Encrypting Other configuration sections. CMAB

Topics: Data Access Application Block, Enterprise Library Core
Feb 20, 2007 at 10:59 PM
Here is my problem I am facing with encrypting custom configuration sections. I have a web app for which I am using the Enterprise Application Blocks for data and configuration management, along with my data connection configuration I need my custom configuration file to be encrypted as well.

Using the Enterprise library configuration App,I have added a custom configuration Application Block section along with my dataconfiguration section. I have added an Encryption Settings section to encrypt my connection strings and also my custom settings. I have added an "File Key algorithm Storage Provider" without DAPI settings to encrypt my config files.

I saved my application and compiled my application and ran the web app. When I check to see if my files are encrypted and not in clear text. I noticed that my dataconfiguration.config file was encrypted but not my custom.config file.

I guess I am not the first person to face this issue. Please let me know if this is even feasible or what might be the solution for this issue.

Thanks in advance.
Feb 21, 2007 at 5:46 PM
I assume you are talking about Enterprise Library 1.x (January/June 2005) here.

When you build your own configuration section that does not include a designtime assembly (like in the Configuration QuickStart), you cannot use the EntLib Configuration Tool to encrypt the data, as the tool doesn’t know how to load or save your section. However you can use the tool to specify that the metaconfiguration is protected, and then have your application save the section.

Here’s what I did to encrypt the EditorSettings.config file as used in the Configuration QuickStart:

1. Open the EntLib config tool
2. Open the app.config file in the ConfigurationWriteXmlQuickStart tool
3. Right-click on Encryption Settings, add a File Key Algorithm Storage Provider, and save it to a file
4. Save the configuration
5. Open the Configuration Write QuickStart in Visual Studio
6. Find the QuickStartForm_Load event, and comment out the following lines, since these lines are expecting the config to be encrypted but it won’t be encrypted yet:
EditorFontData configData = ConfigurationManager.GetConfiguration("EditorSettings") as EditorFontData;
this.UpdateFont(configData);
7. Click the “Write Configuration Data…” button and choose a font
8. Quit the app and check the EditorSettings.config file (in \bin\debug) and notice it is encrypted
9. Uncomment the same two lines of code, since the file is now encrypted
10. Run the app and notice that it successfully reads the encrypted configuration.

Hope this helps
Tom
Feb 21, 2007 at 6:23 PM
Tom, thanks a lot for your response. Your assumption was correct, I am using the June2005 library.

I did get an encrypted custom config file when I followed the steps you outlined. Thanks again.

I guess I need to use the CMAB ConfigurationManager.WriteConfiguration method to create an encrypted config files.

I am planning on creating a simple windows application to create and modify sittings in an encrypted custom config files for Production/QA server releases of my application.

-Yogesh