1

I have the following code for a console application:

// Get the app config file.
var configuration = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);

// Get the sections to unprotect.
ConfigurationSection connStrings = configuration.ConnectionStrings;

string connection = null;

if (connStrings != null)
{
    // UNPROTECT
    connStrings.SectionInformation.UnprotectSection();

    connection = ConfigurationManager.ConnectionStrings["Connection"].ConnectionString;
}

This code works just fine on Framework 4.8, but when I try it on Core 3.1, it throws

PlatformNotSupportedException

at the "UNPROTECT" code.

This is on the same work station and everything.

The official documentation for both ConfigurationManager and SectionInformation shows compatibility with Core 3.0 and 3.1.

I'm guessing that the classes are "compatible" with Core for convenience of accessing the config file but the decryption is not because the keys for decryption are stored in the Framework, but Core is cross platform and therefore won't have access to the keys. (Yes?)

If this platform doesn't support decryption of connection strings, is there some preferred alternative to encrypting/decrypting connection strings?

I have looked high and low but don't seem to be able to find anything.

NOTE: The ability to decrypt the encrypted connection string is essential!

jps
  • 20,041
  • 15
  • 75
  • 79
Aaron
  • 192
  • 6
  • The UnprotectSection MS Docs does not show compatibility with .NET Core, only .NET Framework and .NET platform extensions (https://learn.microsoft.com/en-us/dotnet/api/system.configuration.sectioninformation.unprotectsection?view=dotnet-plat-ext-6.0). I think you will need to look into the Windows Compatibility Pack (https://learn.microsoft.com/en-us/dotnet/core/porting/windows-compat-pack) to install those platform extensions. More info on the Windows Pack here: https://stackoverflow.com/questions/53097067/what-are-net-platform-extensions-on-docs-microsoft-com – Tommy Dec 15 '21 at 13:39

1 Answers1

1

The ConfigurationManager class has been deprecated in DotNetCore, it has been replaced with the IConfiguration class which you can construct with the ConfigurationBuilder class, here's an example of loading a json file (just a note that you need two nuget dependencies for this which are Microsoft.Extensions.Configuration and Microsoft.Extensions.Configuration.Json):


var config = new ConfigurationBuilder()
    .AddJsonFile("Config.json", true) // bool to say whether it is optional
    .Build()

As mentioned this will give you an instance of the IConfiguration class which is documented here but is very similar to the ConfigurationManager

example of config.json:

{
  "ConnectionStrings": {
    "BloggingDatabase": "Server=(localdb)\\mssqllocaldb;Database=EFGetStarted.ConsoleApp.NewDb;Trusted_Connection=True;"
  },
}
Dharman
  • 30,962
  • 25
  • 85
  • 135
Mark Davies
  • 1,447
  • 1
  • 15
  • 30
  • Will it handle the encryption/decryption of the values? I don't see anything in that class that seems to indicate so. – Aaron Aug 26 '20 at 14:23
  • @aaron have a look at this https://learn.microsoft.com/en-us/aspnet/core/security/app-secrets?view=aspnetcore-3.1&tabs=windows – George Stocker Aug 26 '20 at 15:45