Click here to Skip to main content
65,938 articles
CodeProject is changing. Read more.
Articles
 
(untagged)

Basic Example of On-The-Fly Config Section Encryption

0.00/5 (No votes)
14 May 2010 1  
Basic Example of On-The-Fly Config Section Encryption

I recently answered a question about how you could securely modify a value within an encrypted configuration website without having to create a duplicate config file. Well, the answer’s pretty simple and straightforward – just use the API!

A quick example page could be:

<%@ Page Language="C#" AutoEventWireup="true" CodeFile="Default.aspx.cs" 

Inherits="_Default" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" 

"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
 <title></title>
</head>
<body>
 <form id="form1" runat="server">
 <div>
     <asp:Button ID="EncryptButton" runat="server" Text="Encrypt" 

	OnClick="EncryptButton_Click" />
     <asp:Button ID="DecryptButton" runat="server" Text="Decrypt" 

	OnClick="DecryptButton_Click" />
     <asp:Button ID="IncrementButton" runat="server" Text="Increment" 

	OnClick="IncrementButton_Click" />
     <asp:Label ID="CountLabel" runat="server" Text="0"></asp:Label>
     <br />
     <asp:Label ID="StatusLabel" runat="server" Text="" 

	EnableViewState="false"></asp:Label>
 </div>
 </form>
</body>
</html>
using System;
using System.Configuration;
using System.Linq;
using System.Web.Configuration;

public partial class _Default : System.Web.UI.Page
{
 /// <summary>
 /// Handles the PreRender event of the Page control.
 /// </summary>
 /// <param name="sender">The source of the event.</param>
 /// <param name="e">The <see cref="System.EventArgs"/> 
 /// instance containing the event data.</param>
 protected void Page_PreRender(object sender, EventArgs e)
 {      
     Configuration confg = WebConfigurationManager.OpenWebConfiguration
	(Request.ApplicationPath);
     ConfigurationSection confStrSect = confg.GetSection(sectionKey);
     StatusLabel.Text = "No Config Section";
     if (confStrSect != null)
     {
         StatusLabel.Text = "Decrypted";
         if (confStrSect.SectionInformation.IsProtected)
         {
             StatusLabel.Text = "Encrypted";
         }
         int count = 0;
         int.TryParse(confg.AppSettings.Settings[countKey].Value, out count);
         CountLabel.Text = count.ToString();
     }   
 }
 
 string providerKey = "RSAProtectedConfigurationProvider";
 string sectionKey = "appSettings";
 string countKey = "Count";

 /// <summary>
 /// Handles the Click event of the EncryptButton control.
 /// </summary>
 /// <param name="sender">The source of the event.</param>
 /// <param name="e">The <see cref="System.EventArgs"/> 
 /// instance containing the event data.</param>
 protected void EncryptButton_Click(object sender, EventArgs e)
 {
     Configuration confg = WebConfigurationManager.OpenWebConfiguration
	(Request.ApplicationPath);
     ConfigurationSection confStrSect = confg.GetSection(sectionKey);
     if (confStrSect != null)
     {
         confStrSect.SectionInformation.ProtectSection(providerKey);
         confg.Save();
     }
 }
 /// <summary>
 /// Handles the Click event of the DecryptButton control.
 /// </summary>
 /// <param name="sender">The source of the event.</param>
 /// <param name="e">The <see cref="System.EventArgs"/> 
 /// instance containing the event data.</param>
 protected void DecryptButton_Click(object sender, EventArgs e)
 {
     Configuration confg = WebConfigurationManager.OpenWebConfiguration
	(Request.ApplicationPath);
     ConfigurationSection confStrSect = confg.GetSection(sectionKey);
     if (confStrSect != null && confStrSect.SectionInformation.IsProtected)
     {
         confStrSect.SectionInformation.UnprotectSection();
         confg.Save();
     }
 }
 /// <summary>
 /// Handles the Click event of the IncrementButton control.
 /// </summary>
 /// <param name="sender">The source of the event.</param>
 /// <param name="e">The <see cref="System.EventArgs"/> 
 /// instance containing the event data.</param>
 protected void IncrementButton_Click(object sender, EventArgs e)
 {
     int count = 0;
     int.TryParse(WebConfigurationManager.AppSettings[countKey], out count);
     count++;
     
     Configuration confg = WebConfigurationManager.OpenWebConfiguration
	(Request.ApplicationPath);
     ConfigurationSection confStrSect = confg.GetSection(sectionKey);
     {
         if (confg.AppSettings.Settings.AllKeys.Contains(countKey))
         {
             confg.AppSettings.Settings[countKey].Value = count.ToString();
         }
         else
         {
             confg.AppSettings.Settings.Add(countKey, count.ToString());
         }
         confg.Save(ConfigurationSaveMode.Modified);
     }
 }
}

Simple!

License

This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here



Permalink

Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Article Copyright 2010 by Martin Jarvis
Everything else Copyright © CodeProject, 1999-2024

Web01 2.8:2024-10-20:1