Felix  RuthenbergEncrypt App.settings

If you google for an encryption algorithm for your configuration files in the .NET framework you'll find many ideas on how to encrypt the web.config file in ASP.NET rather than encryption methods for the App.config file.

However, of course it is possible to encrypt sections in the App.config file just as it is for the web.config file:

In order to get access to the static configuration classes you should implement the System.Configuration namespace into your application:

using System.Configuration;

Now we can access just any section within our application configuration file.  And we can also easily use the ProtectSection() method on that section to encrypt it using a specified DataProtectionProvider.

The code would look similar to this:

Configuration config = ConfigurationManager.OpenExeConfiguration(Application.ExecutablePath);
ConfigurationSection section = config.GetSection("connectionStrings") // could be any section



Don't forget to save your config, otherwise changes will not be applied

And also remember that your config file will be compiled into a file called NameOfApplication.exe.config and it will be available in your bin (or appropriate output) folder, so don't expect changes to happen in the App.config file (this is different to ASP.NET applications).

Your application may still access the configuration and read it without the need of decryption.  However depending on the used encryption algorithm this may not be true if you move the assemblies to another computer.  To read more about encryption algorithms you may want to start here:  http://www.mycrypto.net/encryption/crypto_algorithms.html

Finally, let me show how to decrypt your settings:

// Given that the appropriate section is known as shown above

if (section.SectionInformation.IsProtected)


Kategorien: C#; 21.01.2009 11:31:13


Neuen Kommentar einfügen:




© Copyright 2008 ppedv AG