Click here to Skip to main content
8,866,705 members and growing!
  
Email Password   Lost password?
Search within:



add
Add to your CodeProject bookmarks
Print Article
Site map
 » Web Development » ASP.NET » Howto
Licence CPOL
First Posted 25 Apr 2011
Views 6,946
Bookmarked 15 times

Encrypt .Net Configuration file

By | 25 Apr 2011 | Technical Blog
Under some scenarios the developers want to encrypt some sections inside app.config or web.config file, this article How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA describes how to do so clearly, Scott Guthrie also posted one: Encrypting Web.Config Values in ASP.NET 2.0.However, in
ArticleBrowse CodeStatsRevisions (3)Alternatives
  Discuss
Discuss this article
 8  
A Technical Blog article. View original blog here.[^]

Under some scenarios the developers want to encrypt some sections inside app.config or web.config file, this article How To: Encrypt Configuration Sections in ASP.NET 2.0 Using RSA describes how to do so clearly, Scott Guthrie also posted one: Encrypting Web.Config Values in ASP.NET 2.0.

However, in the posts above they uses aspnet_regiis.exe and seems it doesn’t directly support app.config, if we want to encrypt app.config for Windows Form or WPF applications, while I tried use it to encrypt my app.config file, it generates a web.config which means my Winform definitely can’t use it, even if I copy the encrypted appSettings section from this generated web.config to my own app.config(ConfigurationManager.AppSettings[EncryptedKeyName] is null after I did that).

Config Encrypt

Encrypted WebConfig

After several minutes google search and testing I found the code below is simple and very straight forward to achieve this:

Configuration config = ConfigurationManager.OpenExeConfiguration(
    ConfigurationUserLevel.None);

SectionInformation appSettingsSecInfo = config.GetSection(
   "appSettings").SectionInformation;
if (!appSettingsSecInfo.IsProtected)
{
    Console.WriteLine("The configuration file has NOT been protected!");

    // Encrypt this section by using security provider 
    // (RsaProtectedConfigurationProvider or DpapiProtectedConfigurationProvider).
    appSettingsSecInfo.ProtectSection("RsaProtectedConfigurationProvider");
    appSettingsSecInfo.ForceSave = true;

    config.Save(ConfigurationSaveMode.Full);
}

This code snippet will do the encryption job and works for both app.config/web.config, here is the MSDN definition page for SectionInformation.ProtectSection:
http://msdn.microsoft.com/en-us/library/system.configuration.sectioninformation.protectsection.aspx

References:

Overview of Protected Configuration: 

http://msdn.microsoft.com/en-us/library/hh8x3tas.aspx

RsaProtectedConfigurationProvider Class:
http://msdn.microsoft.com/en-us/library/system.configuration.rsaprotectedconfigurationprovider.aspx

DpapiProtectedConfigurationProvider Class:
http://msdn.microsoft.com/en-us/library/system.configuration.dpapiprotectedconfigurationprovider.aspx

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Wayne Ye

Software Developer (Senior)
SAP Labs Shanghai
China China

Member

Follow on Twitter Follow on Twitter
Wayne is a software developer, Tech Lead and also a geek. He has more than 6 years' experience in Web development(server: ASP.NET (MVC), Web Service, IIS; Client: HTML/CSS/JavaScript/jQuery/AJAX), Windows development (Winform, Windows Service, WPF/Silverlight, Win32 API and WMI) and SQL Server. Deep understanding of GOF Design Patterns, S.O.L.i.D principle, MVC, MVVM, Domain Driven Design, SOA, REST and AOP.
 
Wayne's Geek Life http://WayneYe.com
 
Infinite passion on programming!

Article Top
 
Sign Up to vote   Poor Excellent
Add a reason or comment to your vote: x
Votes of 3 or less require a comment

Comments and Discussions

 
You must Sign In to use this message board. (secure sign-in)
 
Search this forum  
 FAQ
    Noise  Layout  Per page   
  RefreshFirst Prev Next
GeneralMy vote of 4 PinmemberCrawfis5:41 29 Dec '11  
GeneralOriginal Reference PinmemberMEhran.NET23:17 2 May '11  
GeneralRe: Original Reference PinmemberWayne Ye1:17 4 May '11  
GeneralRe: Original Reference PinmemberCrawfis5:41 29 Dec '11  
GeneralMy vote of 1 PinmemberMEhran.NET23:14 2 May '11  
GeneralExcellent. PinmemberRene Pilon11:08 26 Apr '11  
GeneralRe: Excellent. PinmemberWayne Ye16:04 26 Apr '11  
GeneralMy vote of 5 PinmemberOshtri Deka3:24 26 Apr '11  
Last Visit: 14:02 25 May '12     Last Update: 10:02 25 May '12 1

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Mobile
Web04 | 2.5.120517.1 | Last Updated 25 Apr 2011
Article Copyright 2011 by Wayne Ye
Everything else Copyright © CodeProject, 1999-2012
Terms of Use
Layout: fixed | fluid

The Code Project Insider. Free each morning.
TripleDES Encrypted Configuration File
.NET Encryption Simplified
Unraveling the Mysteries of .NET 2.0 Configuration
Secutirty at your Hands: Encryption of Configuration file in Whidbey
Cracking the Mysteries of .NET 2.0 Configuration
A .NET Encryption Library
Encrypt/Self Decrypt Files in Native C++ and .NET
File Encryption Utility
Personalize .NET Configuration Files with NANT
Securing Configuration Files in ASP.NET
.NET Symmetric File Encryption Object
Custom Configuration Sections in .NET
Programmatic Adding Custom Encrypted Configuration Section in ASP.NET
Decoding the Mysteries of .NET 2.0 Configuration
Tamper-proof and Obfuscate your Configuration Files
Using Encryption in .NET
Vernam encryption/decryption of files
Custom Configuration Sections in .NET 2.0
Encrypt and Decrypt Configuration Sections in ASP.NET 2.0
Encrypting Log Files