Protected Configuration Provider Implementation Example
The following code example shows how to implement a protected configuration provider. For details about how to build this provider and use it in an ASP.NET application, see How to: Build and Run the Protected Configuration Provider Example.
using System; using System.Xml; using System.Security.Cryptography; using System.IO; using System.Text; using System.Configuration.Provider; using System.Collections.Specialized; using System.Configuration; namespace Samples.AspNet.ProtectedConfiguration { public class TripleDESProtectedConfigurationProvider : ProtectedConfigurationProvider { private TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider(); private string pKeyFilePath; private string pName; public string KeyFilePath { get { return pKeyFilePath; } } // // ProviderBase.Name // public override string Name { get { return pName; } } // // ProviderBase.Initialize // public override void Initialize(string name, NameValueCollection config) { pName = name; pKeyFilePath = config["keyFilePath"]; ReadKey(KeyFilePath); } // // ProtectedConfigurationProvider.Encrypt // public override XmlNode Encrypt(XmlNode node) { string encryptedData = EncryptString(node.OuterXml); XmlDocument xmlDoc = new XmlDocument(); xmlDoc.PreserveWhitespace = true; xmlDoc.LoadXml("<EncryptedData>" + encryptedData + "</EncryptedData>"); return xmlDoc.DocumentElement; } // // ProtectedConfigurationProvider.Decrypt // public override XmlNode Decrypt(XmlNode encryptedNode) { string decryptedData = DecryptString(encryptedNode.InnerText); XmlDocument xmlDoc = new XmlDocument(); xmlDoc.PreserveWhitespace = true; xmlDoc.LoadXml(decryptedData); return xmlDoc.DocumentElement; } // // EncryptString // Encrypts a configuration section and returns the encrypted // XML as a string. // private string EncryptString(string encryptValue) { byte[] valBytes = Encoding.Unicode.GetBytes(encryptValue); ICryptoTransform transform = des.CreateEncryptor(); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, transform, CryptoStreamMode.Write); cs.Write(valBytes, 0, valBytes.Length); cs.FlushFinalBlock(); byte[] returnBytes = ms.ToArray(); cs.Close(); return Convert.ToBase64String(returnBytes); } // // DecryptString // Decrypts an encrypted configuration section and returns the // unencrypted XML as a string. // private string DecryptString(string encryptedValue) { byte[] valBytes = Convert.FromBase64String(encryptedValue); ICryptoTransform transform = des.CreateDecryptor(); MemoryStream ms = new MemoryStream(); CryptoStream cs = new CryptoStream(ms, transform, CryptoStreamMode.Write); cs.Write(valBytes, 0, valBytes.Length); cs.FlushFinalBlock(); byte[] returnBytes = ms.ToArray(); cs.Close(); return Encoding.Unicode.GetString(returnBytes); } // // CreateKey // Generates a new TripleDES key and vector and writes them // to the supplied file path. // public void CreateKey(string filePath) { des.GenerateKey(); des.GenerateIV(); StreamWriter sw = new StreamWriter(filePath, false); sw.WriteLine(ByteToHex(des.Key)); sw.WriteLine(ByteToHex(des.IV)); sw.Close(); } // // ReadKey // Reads in the TripleDES key and vector from the supplied // file path and sets the Key and IV properties of the // TripleDESCryptoServiceProvider. // private void ReadKey(string filePath) { StreamReader sr = new StreamReader(filePath); string keyValue = sr.ReadLine(); string ivValue = sr.ReadLine(); des.Key = HexToByte(keyValue); des.IV = HexToByte(ivValue); } // // ByteToHex // Converts a byte array to a hexadecimal string. // private string ByteToHex(byte[] byteArray) { string outString = ""; foreach (Byte b in byteArray) outString += b.ToString("X2"); return outString; } // // HexToByte // Converts a hexadecimal string to a byte array. // private byte[] HexToByte(string hexString) { byte[] returnBytes = new byte[hexString.Length / 2]; for (int i = 0; i < returnBytes.Length; i++) returnBytes[i] = Convert.ToByte(hexString.Substring(i*2, 2), 16); return returnBytes; } } }
Show: