Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

External app config and encryption of settings

Posted on 2016-09-30
1
Medium Priority
?
208 Views
Last Modified: 2016-10-17
We have a number of applications and services that need to share an external app config file. The external file contains a configSection with information that we which to encrypt.
Each service and application resides in its own application folder, and that is where the problems begin to escalate.
In the App.config, external files can be referenced with either ‘configSource’ or ‘file’ attribute. ‘configSource’ cannot be used because the external config file does not reside in the app folder or in app sub folders. Threrefore we have to use the ‘file’ attribute.
<customSettings file=”path to setting”/>
The ‘customSettings’ configSection has been defined as followed:
<configSections>
    <section name="customSettings" type="System.Configuration.NameValueFileSectionHandler, System, Version=2.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089"/>
  </configSections>
I’m then trying to encrypt the configSection using code like this:
Configuration config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
ConfigurationSection section = config.GetSection("customSettings");

if (!section.SectionInformation.IsProtected)
{
  section.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
  config.Save();
}
Because I’m using the file attribute (I suspect). The config section is encrypted in App.config and the external file is not. What gets encrypted in App.config is just <customSettings file=”path to setting”/>. Which is pretty useless.

This means that the Individual applications and services cannot encrypt the external config file.
I then had the idea that I would place a small application residing in the same directory as the external config file. The purpose of this application was to encrypt the external config file by using ‘configSource’ attribute instead. This approach does not work at all. Nothing happens, and nothing is encrypted.

To investigate a little further I placed the ‘customSettings’ in the App.config and encrypted the section successfully. I then copied the encrypted data to the external file to test if encryption could work in the external config file. This works fine with the ‘configSource’ but throws an exception when using the ‘file’ attribute. Exception thrown: Unrecognized attribute 'configProtectionProvider'
Since we must use the ‘file’ attribute in the app.config I now have 2 problems.
1)      Cannot encrypt external file.
2)      If the external file is manually encrypted, I cannot read it using the ‘file’ attribute.
0
Comment
Question by:Thomas Koehrsen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 20

Accepted Solution

by:
Daniel Van Der Werken earned 2000 total points
ID: 41823596
Sorry. I'm not completely following. It appears you're attempting to store sensitive data in a file and read it programmatically, and you want to use the data within the app.

And the app.config is giving you troubles with this.

And you have multiple applications using the same app.config.

If it were me, I'd jump ship on the app.config usage idea and roll my own process.

1. Create a common file available in a location all applications have access. You can use the appSettings section of the app.config to point to the location of this file.

2. Encrypt the file with a common key stored in the app.config, or use the machine key for that system, or some other means.

3. Use standard C# encryption and decryption methods to encrypt/decrypt the information in the file using standard System.IO and System.Cryptography means.

4. Store the data in some pre-defined format. You can use XML or JSON or even just some format of your own like each line with bars (|) delimiting the info:

server|username|password

Then you can use the string.Split() method to read the expected data and parse it once the data has been decrypted using standard means.

Otherwise, I'm sorry, I don't have the experience or knowledge about the app.config usage to assist. I'm wondering if it might behoove you to move past that attempt as it seems you've run into a number of possible limitations already.
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

More often than not, we developers are confronted with a need: a need to make some kind of magic happen via code. Whether it is for a client, for the boss, or for our own personal projects, the need must be satisfied. Most of the time, the Framework…
This article is for Object-Oriented Programming (OOP) beginners. An Interface contains declarations of events, indexers, methods and/or properties. Any class which implements the Interface should provide the concrete implementation for each Inter…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Please read the paragraph below before following the instructions in the video — there are important caveats in the paragraph that I did not mention in the video. If your PaperPort 12 or PaperPort 14 is failing to start, or crashing, or hanging, …

604 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question