CODEWITHSUNDEEP
c#asp.netencryption
Jeppe Christensen
Jeppe Christensen

Reputation: 1890

System.Security.Cryptography.CryptographicException upon encrypting connectionstring

So i have tried to build two methods that hence encrypts and decrypts my connectionstring.

The issue is, that i get a pretty nasty exception, that i really cant figure out how to solve.

my two methods and my calls looks like this: 

    private void ProtectSection(string sectionName, string provider)
    {
        Configuration config = WebConfigurationManager.OpenWebConfiguration("~/");
        ConfigurationSection section = config.GetSection(sectionName);

        if (section != null && !section.SectionInformation.IsProtected)
        {
            section.SectionInformation.ProtectSection(provider);
            config.Save();
        }
    }

    private void UnProtectSection(string sectionName)
    {
        Configuration config = WebConfigurationManager.OpenWebConfiguration("~/");
        ConfigurationSection section = config.GetSection(sectionName);

        if (section != null && section.SectionInformation.IsProtected)
        {
            section.SectionInformation.UnprotectSection();
            config.Save();
        }
    }

And these are my calls:

UnProtectSection("connectionStrings");
ProtectSection("connectionStrings", "RsaProtectedConfigurationProvider");

UPDATE

here are the following errors that i get: 

<ExceptionMessage>Object already exists.</ExceptionMessage>

<StackTrace>
at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) at System.Security.Cryptography.Utils._CreateCSP(CspParameters param, Boolean randomKeyContainer, SafeProvHandle& hProv) at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer) at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle) at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair() at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize) at System.Security.Cryptography.RSACryptoServiceProvider..ctor(CspParameters parameters) at System.Configuration.RsaProtectedConfigurationProvider.GetCryptoServiceProvider(Boolean exportable, Boolean keyMustExist) at System.Configuration.RsaProtectedConfigurationProvider.Encrypt(XmlNode node) at System.Configuration.ProtectedConfigurationSection.EncryptSection(String clearXml, ProtectedConfigurationProvider provider) at System.Configuration.Internal.InternalConfigHost.System.Configuration.Internal.IInternalConfigHost.EncryptSection(String clearTextXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection) at System.Configuration.Internal.DelegatingConfigHost.EncryptSection(String clearTextXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection) at System.Configuration.Internal.DelegatingConfigHost.EncryptSection(String clearTextXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection) at System.Configuration.MgmtConfigurationRecord.GetConfigDefinitionUpdates(Boolean requireUpdates, ConfigurationSaveMode saveMode, Boolean forceSaveAll, ConfigDefinitionUpdates& definitionUpdates, ArrayList& configSourceUpdates)
</StackTrace>

Upvotes: 0

Views: 742

Answers (1)

Jonathan
Jonathan

Reputation: 5028

I recommend against rolling your own encryption on the connection strings. Instead you should do it the "Microsoft Way" as described here: https://msdn.microsoft.com/en-us/library/dx0f3cf2(v=vs.85).aspx

From a high level, you run aspnet_regiis.exe with a reference to the part of the web.config you want to encrypt.

Upvotes: 2

Related Questions