Encrypting and Decrypting AppConfig

  • Thread starter Thread starter Dilum
  • Start date Start date
D

Dilum

Hi,

You can encrypt and decrypt AppConfig using the
"ConfigurationSection.SectionInformation.ProtectSection" method as follows.

//To Encrypt
Configuration config =
ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
ConfigurationSection cons = config.AppSettings;

cons.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
cons.SectionInformation.
cons.SectionInformation.ForceSave = true;
config.Save(ConfigurationSaveMode.Full);

//To Decrypt
Configuration config =
ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
ConfigurationSection cons = config.AppSettings;
cons.SectionInformation.UnprotectSection();
cons.SectionInformation.ForceSave = true;
config.Save(ConfigurationSaveMode.Full);


But the limitation here is that it is machine specific, in the sense that
you can only decrypt in the same machine where you encrypted it. For an
example say that you want to deliver a solution to a customer with sections
in AppConfig encrypted, once you encrypted it in the developer pc, you wont
be able to access information in AppConfig in client's pc even through the
program.

So this is not possible if the machines are changed in the process. Seems it
takes internal machine specific keys to do the encryption and seems there is
no way to specify a custom key which can be delivered to the customer for
decryption. Even the class "SectionInformation" is seeled so that cannot
derive it and do any modifiations.

One way to overcome this is by, encrypting it while installing using a post
action command in the Setup project. So then it will become machine specific
and can decrypted as needed. But what I want to know is, is there any other
work arround for this? I would like to know all the other ways if there are
possibilities to do this.

Please let me know if you know anything regarding this.

Thank you
Dilum
 
Back
Top