public string DoEncryptOrDecrypt(bool doEncrypt, string xmlString, string protectionProviderName, string protectionProviderType, string[] paramKeys, string[] paramValues)
{
XmlNode node;
Type c = Type.GetType(protectionProviderType, true);
if (!typeof(ProtectedConfigurationProvider).IsAssignableFrom(c))
{
throw new Exception(System.Web.SR.GetString("WrongType_of_Protected_provider"));
}
ProtectedConfigurationProvider provider = (ProtectedConfigurationProvider)Activator.CreateInstance(c);
NameValueCollection config = new NameValueCollection(paramKeys.Length);
for (int i = 0; i < paramKeys.Length; i++)
{
config.Add(paramKeys[i], paramValues[i]);
}
provider.Initialize(protectionProviderName, config);
XmlDocument document = new XmlDocument {
PreserveWhitespace = true
};
document.LoadXml(xmlString);
if (doEncrypt)
{
node = provider.Encrypt(document.DocumentElement);
}
else
{
node = provider.Decrypt(document.DocumentElement);
}
return(node.OuterXml);
}
ProtectedConfigurationProvider GetProvider(string providerName, string containerName, bool useMachineStore)
{
if (String.IsNullOrEmpty(providerName))
{
providerName = ProtectedConfiguration.DefaultProvider;
}
ProtectedConfigurationProvider prov = ProtectedConfiguration.Providers [providerName];
if (prov == null)
{
throw new InvalidOperationException(String.Format("Provider '{0}' is unknown.", providerName));
}
// We need to create a new instance in order to be able to pass our own
// parameters to the provider
var ret = Activator.CreateInstance(prov.GetType()) as ProtectedConfigurationProvider;
ret.Initialize(providerName, new NameValueCollection {
{ "keyContainerName", containerName },
{ "useMachineContainer", useMachineStore.ToString() },
}
);
return(ret);
}
public virtual string EncryptSection(string clearXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedSection)
{
if (protectedSection == null)
{
throw new ArgumentNullException("protectedSection");
}
return(protectedSection.EncryptSection(clearXml, protectionProvider));
}
private string CallEncryptOrDecrypt(bool doEncrypt, string xmlString, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
{
string str = null;
WindowsImpersonationContext context = null;
string assemblyQualifiedName = protectionProvider.GetType().AssemblyQualifiedName;
ProviderSettings settings = protectedConfigSection.Providers[protectionProvider.Name];
if (settings == null)
{
throw System.Web.Util.ExceptionUtil.ParameterInvalid("protectionProvider");
}
NameValueCollection parameters = settings.Parameters;
if (parameters == null)
{
parameters = new NameValueCollection();
}
string[] allKeys = parameters.AllKeys;
string[] parameterValues = new string[allKeys.Length];
for (int i = 0; i < allKeys.Length; i++)
{
parameterValues[i] = parameters[allKeys[i]];
}
if (this._Identity != null)
{
context = this._Identity.Impersonate();
}
try
{
try
{
IRemoteWebConfigurationHostServer o = CreateRemoteObject(this._Server, this._Username, this._Domain, this._Password);
try
{
str = o.DoEncryptOrDecrypt(doEncrypt, xmlString, protectionProvider.Name, assemblyQualifiedName, allKeys, parameterValues);
}
finally
{
while (Marshal.ReleaseComObject(o) > 0)
{
}
}
return(str);
}
finally
{
if (context != null)
{
context.Undo();
}
}
}
catch
{
}
return(str);
}
/// <summary>
/// Initializes a new instance of the <see cref="ConfigProtection"/> class.
/// </summary>
public ConfigProtection()
{
var parameters = new NameValueCollection();
parameters["keyContainerName"] = "CustomContainer";
parameters["useMachineContainer"] = "true";
parameters["useOAEP"] = "false";
_protectionProvider = new RsaProtectedConfigurationProvider();
_protectionProvider.Initialize("CustomProvider", parameters);
}
internal ProtectedConfigurationProvider GetProvider(string name, bool throwOnError)
{
ProtectedConfigurationProvider p = Providers[name];
if (p == null && throwOnError)
{
throw new ServerManagerException(string.Format("The protection provider '{0}' was not found.", name));
}
return(p);
}
public void Set(string name, ProtectedConfigurationProvider provider)
{
if (_map.ContainsKey(name))
{
_map[name] = provider;
}
else
{
_map.Add(name, provider);
}
}
private void DecryptNode(XmlNode node, ProtectedConfigurationProvider protectionProvider)
{
XmlDocument document = node.OwnerDocument;
XmlNode parentNode = node.ParentNode;
node.Attributes.RemoveNamedItem("configProtectionProvider", string.Empty);
var unencryptedNode = protectionProvider.Decrypt(node.ChildNodes.OfType <XmlElement>().Where(x => x.Name == "EncryptedData").First());
unencryptedNode = document.ImportNode(unencryptedNode, true);
parentNode.ReplaceChild(unencryptedNode, node);
}
string LoadSection(string configFile, string configSection, string containerName, bool useMachineStore,
out XmlDocument doc, out XmlNode section, out ProtectedConfigurationProvider provider)
{
if (!IsValidSection(configFile, configSection))
{
throw new InvalidOperationException(String.Format("Section '{0}' is not a valid section in file '{1}'", configSection, configFile));
}
// This should be done using Configuration, but currently the Mono
// System.Configuration saves configuration files without preserving
// non-significant whitespace which gives a very ugly result.
doc = new XmlDocument();
doc.PreserveWhitespace = true;
doc.Load(configFile);
XmlNamespaceManager nsmgr = null;
XmlElement root = doc.DocumentElement;
string ns = null;
if (root.HasAttributes)
{
ns = root.GetAttribute("xmlns");
if (!String.IsNullOrEmpty(ns))
{
nsmgr = new XmlNamespaceManager(doc.NameTable);
nsmgr.AddNamespace("config", ns);
}
}
section = doc.DocumentElement.SelectSingleNode(BuildXPathExpression(configSection), nsmgr);
// This check is necessary even though IsValidSection returned true - it's
// because the section might have been found in files other than the one
// we're processing.
if (section == null)
{
throw new InvalidOperationException(String.Format("Section '{0}' not found in config file '{1}'", configSection, configFile));
}
XmlAttribute attr = section.Attributes ["configProtectionProvider"];
string configProtectionProvider = attr == null ? null : attr.Value;
provider = GetProvider(configProtectionProvider, containerName, useMachineStore);
return(ns);
}
// </Snippet107>
// <Snippet108>
static public void GetProtectionProvider()
{
SectionInformation sInfo =
GetSectionInformation();
ProtectedConfigurationProvider pp =
sInfo.ProtectionProvider;
if (pp == null)
{
Console.WriteLine("Protection provider is null");
}
else
{
Console.WriteLine("Protection provider: {0}",
pp.ToString());
}
}
private void EncryptNode(XmlNode node, ProtectedConfigurationProvider protectionProvider)
{
XmlDocument document = node.OwnerDocument;
XmlNode parentNode = node.ParentNode;
var encryptedNode = protectionProvider.Encrypt(node);
encryptedNode = document.ImportNode(encryptedNode, true);
var encyptedNodeContainer = document.CreateElement(node.Name, node.NamespaceURI);
encyptedNodeContainer.AppendChild(encryptedNode);
var protectionProviderAttribute = document.CreateAttribute("configProtectionProvider");
protectionProviderAttribute.Value = protectionProvider.Name;
encyptedNodeContainer.Attributes.Append(protectionProviderAttribute);
parentNode.ReplaceChild(encyptedNodeContainer, node);
}
string IInternalConfigHost.DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
{
return ProtectedConfigurationSection.DecryptSection(encryptedXml, protectionProvider);
}
/////////////////////////////////////////////////////////////////////////////////
/////////////////////////////////////////////////////////////////////////////////
// Encrypt/decrypt support
public override string DecryptSection(string encryptedXmlString, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
{
return(CallEncryptOrDecrypt(false, encryptedXmlString, protectionProvider, protectedConfigSection));
}
string IInternalConfigHost.EncryptSection(string clearTextXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
{
throw new NotImplementedException();
}
public virtual string EncryptSection(string clearTextXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
{
return Host.EncryptSection(clearTextXml, protectionProvider, protectedConfigSection);
}
public virtual string DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
{
return Host.DecryptSection(encryptedXml, protectionProvider, protectedConfigSection);
}
public CloudConfigCryptoController(ProtectedConfigurationProvider provider)
{
_provider = provider;
}
public override string EncryptSection(string clearTextXmlString, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
{
return(CallEncryptOrDecrypt(true, clearTextXmlString, protectionProvider, protectedConfigSection));
}
internal string DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider)
{
var decryptedNode = protectionProvider.Decrypt(encryptedXml);
return decryptedNode;
}
internal string EncryptSection(string clearXml, ProtectedConfigurationProvider protectionProvider)
{
var encryptedNode = protectionProvider.Encrypt(clearXml);
return encryptedNode;
}
public virtual string DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
{
return(host.DecryptSection(encryptedXml, protectionProvider, protectedConfigSection));
}
string IInternalConfigHost.DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
{
return(ProtectedConfigurationSection.DecryptSection(encryptedXml, protectionProvider));
}
internal string DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider)
{
var decryptedNode = protectionProvider.Decrypt(encryptedXml);
return(decryptedNode);
}
internal string EncryptSection(string clearXml, ProtectedConfigurationProvider protectionProvider)
{
var encryptedNode = protectionProvider.Encrypt(clearXml);
return(encryptedNode);
}
private string CallEncryptOrDecrypt(bool doEncrypt, string xmlString, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
{
#if !FEATURE_PAL // FEATURE_PAL has no COM objects => no encryption
// ROTORTODO: COM Objects are not implemented.
// CORIOLISTODO: COM Objects are not implemented.
ProviderSettings ps;
NameValueCollection nvc;
string [] paramKeys;
string [] paramValues;
string returnString = null;
string typeName;
WindowsImpersonationContext wiContext = null;
////////////////////////////////////////////////////////////
// Step 1: Create list of parameters for the protection provider
typeName = protectionProvider.GetType().AssemblyQualifiedName;
ps = protectedConfigSection.Providers[protectionProvider.Name];
if (ps == null)
{
throw ExceptionUtil.ParameterInvalid("protectionProvider");
}
nvc = ps.Parameters;
if (nvc == null)
{
nvc = new NameValueCollection();
}
paramKeys = nvc.AllKeys;
paramValues = new string[paramKeys.Length];
for (int iter = 0; iter < paramKeys.Length; iter++)
{
paramValues[iter] = nvc[paramKeys[iter]];
}
////////////////////////////////////////////////////////////
// Step 2: Set the impersonation if required
if (_Identity != null)
{
wiContext = _Identity.Impersonate();
}
try {
try {
//////////////////////////////////////////////////////////////////
// Step 3: Get the type and create the object on the remote server
IRemoteWebConfigurationHostServer remoteSrv = CreateRemoteObject(_Server, _Username, _Domain, _Password);
try {
//////////////////////////////////////////////////////////////////
// Step 4: Call the API
returnString = remoteSrv.DoEncryptOrDecrypt(doEncrypt, xmlString, protectionProvider.Name, typeName, paramKeys, paramValues);
} finally {
while (Marshal.ReleaseComObject(remoteSrv) > 0)
{
} // release the COM object
}
} finally {
if (wiContext != null)
{
wiContext.Undo(); // revert impersonation
}
}
}
catch {
}
return(returnString);
#else // !FEATURE_PAL
throw new NotImplementedException("ROTORTODO");
#endif // !FEATURE_PAL
}
string IInternalConfigHost.EncryptSection(string clearTextXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
{
return(ProtectedConfigurationSection.EncryptSection(clearTextXml, protectionProvider));
}
string IInternalConfigHost.EncryptSection(string clearTextXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedConfigSection)
{
return ProtectedConfigurationSection.EncryptSection(clearTextXml, protectionProvider);
}
public virtual string EncryptSection(string clearTextXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
{
return(host.EncryptSection(clearTextXml, protectionProvider, protectedConfigSection));
}
public virtual string EncryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider,
ProtectedConfigurationSection protectedSection)
{
throw new NotImplementedException();
}
