Encrypting and Decrypting Webconfig



We can encrypt anything which is written in web.config

    <appSettings>
    <add key="SecretCode" value="123" />
  </appSettings>

  
  

We need two namespaces for it.

using System.Configuration;
using System.Web.Configuration;

Codesnippet for encryption

public void EncryptConnString()
    {
        //***********************Encrypting ****************


       Configuration config = configurationManager.OpenWebConfiguration(Request.ApplicationPath);
        ConfigurationSection section = config.GetSection("appSettings");
        if (!section.SectionInformation.IsProtected)
        {
            section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");
            config.Save();
        }
    }

Codesnippet for Decryption


public void DecryptConnString()
    {
        //********************************Decrypting *************************
        Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
        ConfigurationSection section = config.GetSection("appSettings");
        if (section.SectionInformation.IsProtected)
        {
            section.SectionInformation.UnprotectSection();
            config.Save();
        }

RsaProtectedConfigurationProvider

The RsaProtectedConfigurationProvider uses the machine account or the user account to encrypt the keys and save them in a file which called “key container”, which usually saved in C:\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA

Encryption of password

Namespace that can be used is :

using System.Security.Cryptography;
using System.Web.UI;

Logic behind this is loop through the password one charactor at a time and convert each charactor to ascii,
then take the ascii value and do some math on it thats done by TripleDESCryptoServiceProvider and then convert the new value back to a charactor.
codesnippet for encryption

public static String Encrypt(String val)
    {
        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        byte[] toEncrypt = Encoding.UTF8.GetBytes(val);
        MemoryStream ms = new MemoryStream();
        CryptoStream cs = new CryptoStream(ms, tdes.CreateEncryptor(sharedkey,sharedvector), CryptoStreamMode.Write);
        cs.Write(toEncrypt, 0, toEncrypt.Length);
        cs.FlushFinalBlock();
        return Convert.ToBase64String(ms.ToArray());
    } 

codesnippet for Decryption

TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
        byte[] toDecrypt = Convert.FromBase64String(val);
        MemoryStream ms = new MemoryStream();
        CryptoStream cs = new CryptoStream(ms, tdes.CreateDecryptor(sharedkey,sharedvector), CryptoStreamMode.Write);
        cs.Write(toDecrypt, 0, toDecrypt.Length);
        cs.Flush();


        //cs.FlushFinalBlock();
        return Encoding.UTF8.GetString(ms.ToArray());

 private byte[] sharedkey = GetLegalKey("Welcome to my blog");
        
        private byte[] sharedvector = GetLegalKey("Thanks for visiting my blog");

        private static byte[] GetLegalKey(string Key)
        {
            return ASCIIEncoding.ASCII.GetBytes(Key.Length < 24 ? Key.PadRight(24) : Key.Substring(0, 24));
        }

But we need to make sure that when you convert the ascii back to a char that it is with in the readable values. The readable ascii values are 33 to 126


Show my IP address

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: