I had tried to encrypt the web config, using different ProtectionProviders but these methods will not full-fill the security.As i can decrypt the file easily from another application:
The Method i used for encryption:
public void EncryptConnString()
{
Configuration confg = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection confStrSect = confg.GetSection(section);
if (confStrSect != null)
{
confStrSect.SectionInformation.ProtectSection("DataProtectionConfigurationProvider");
confStrSect.SectionInformation.ForceSave = true;
confg.Save(ConfigurationSaveMode.Full);
}
}
If i copied the encrypted appSettings to another application and call the method for decryption. this will give the original data, If i attach the encrypted config file with any other application and call the method for decryption, it will get easily decrypted.
That means; If anyone can access the config file can easily get the
values, through decryption.
So here my question is that; How can i encrypt the web.config with a password? or else provide an application level encryption(restrict other application to decrypt the file).
The method used for decryption:
public void DecryptConnString()
{
Configuration confg = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection confStrSect = confg.GetSection(section);
if (confStrSect != null)
{
confStrSect.SectionInformation.UnprotectSection();
confStrSect.SectionInformation.ForceSave = true;
confg.Save(ConfigurationSaveMode.Full);
}
}
I had tried with the following ProtectionProviders:
MyUserDataProtectionConfigurationProvider
DataProtectionConfigurationProvider
RSAProtectedConfigurationProvider
Note: I have to do this programmatically so that aspnet_regiis will not help me
Related
I'm trying to save a string to the AppSettingsSection of the current application's default configuration in the roaming profile using ConfigurationManager (ConfigurationUserLevel.PerUserRoaming).
When I'm saving to the local profile (ConfigurationUserLevel.None) it works just fine.
// Write Name in NameSaved Section of AppSettings
public void WriteNameToAppSettings(string nameToSave)
{
// Open Config File
Configuration configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.PerUserRoaming); // ConfigurationUserLevel.None (local) is working just fine...
// Add or Update NameSaved Section of AppSettings
if ((configuration.AppSettings.Settings["NameSaved"]?.Value) == null)
configuration.AppSettings.Settings.Add("NameSaved", nameToSave);
else
configuration.AppSettings.Settings["NameSaved"].Value = nameToSave;
// Save and Refresh Config File
configuration.Save(ConfigurationSaveMode.Modified);
ConfigurationManager.RefreshSection(configuration.AppSettings.SectionInformation.Name);
}
// Set LastEnteredName Property from NameSaved Section of AppSettings
public void ReadNameFromAppSettings()
{
// Read Config File and then Get Name LastEntered Section of AppSettings
LastEnteredName = ConfigurationManager.AppSettings["NameSaved"]?.ToString() ?? ""; // If null default to ""
}
The error I'm getting is:
System.InvalidOperationException: 'ConfigurationSection properties cannot be edited when locked.'
Any clues on how to fix this?
When porting an application that uses a settings file to an Azure Function, is it necessary to remove reliance on the file?
I want to write a function app to import data from Xero into an Azure sql database.
The Xero SDK I am using is expecting an appsettings.json file.
Consequently when the function runs I get the error
System.Private.CoreLib: Exception while executing function:
FunctionXeroSync. Xero.Api: The type initializer for
'Xero.Api.Infrastructure.Applications.Private.Core' threw an exception.
Microsoft.Extensions.Configuration.FileExtensions: The configuration file
'appsettings.json' was not found and is not optional. The physical path is
'C:\Users\kirst\AppData\Local\AzureFunctionsTools\Releases\2.6.0\cli\appsettings.json'.
I tried putting the relevant settings in via the Manage Application Settings link on the VS2017 Project Publish Tab. Clearly this fails. Is there another way I can use?
Here is the relevant code in the api. I would prefer not to have to modify it, so that I can use the official nuget package.
namespace Xero.Api
{
public class XeroApiSettings : IXeroApiSettings
{
public IConfigurationSection ApiSettings { get; set; }
public XeroApiSettings(string settingspath)
{
var builder = new ConfigurationBuilder()
.AddJsonFile(settingspath)
.Build();
ApiSettings = builder.GetSection("XeroApi");
}
public XeroApiSettings() : this("appsettings.json")
{
}
public string BaseUrl => ApiSettings["BaseUrl"];
public string CallbackUrl => ApiSettings["CallbackUrl"];
public string ConsumerKey => ApiSettings["ConsumerKey"];
public string ConsumerSecret => ApiSettings["ConsumerSecret"];
public string SigningCertificatePath => ApiSettings["SigningCertPath"];
public string SigningCertificatePassword => ApiSettings["SigningCertPassword"];
public string AppType => ApiSettings["AppType"];
public bool IsPartnerApp => AppType?.Equals("partner", StringComparison.OrdinalIgnoreCase) ?? false;
}
}
When I add
log.LogInformation("base directory: "+AppDomain.CurrentDomain.BaseDirectory);
to the function I get
D:\Program Files (x86)\SiteExtensions\Functions\2.0.12095-alpha\32bit\
when running in the portal
When porting an application that uses a settings file to an Azure Function, is it necessary to remove reliance on the file?
Not necessary, we can still use the settings file required by the application. We only need to make sure the path of settings file is correct.
Put appsettings.json under function project and set it to be copied to output/publish directory.
Add ExecutionContext context in Azure Function method signature, it's used to find current function app directory(where appsettings.json locates).
Pass the valid path of appsettings.json in Azure Function to initialize XeroApiSettings.
var xeroApiSettings = new XeroApiSettings(context.FunctionAppDirectory+"/appsettings.json");
This Jon Gallant's blog suggests that you need to add the optional parameter to the AddJsonFile as it does not exist when you deploy:
var config = new ConfigurationBuilder()
.SetBasePath(context.FunctionAppDirectory)
.AddJsonFile("local.settings.json", optional: true, reloadOnChange: true)
.AddEnvironmentVariables()
.Build();
Note that in Azure, this will refer to the 'appsettings.json' file
Can I retrieve public key by providing keyID.( I have imported the public key using kleopatra)
Note:
I am currently passing the public key file path to encrypt the stream.I am successfully encrypting the stream without any issues using BountyCastle nuget package.
I have tried this:
PgpPublicKeyRingBundle bun = new PgpPublicKeyRingBundle(new byte[200]);
var publicc = bun.GetPublicKey(long.Parse("12ERTY564"));
Update:
The above is test KeyID.
i have problems in reading DLL application setting in c# Visual Studio 2010.
I post a sample code of the get workarounded using reflection because with the ConfigurationManager fails.
private string LDAPDomain
{
get
{
string strPath = System.Reflection.Assembly.GetExecutingAssembly().GetModules()[0].FullyQualifiedName;
string val = GetValues(strPath, "LDAPDomain");
return val;
}
}
//strPath is path of the file.
//strKey is key to access
private string GetValues(string strPath, string strKey)
{
System.Configuration.Configuration con = System.Configuration.ConfigurationManager.OpenExeConfiguration(strPath);
string strValue = con.AppSettings.Settings[strKey].Value;
return strValue;
}
If you are expecting the main project referencing the DLL to pick up the app settings it doesn't work like that. The ConfigurationManager will read the config for the executing assembly, you need to put all the necessary configuration into your app if you want to use this.
Alternatively you can manually read the contents of your DLL's app.config file - see this question for some example code.
I am using enterprise library DATA access block in my application and now I want to encrypt the connection string and store it in the config file and consume it in my application after decrypting the same.
How can I do this?
You can encrypt sections of your web.config using DPAPI provider. Nothing else need to change in your application. you still keep reading appsettings and conn. strings as usual.
//call: ProtectSection("appSettings","DataProtectionConfigurationProvider");
private void ProtectSection(string sectionName, string provider)
{
Configuration config =
WebConfigurationManager.
OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection(sectionName);
if (section != null && !section.SectionInformation.IsProtected)
{
section.SectionInformation.ProtectSection(provider);
config.Save();
}
}
//call: UnProtectSection("appSettings");
private void UnProtectSection(string sectionName)
{
Configuration config =
WebConfigurationManager.
OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection section = config.GetSection(sectionName);
if (section != null && section.SectionInformation.IsProtected)
{
section.SectionInformation.UnprotectSection();
config.Save();
}
}