public virtual JsonResult Decrypt(DecryptRequestModel model)
{
ThrowWhenModelStateIsInvalid();
var config = CreateConfigXmlDocument(model.Thumbprint, model.XmlInput);
InitializeProvider(model.Thumbprint);
// decrypt
var decryptedSections = new StringBuilder();
foreach (var node in GetEligibleCryptoNodes(config))
{
XmlNode decryptedNode;
try
{
// sometimes the content may not be decryptable using the provided thumbprint
decryptedNode = _provider.Decrypt(node);
}
catch (CryptographicException ex)
{
// when decryption fails with this thumbprint, display message to the user
return Json(new { error = ex.Message.Trim() });
}
// when the decrypted node already has a configProtectionProvider attribute, push it into the builder
if (decryptedNode.Attributes != null && decryptedNode.Attributes["configProtectionProvider"] != null)
{
// the decrypted node wraps the decrypted xml, so only push its inner xml
decryptedSections.Append(decryptedNode.InnerXml.Trim());
}
// otherwise, find the decryption target
else
{
var cryptoNode = FindNestedCryptoNode(decryptedNode);
Debug.Assert(cryptoNode.ParentNode != null);
// get rid of the crypto node when decrypting
cryptoNode.ParentNode.InnerXml = cryptoNode.InnerXml;
decryptedSections.Append(decryptedNode.OuterXml);
}
}
// create a brand new config document after decryption is complete
config = new ConfigXmlDocument
{
InnerXml = "<configuration></configuration>",
DocumentElement = { InnerXml = decryptedSections.ToString() },
};
// format and return the decrypted xml
var decrypted = config.GetFormattedXml();
return Json(decrypted);
}
public virtual JsonResult ValidateDecryptionThumbprint(DecryptRequestModel model)
{
//System.Threading.Thread.Sleep(5000);
var propertyName = model.PropertyName(x => x.Thumbprint);
if (ModelState.IsValidField(propertyName)) return Json(true);
var errorMessage = ModelState[propertyName].Errors.First().ErrorMessage;
return Json(errorMessage);
}
