DpapiProtectedConfigurationProvider Class
Provides a ProtectedConfigurationProvider object that uses the Windows data protection API (DPAPI) to encrypt and decrypt configuration data.
System.Configuration.Provider.ProviderBase
System.Configuration.ProtectedConfigurationProvider
System.Configuration.DpapiProtectedConfigurationProvider
Assembly: System.Configuration (in System.Configuration.dll)
The DpapiProtectedConfigurationProvider type exposes the following members.
| Name | Description | |
|---|---|---|
|
DpapiProtectedConfigurationProvider | Initializes a new instance of the DpapiProtectedConfigurationProvider class using default settings. |
| Name | Description | |
|---|---|---|
|
Description | Gets a brief, friendly description suitable for display in administrative tools or other user interfaces (UIs). (Inherited from ProviderBase.) |
|
|
Name | Gets the friendly name used to refer to the provider during configuration. (Inherited from ProviderBase.) |
|
|
UseMachineProtection | Gets a value that indicates whether the DpapiProtectedConfigurationProvider object is using machine-specific or user-account-specific protection. |
| Name | Description | |
|---|---|---|
|
|
Decrypt | Decrypts the passed XmlNode object. (Overrides ProtectedConfigurationProvider.Decrypt(XmlNode).) |
|
|
Encrypt | Encrypts the passed XmlNode object. (Overrides ProtectedConfigurationProvider.Encrypt(XmlNode).) |
|
|
Equals(Object) | Determines whether the specified Object is equal to the current Object. (Inherited from Object.) |
|
Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
|
|
GetHashCode | Serves as a hash function for a particular type. (Inherited from Object.) |
|
|
GetType | Gets the Type of the current instance. (Inherited from Object.) |
|
|
Initialize | Initializes the provider with default settings. (Overrides ProviderBase.Initialize(String, NameValueCollection).) |
|
|
MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
|
|
ToString | Returns a string that represents the current object. (Inherited from Object.) |
The DpapiProtectedConfigurationProvider allows you to protect sensitive information stored in a configuration file from unauthorized access.
You use the standard DpapiProtectedConfigurationProvider by declaring the provider and appropriate settings in the configuration file rather than creating an instance of this class. Refer to the next example.
For more information about Protected Configuration, see Encrypting Configuration Information Using Protected Configuration.
The DpapiProtectedConfigurationProvider uses the Windows built-in cryptographic services and can be configured for either machine-specific or user-account-specific protection. Machine-specific protection is useful for anonymous services but provides less security. User-account-specific protection can be used with services that run with a specific user identity.
The following example shows how to use the standard DpapiProtectedConfigurationProvider to protect or unprotect a configuration section.
The following configuration excerpts show the configuration section before and after the protection has been applied.
<?xml version="1.0" encoding="utf-8" ?>
<configuration>
<connectionStrings>
<add name="NorthwindConnectionString"
connectionString="Data Source=webnetue2;Initial Catalog=Northwind;User ID=aspnet_test;Password=test"
providerName="System.Data.SqlClient" />
</connectionStrings>
</configuration>
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<connectionStrings>
<EncryptedData>
<CipherData> <CipherValue>AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAcAMh0jIC1kigyFfd9AUZfQQAAAACAAAAAAADZgAAqAAAABAAAADQwbQ2DgIgIlqskE1RI9UpAAAAAASAAACgAAAAEAAAAAXlYBxi3jhM6wv4sxLhugsQAgAAgoReHZS2406dc/AyRDd6WuNr4ihHn6fbipd4tzHEmeuyS4o4fS4CmT3jMt/WjsP/kR7TF4ygwr2GG47podK79ECpVCZHAgctCauCYjE2Ls3iphKXy/pHic2o6aaClt/xPm+fb4OfODv6XjrJhJzGK2lqUPXkyJN1w2zwh6OVpDQF9N8vTyxL4eitp35/M5zYbW7e6VVAgYUOxlNxgCV5+jXpUKh/rPovopTD392u8KavqQFW1iu+gBPSPq/xeZNz+qYMKbUl+r4VTzBQg3fPlRxp1lNZmM2yRgUbkYPNaFb9ihS7GAg5/wZn8lLmThvq39eA0Vlp6hDE92iop885umELt0/NBKf5umQCqqz9EXXLbmmGc7qoLqTaYVuOmqx0LsvrJL0wSL1dSySCjmB/dNAtVUYgg02eWQNKyaLqnpMdCbTLLQ/oCKuNkL5OQ7t1yl5wQGjQhieIRzLtrMgpTSyaHbqDsRurp9Bc5mM078IAg1hXquQNKlJC/wiJ9kbHerFCbtuLGy/7nXVrFH91ud4U4ExCJEuhoTdmuql5kbqYd6Ye/bu2CftPni19nDkSJ8w4NoqMNKbK3Mi/Cd0o113HsVYlETMv1vlJWZWYP91PK9trixiY4E0G81c6IKITjHDrOJ9evdw2T1/TrvY6pzre3UXSJbFMDQVX6JoAxFk02SRZDKOZdRojeoX19lgrFAAAABzjlz3Qg2as3vn7MRQVxDfZucgE</CipherValue>
</CipherData>
</EncryptedData>
</connectionStrings>
<configProtectedData defaultProvider="RsaProtectedConfigurationProvider">
<providers>
<clear />
<add keyContainerName="NetFrameworkConfigurationKey" cspProviderName=""
useMachineContainer="true" useOAEP="false" description="Uses RsaCryptoServiceProvider to encrypt and decrypt"
name="RsaProtectedConfigurationProvider" type="System.Configuration.RsaProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
<add useMachineProtection="true" description="Uses CryptProtectData and CryptUnProtectData Windows APIs to encrypt and decrypt"
keyEntropy="" name="DataProtectionConfigurationProvider" type="System.Configuration.DpapiProtectedConfigurationProvider,System.Configuration, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b03f5f7f11d50a3a" />
</providers>
</configProtectedData>
</configuration>
-
NamedPermissionSet
for full access to system resources. Demand value: Demand; Associated state: FullTrust
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
