2

For my .NET Windows service I need to parse the web.config file for my own ASP.NET web app. I use XmlTextReader to do the parsing, which works great, except when I need to decrypt sections of web.config that were encrypted with RsaProtectedConfigurationProvider using aspnet_regiis tool and this method. Here's an example of a database connection string section that I need to decrypt:

<connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
    <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
        xmlns="http://www.w3.org/2001/04/xmlenc#">
      <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
      <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
        <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
          <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
          <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
            <KeyName>Rsa Key</KeyName>
          </KeyInfo>
          <CipherData>
            <CipherValue>B702tRDVHJjC3CYXt7I0ucCDjdht/Vyk/DdUhwQyt7vepSD85dwCP8ox9Y1BUdjajFeTFfFBsGypbli5HPGRYamQdrVkPo07bBBXNT5H02qxREguGUU4iDtV1Xp8BLVZjQMV4ZgP6Wbctw2xRvPC7GvKHLI4fUN/Je5LmutsijA=</CipherValue>
          </CipherData>
        </EncryptedKey>
      </KeyInfo>
      <CipherData>
        <CipherValue>ME+XJA2TAj3QN3yT4pJq3sRArC0i7Cz3Da71BkaRe9QNfuVuUjcv0jeGUN4wDdOAZ7LPq6UpVrpirY3kQcALDvPJ5nKxk++Mw75rjtIO8eh2goTY9rCK6zanfzaDshFy7IqItpvs/y2kmij25nM3ury6uO0hCf0UbEL1mbT2jXDqvcrHZUobO1Ef6bygBZ/8HpU+VfF9CTCob/BBE9zUkK37EQhcduwsnzBvDblYbF/Rd+F4lxAkZnecGLfCZjOzJB4xH1a0vvWtPR7zNwL/7I0uHzQjyMdWrkBnotMjoR70R7NELBotCogWO0MBimncKigdR3dTTdrCd72a7UJ4LMlEQaZXGIJp4PIg6qVDHII=</CipherValue>
      </CipherData>
    </EncryptedData>
  </connectionStrings>

So my question is how do I decrypt it using C# and having the text above?

PS. I'm doing this outside of that specific ASP.NET web app.

c00000fd
  • 20,994
  • 29
  • 177
  • 400

1 Answers1

3

Give this a try:

string section = "connectionStrings";

Configuration config = WebConfigurationManager.OpenWebConfiguration(Request.ApplicationPath);
ConfigurationSection configSection = config.GetSection(section);

if (configSection.SectionInformation.IsProtected)
{
     configSect.SectionInformation.UnprotectSection();
     config.Save();
}

You can also choose to encrypt your connectionStrings in a similar manner as well.

Timothy Randall
  • 17,634
  • 1
  • 15
  • 27
  • OK, this may work in a non-ASP.NET Windows program. First off, set target framework to `.NET Framework 4` from `.NET Framework 4 Client Profile` in the project properties. Then add `System.Web` assembly reference. And lastly to get to the actual decrypted XML for the section call `configSection.SectionInformation.GetRawXml();` instead of `config.Save();` in the code above. Oh, and you can also open the web.config file using its absolute file path, as described here: http://stackoverflow.com/a/2471117/843732 – c00000fd Apr 13 '13 at 07:18