As we all know there are a lot of reasons why we should encrypt/protect our configuration file or the app.config file for windows(winforms). So if you are interested on how to do it.
Read on.....
Here is my configuration file
App.config
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Configuration;
using System.Data.OleDb;
namespace EncryptAppConfigFile
{
public partial class frmConenctionString : Form
{
public frmConenctionString()
{
InitializeComponent();
}
///
/// if the user clicks this button(protect button) let's try to encrypt our configuration file(app.config)
///
private void btnProctect_Click(object sender, EventArgs e)
{
//open the configuration file,
Configuration myConfig = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
//after opening lets get the connection string section
ConnectionStringsSection mySection = myConfig.ConnectionStrings;
if (mySection != null)
{
// if the connectionstring is not protected we have to protect the section
if (!mySection.SectionInformation.IsProtected)
{
mySection.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");
mySection.SectionInformation.ForceSave = true;
}
}
myConfig.Save(ConfigurationSaveMode.Full);
}
private void btnGetSomething_Click(object sender, EventArgs e)
{
// someone ask me!
// question: if the <connectionstring> section is encrypted can it still be used to open a database
// ans: yes
using (OleDbConnection con = new OleDbConnection(ConfigurationManager.ConnectionStrings["MyConnectionString"].ConnectionString))
{
using(OleDbCommand cmd = new OleDbCommand ("SELECT TOP 1 Company FROM Customers",con))
{
con.Open();
using (OleDbDataReader rdr = cmd.ExecuteReader())
{
if (rdr.HasRows)
{
rdr.Read();
MessageBox.Show(rdr[0].ToString());
}
}
}
}
}
}
}
Protected/Encrypted Appconfig.file
If someone wishes to click the button(Protect Connection String) -> see results below
Rsa Key j7AJRpyn3yF2XwTwWkm7BAKvMBxPaLphuIYgrBKN0Cvct6gaU0/56btcWx9bpXMpJ8LteANXmetIUtPJ44zIQV/X2VY2vEbJPUZg8C+qhGYblOrPz05FO89W7onAeb5ZNjI0QpKtovG3jmVmf2kZvEW4RFxo5s2Vep1N1ykIXoU= SBPYkzdFkacEb8YZCZ1QQs1Tcs87Q1RPT0xqfQuPAaOIrsI3Wm57oOLkw6V1yBqqScIJU/cGlhznz/1f5JcKZh3BrlSEg9KtdxJW5VVj343vv/HBhsuhT2yBVLPY5vX1pMH3fkxQQ9UvNbt8AQ709KTvOmDtiNJ8PbPb0bs65AK5wfXMkeHGZ7/VhT/FBQgVfdFnwX0xSrH1Pl3TautZwJKQHJgFq6nI4/xoQ6KVCFDdDFb8DiB8uQivR1ZZSInLypEZ6NMIbXoPD1fPNHd8c6LtLvVF7bSYoMzrDXiUXkZlncl0RT5HTBJszEN4WRCHAnrRVA6F+kof6FayGhodNk7pglleVj2c3VOpgCCnDNeMUE+M/izmbxRQoFjYPZWFhk5oGnUMeDHhhzaStmyP3fqcDMUKS0zVqIdnlAqQXi4hjEOWQ8cJRNZWd4qGvHi419JPiCqvJYFJq5zQeWaXf7A4bQlUOv2IeoaTjGzNVRztLpP2YuAJa5teK8vIKOsQB8+cHv+yd1uvpS9/S+i9Q+vyXu8fb9SW0APzx79YTiYgXYhJgREg1qsJTijQ5rgG+gq2ws6Z8/k=
sample output(connecting and fectching a record while app.config file/connectionstring is protected)!
3 comments:
This is a nice article..
Its easy to understand ..
And this article is using to learn something about it..
c#, dot.net, php tutorial, Ms sql server
Thanks a lot..!
ri80
thanks!
Great article! This is exactly what I was looking for. Is there a way to build your solution with your app config file already encrypted?
Post a Comment