p2p.wrox.com Forums

Need to download code?

View our list of code downloads.


  Return to Index  

aspdotnet_website_programming thread: RE: Encrypted Config File Example


Message #1 by "Claude Wynne" <claudew@i...> on Wed, 19 Feb 2003 11:56:24 -0800
Here is a modified ModuleConfig class which uses an encrypted
configuration file.  The only change to the web.config file you need to
make is to add a "SiteID" key under AppSettings which should have your
key for encryption. You may want to use an alternative way of storing
your key, but you can't store it in the database because you need the
configuration file to get the connection string.  This class will try to
find a .Encrypted.Config file.  If none exists, it will open the
unencrypted .Config file and immediately save it as an encrypted
.Encrypted.Config file.  You can then delete or move the original
.Config file. Here is the code:


	using System.Security.Cryptography;


	public class ModuleConfig
	{
		public static ModuleSettings GetSettings()
		{
			string secretPhrase 
ConfigurationSettings.AppSettings["SiteID"];
			CryptoStream decryptStream = null;       //
Stream used to encrypt
			RijndaelManaged rijndael = null;         //
Rijndael provider
			ICryptoTransform rijndaelDecrypt = null; //
Encrypting object
			FileStream fs = null; // 

			// Initialize internal values
			byte[] _Key = new byte[24];
			byte[] _IV = new byte[16]; 

			// Perform a hash operation using the phrase.
This will 
			// generate a unique 32 character value to be
used as the key.
			byte[] bytePhrase 
Encoding.ASCII.GetBytes(secretPhrase);
			SHA384Managed sha384 = new SHA384Managed();
			sha384.ComputeHash(bytePhrase);
			byte[] result = sha384.Hash;

			// Transfer the first 24 characters of the
hashed value to the key
			// and the remaining 8 characters to the
intialization vector.
			for( int loop=0; loop<24; loop++ ) _Key[loop] 
result[loop];
			for( int loop=24; loop<40; loop++ ) _IV[loop-24]
= result[loop];

			HttpContext context = HttpContext.Current;

			ModuleSettings data 
(ModuleSettings)context.Cache["Accounts_Settings"];

			if (data == null)
			{
				XmlSerializer serializer = new
XmlSerializer(typeof(ModuleSettings));
				try
				{
					string fileName 
HttpContext.Current.Server.MapPath(GetSettingsFile());
					fileName 
fileName.Replace(".Config",".Encrypted.Config");
					if(!File.Exists(fileName))
					{
						data 
GetUnEncryptedSettings();
					}
					else
					{
						// create a filestream
to read the XML document
						fs = new
FileStream(fileName, FileMode.Open);	          

						// Create the crypto
objects
						rijndael = new
RijndaelManaged();
						rijndaelDecrypt 
rijndael.CreateDecryptor(_Key,_IV);
						decryptStream = new
CryptoStream(
							fs,
rijndaelDecrypt, CryptoStreamMode.Read);


						// use the Deserialize
method to retrieve the oject state
						data 
(ModuleSettings)serializer.Deserialize(decryptStream);
      				
	
context.Cache.Insert("Accounts_Settings", data, new
CacheDependency(fileName));
					}
				}
				finally
				{
					if( rijndael != null )
rijndael.Clear();
					if( rijndaelDecrypt != null )
rijndaelDecrypt.Dispose();
					if( fs != null ) fs.Close();
				}
			}
			
			return data;
		}

		public static ModuleSettings GetUnEncryptedSettings()
		{
			HttpContext context = HttpContext.Current;
			string fileName 
HttpContext.Current.Server.MapPath(GetSettingsFile());

			ModuleSettings data 
(ModuleSettings)context.Cache["Accounts_Settings"];
			if(data != null)
			{
	
context.Cache.Remove("Accounts_Settings");
			}
			else
			{				
				XmlSerializer serializer = new
XmlSerializer(typeof(ModuleSettings));
				try
				{
					// create a filestream to read
the XML document
					FileStream fs = new
FileStream(fileName, FileMode.Open);	          
					// use the Deserialize method to
retrieve the oject state
					data 
(ModuleSettings)serializer.Deserialize(fs);
					fs.Close();

				}
				catch (System.IO.FileNotFoundException)
				{
					// if the file is not found,
return a new empty class
					data = new ModuleSettings();
				}
			}

			SaveSettings(data);
			fileName 
fileName.Replace(".Config",".Encrypted.Config");
			context.Cache.Insert("Accounts_Settings", data,
new CacheDependency(fileName));
			return data;
		}


		public static void SaveSettings(ModuleSettings data)
		{
			string secretPhrase 
ConfigurationSettings.AppSettings["SiteID"];

			CryptoStream encryptStream = null;       //
Stream used to encrypt
			RijndaelManaged rijndael = null;         //
Rijndael provider
			ICryptoTransform rijndaelEncrypt = null; //
Encrypting object
			FileStream fs = null; // 

			// Initialize internal values
			byte[] _Key = new byte[24];
			byte[] _IV = new byte[16]; 

			// Perform a hash operation using the phrase.
This will 
			// generate a unique 32 character value to be
used as the key.
			byte[] bytePhrase 
Encoding.ASCII.GetBytes(secretPhrase);
			SHA384Managed sha384 = new SHA384Managed();
			sha384.ComputeHash(bytePhrase);
			byte[] result = sha384.Hash;
 
			// Transfer the first 24 characters of the
hashed value to the key
			// and the remaining 8 characters to the
intialization vector.
			for( int loop=0; loop<24; loop++ ) _Key[loop] 
result[loop];
			for( int loop=24; loop<40; loop++ ) _IV[loop-24]
= result[loop];

			string fileName 
HttpContext.Current.Server.MapPath(GetSettingsFile());
			fileName 
fileName.Replace(".Config",".Encrypted.Config");
			XmlSerializer serializer = new XmlSerializer
(typeof(ModuleSettings));
        
			try
			{
				// serialize the object
				fs = new FileStream(fileName,
FileMode.Create);
				// Create the crypto objects
				rijndael = new RijndaelManaged();
				rijndael.Key = _Key;
				rijndael.IV = _IV;
				rijndaelEncrypt 
rijndael.CreateEncryptor();
				encryptStream = new CryptoStream(
					fs, rijndaelEncrypt,
CryptoStreamMode.Write);
	
				serializer.Serialize(encryptStream,
data);
				encryptStream.FlushFinalBlock();
			}
			finally
			{
				if( rijndael != null ) rijndael.Clear();
				if( rijndaelEncrypt != null )
rijndaelEncrypt.Dispose();
				if( fs != null ) fs.Close();
			}			
		}

		private static string GetSettingsFile()
		{
			HttpContext context = HttpContext.Current;
			// get the file path from the cache
			string filePath 
(string)context.Cache["Accounts_SettingsFile"];
			// if path is null, get it from web.config
			if (filePath == null)
			{
				// retrieve the value
	
filePath=ConfigurationSettings.AppSettings["Accounts_SettingsFile"];
				// save into the cache
				context.Cache["Accounts_SettingsFile"] 
filePath;
			}
			// return the path
			return filePath;
		}
	}




  Return to Index