troubleshooting Question

asp.net 2 c# encrypt/decrypt in class file

Avatar of fwsteal
fwsteal asked on
ASP.NET
17 Comments1 Solution1189 ViewsLast Modified:
What I have is a aspx file that encrypts and decrypts the webconfig file. It works fine, but I'd like to put it into a class file and I'm not sure
how to do it.

-------------
admin/securewebconfig.aspx contents:
 <asp:Label ID="Label1" runat="server"></asp:Label>
 <br />
 <asp:Button ID="ButtonProtect" runat="server" Text="Encrypt" OnClick="ButtonProtect_Click" />
 <asp:Button ID="ButtonUnProtect" runat="server" Text="Decrypt" OnClick="ButtonUnProtect_Click" />
 <br />
 <asp:Label ID="LabelMessage" runat="server"></asp:Label>
-------------

admin/securewebconfig.aspx.cs contents:
 protected void Page_Load(object sender, EventArgs e)
  {
   LabelMessage.Text = "";
   LabelMessage.Visible = false;
   Label1.Text = "In order to secure the Web.Config, please select either of the following buttons:";
  }

 protected void ButtonProtect_Click(object sender, EventArgs e)
  {
   ProtectSection("connectionStrings", "RSAProtectedConfigurationProvider");
   //Utilities.EncryptWebConfig("connectionStrings", "RSAProtectedConfigurationProvider"); //what I'd like to do
  }

 protected void ButtonUnProtect_Click(object sender, EventArgs e)
  {
   UnProtectSection("connectionStrings");
   //Utilities.DeEncryptWebConfig("connectionStrings"); //what I'd like to do
  }

 private void ProtectSection(string sectionName, string provider)
  {
   Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
   ConfigurationSection section = config.GetSection(sectionName);
   if (section != null && !section.SectionInformation.IsProtected)
    {
     try
      {
       section.SectionInformation.ProtectSection(provider);
       config.Save();
       LabelMessage.Visible = true;
       LabelMessage.Text = "The webconfig is protected by the means of encryption throught the RSAProtectedConfigurationProvider.";
      }
     catch (Exception ex)
      {
       LabelMessage.Visible = true;
       LabelMessage.Text = ex.ToString();
       LabelMessage.Text += "<br /> <br />The ASP.NET process account (either the local ASPNET or Network Service account, by default) ";
       LabelMessage.Text += "must have write permission granted for the Web.config file.";
      }
    }
   else
    {
     LabelMessage.Visible = true;
     LabelMessage.Text = "Sorry there was an error meeting your request.";
    }
  }

 private void UnProtectSection(string sectionName)
  {
   Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
   ConfigurationSection section = config.GetSection(sectionName);
   if (section != null && section.SectionInformation.IsProtected)
    {
     try
      {
       section.SectionInformation.UnprotectSection();
       config.Save();
       LabelMessage.Visible = true;
       LabelMessage.Text = "The webconfig is unprotected and is no longer encrypted.";
      }
     catch (Exception ex)
      {
       LabelMessage.Visible = true;
       LabelMessage.Text = ex.ToString();
       LabelMessage.Text += "<br /> <br />The ASP.NET process account (either the local ASPNET or Network Service account, by default) ";
       LabelMessage.Text += "must have write permission granted for the Web.config file.";
      }
    }
   else
    {
     LabelMessage.Visible = true;
     LabelMessage.Text = "Sorry there was an error meeting your request.";
    }
  }
-------------

app_code/bll/clsUtilities.cs contents:
public static class Utilities
 {
  static Utilities()
   {
    // TODO: Add constructor logic here
   }

  public static string EncryptWebConfig(String connectionStrings, string RSAProtectedConfigurationProvider) //not sure if this is correct
   {
    //?
   }
 
  public static string DeEncryptWebConfig(String connectionStrings) //not sure if this is correct
   {
    //?
   }
ASKER CERTIFIED SOLUTION
nauman_ahmed

Our community of experts have been thoroughly vetted for their expertise and industry experience.

Join our community to see this answer!
Unlock 1 Answer and 17 Comments.
Start Free Trial
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 17 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros