration.ConfigurationManager. | |
OpenExeConfiguration(pathName); | |
if (oConfiguration != null) | |
{ | |
bool blnChanged = false; | |
oSection = oConfiguration.GetSection("connectionStrings") as | |
System.Configuration.ConnectionStringsSection; | |
if (oSection != null) | |
{ | |
if ((!(oSection.ElementInformation.IsLocked)) && | |
(!(oSection.SectionInformation.IsLocked))) | |
{ | |
if (protect) | |
{ | |
if (!(oSection.SectionInformation.IsProtected)) | |
{ | |
blnChanged = true; | |
// Encrypt the section. | |
oSection.SectionInformation.ProtectSection | |
(strProvider); | |
} | |
} | |
else | |
{ | |
if (oSection.SectionInformation.IsProtected) | |
{ | |
blnChanged = true; | |
// Remove encryption. | |
oSection.SectionInformation.UnprotectSection(); | |
} | |
} | |
} | |
if (blnChanged) | |
{ | |
// Indicates whether the associated configuration section | |
// will be saved even if it has not been modified. | |
oSection.SectionInformation.ForceSave = true; | |
// Save the current configuration. | |
oConfiguration.Save(); | |
} | |
} | |
} | |
} | |
catch (System.Exception ex) | |
{ | |
throw (ex); | |
} | |
finally | |
{ | |
} | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment