/// <summary>
/// Gets an encrypted string settings from the sitekeyconfig.json file.
///
/// Prevents memory based attacks to extract any sensitive keys in cache.
/// </summary>
/// <param name="path"></param>
/// <param name="defaultfallback">The default value if it does not exist</param>
/// <returns></returns>
public static string GetEncryptedString(string path, string defaultfallback = "")
{
InitializeProtectedAppSettings();
// Check cache
string hashedPath = SHA256Hash.Hash(path);
if (DataCache.ContainsKey(hashedPath))
{
return(AES256Hash.DecryptString(path, DataCache[hashedPath])); // decrypt with real path independent of the hashed path key.
}
return(null);
}
private static void RecursivelyLoadJsonSettings(JObject JsonObject, JProperty JsonProperty)
{
foreach (JToken token in JsonProperty == null ? JsonObject.Children() : JsonProperty.Children())
{
if (token.Type == JTokenType.Property)
{
RecursivelyLoadJsonSettings(null, (JProperty)token);
}
else if (token.Type == JTokenType.Object)
{
RecursivelyLoadJsonSettings((JObject)token, null);
}
else
{
if (token.Type == JTokenType.String)
{
string path = token.Path.Replace(".", "/");
string value = (string)token;
DataCache.Add(SHA256Hash.Hash(path), AES256Hash.EncryptString(path, value)); // encrypt with real path independent of the hashed path key.
}
}
}
}
