Пример #1
0
 public void Set(string name, ProtectedConfigurationProvider provider)
 {
     if (_map.ContainsKey(name))
         _map[name] = provider;
     else
         _map.Add(name, provider);
 }
Пример #2
0
		public virtual string DecryptSection (string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedSection)
		{
			if (protectedSection == null)
				throw new ArgumentNullException ("protectedSection");

			return protectedSection.EncryptSection (encryptedXml, protectionProvider);
		}
Пример #3
0
        // method to cause a section to be protected using the specified provider
        public void ProtectSection(string protectionProvider)
        {
            ProtectedConfigurationProvider protectedConfigurationProvider;

            VerifyIsEditable();

            // Do not encrypt sections that will be read by a native reader.
            // These sections are be marked with allowLocation=false.
            // Also, the configProtectedData section cannot be encrypted!
            if (!AllowLocation || (ConfigKey == BaseConfigurationRecord.ReservedSectionProtectedConfiguration))
            {
                throw new InvalidOperationException(SR.Config_not_allowed_to_encrypt_this_section);
            }

            if (_configRecord != null)
            {
                if (string.IsNullOrEmpty(protectionProvider))
                {
                    protectionProvider = _configRecord.DefaultProviderName;
                }

                protectedConfigurationProvider = _configRecord.GetProtectionProviderFromName(protectionProvider, true);
            }
            else
            {
                throw new InvalidOperationException(SR.Must_add_to_config_before_protecting_it);
            }

            ProtectionProviderName = protectionProvider;
            _protectionProvider    = protectedConfigurationProvider;

            _flags[FlagProtectionProviderDetermined]       = true;
            _modifiedFlags[FlagProtectionProviderModified] = true;
        }
Пример #4
0
 public void UnprotectSection()
 {
     this.VerifyIsEditable();
     this._protectionProvider     = null;
     this._protectionProviderName = null;
     this._flags[0x800]           = true;
     this._modifiedFlags[0x80000] = true;
 }
Пример #5
0
        internal void SetRuntimeConfigurationInformation(BaseConfigurationRecord configRecord,
                                                         FactoryRecord factoryRecord, SectionRecord sectionRecord)
        {
            _flags[FlagAttached] = true;

            // factory info
            ConfigKey                            = factoryRecord.ConfigKey;
            Name                                 = factoryRecord.Name;
            _typeName                            = factoryRecord.FactoryTypeName;
            _allowDefinition                     = factoryRecord.AllowDefinition;
            _allowExeDefinition                  = factoryRecord.AllowExeDefinition;
            _flags[FlagAllowLocation]            = factoryRecord.AllowLocation;
            _flags[FlagRestartOnExternalChanges] = factoryRecord.RestartOnExternalChanges;
            _flags[FlagRequirePermission]        = factoryRecord.RequirePermission;
            _overrideModeDefault                 = factoryRecord.OverrideModeDefault;

            if (factoryRecord.IsUndeclared)
            {
                _flags[FlagIsUndeclared]        = true;
                _flags[FlagDeclared]            = false;
                _flags[FlagDeclarationRequired] = false;
            }
            else
            {
                _flags[FlagIsUndeclared]        = false;
                _flags[FlagDeclared]            = configRecord.GetFactoryRecord(factoryRecord.ConfigKey, false) != null;
                _flags[FlagDeclarationRequired] = configRecord.IsRootDeclaration(factoryRecord.ConfigKey, false);
            }

            // section info
            _flags[FlagLocationLocked] = sectionRecord.Locked;
            _flags[FlagChildrenLocked] = sectionRecord.LockChildren;
            _flags[FlagChildrenLockWithoutFileInput] = sectionRecord.LockChildrenWithoutFileInput;

            if (sectionRecord.HasFileInput)
            {
                SectionInput fileInput = sectionRecord.FileInput;

                _flags[FlagProtectionProviderDetermined] = fileInput.IsProtectionProviderDetermined;
                _protectionProvider = fileInput.ProtectionProvider;

                SectionXmlInfo sectionXmlInfo = fileInput.SectionXmlInfo;

                _configSource                  = sectionXmlInfo.ConfigSource;
                ConfigSourceStreamName         = sectionXmlInfo.ConfigSourceStreamName;
                _overrideMode                  = sectionXmlInfo.OverrideModeSetting;
                _flags[FlagInheritInChildApps] = !sectionXmlInfo.SkipInChildApps;
                ProtectionProviderName         = sectionXmlInfo.ProtectionProviderName;
            }
            else
            {
                _flags[FlagProtectionProviderDetermined] = false;
                _protectionProvider = null;
            }

            // element context information
            _configurationSection.AssociateContext(configRecord);
        }
Пример #6
0
        internal static string DecryptSection(string encryptedXml, ProtectedConfigurationProvider provider)
        {
            XmlDocument doc = new XmlDocument();

            doc.LoadXml(encryptedXml);
            XmlNode resultNode = provider.Decrypt(doc.DocumentElement);

            return(resultNode.OuterXml);
        }
 internal static string EncryptSection(string clearXml, ProtectedConfigurationProvider provider)
 {
     XmlDocument document = new XmlDocument {
         PreserveWhitespace = true
     };
     document.LoadXml(clearXml);
     string name = document.DocumentElement.Name;
     return provider.Encrypt(document.DocumentElement).OuterXml;
 }
		internal string EncryptSection (string clearXml, ProtectedConfigurationProvider protectionProvider)
		{
			XmlDocument doc = new ConfigurationXmlDocument ();
			doc.LoadXml (clearXml);

			XmlNode encryptedNode = protectionProvider.Encrypt (doc.DocumentElement);

			return encryptedNode.OuterXml;
		}
		internal string DecryptSection (string encryptedXml, ProtectedConfigurationProvider protectionProvider)
		{
			XmlDocument doc = new ConfigurationXmlDocument ();
			doc.InnerXml = encryptedXml;

			XmlNode decryptedNode = protectionProvider.Decrypt (doc.DocumentElement);

			return decryptedNode.OuterXml;
		}
Пример #10
0
        public void UnprotectSection()
        {
            VerifyIsEditable();

            _protectionProvider    = null;
            ProtectionProviderName = null;
            _flags[FlagProtectionProviderDetermined]       = true;
            _modifiedFlags[FlagProtectionProviderModified] = true;
        }
        internal string EncryptSection(string clearXml, ProtectedConfigurationProvider protectionProvider)
        {
            XmlDocument doc = new ConfigurationXmlDocument();

            doc.LoadXml(clearXml);

            XmlNode encryptedNode = protectionProvider.Encrypt(doc.DocumentElement);

            return(encryptedNode.OuterXml);
        }
        internal string DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider)
        {
            XmlDocument doc = new ConfigurationXmlDocument();

            doc.InnerXml = encryptedXml;

            XmlNode decryptedNode = protectionProvider.Decrypt(doc.DocumentElement);

            return(decryptedNode.OuterXml);
        }
 private string CallEncryptOrDecrypt(bool doEncrypt, string xmlString, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
 {
     string str = null;
     WindowsImpersonationContext context = null;
     string assemblyQualifiedName = protectionProvider.GetType().AssemblyQualifiedName;
     ProviderSettings settings = protectedConfigSection.Providers[protectionProvider.Name];
     if (settings == null)
     {
         throw System.Web.Util.ExceptionUtil.ParameterInvalid("protectionProvider");
     }
     NameValueCollection parameters = settings.Parameters;
     if (parameters == null)
     {
         parameters = new NameValueCollection();
     }
     string[] allKeys = parameters.AllKeys;
     string[] parameterValues = new string[allKeys.Length];
     for (int i = 0; i < allKeys.Length; i++)
     {
         parameterValues[i] = parameters[allKeys[i]];
     }
     if (this._Identity != null)
     {
         context = this._Identity.Impersonate();
     }
     try
     {
         try
         {
             IRemoteWebConfigurationHostServer o = CreateRemoteObject(this._Server, this._Username, this._Domain, this._Password);
             try
             {
                 str = o.DoEncryptOrDecrypt(doEncrypt, xmlString, protectionProvider.Name, assemblyQualifiedName, allKeys, parameterValues);
             }
             finally
             {
                 while (Marshal.ReleaseComObject(o) > 0)
                 {
                 }
             }
             return str;
         }
         finally
         {
             if (context != null)
             {
                 context.Undo();
             }
         }
     }
     catch
     {
     }
     return str;
 }
Пример #14
0
        internal static string EncryptSection(string clearXml, ProtectedConfigurationProvider provider)
        {
            XmlDocument xmlDocument = new XmlDocument {
                PreserveWhitespace = true
            };

            xmlDocument.LoadXml(clearXml);
            XmlNode encNode = provider.Encrypt(xmlDocument.DocumentElement);

            return(encNode.OuterXml);
        }
Пример #15
0
        internal static ProtectedConfigurationProvider GetProvider(string name, bool throwOnError)
        {
            ProtectedConfigurationProvider p = Providers[name];

            if (p == null && throwOnError)
            {
                throw new Exception(String.Format("The protection provider '{0}' was not found.", name));
            }

            return(p);
        }
Пример #16
0
        internal static string EncryptSection(string clearXml, ProtectedConfigurationProvider provider)
        {
            XmlDocument document = new XmlDocument {
                PreserveWhitespace = true
            };

            document.LoadXml(clearXml);
            string name = document.DocumentElement.Name;

            return(provider.Encrypt(document.DocumentElement).OuterXml);
        }
        void DoDeserializeSection(XmlReader reader)
        {
            reader.MoveToContent();

            string protection_provider = null;
            string config_source       = null;
            string localName;

            while (reader.MoveToNextAttribute())
            {
                localName = reader.LocalName;
                if (localName == "configProtectionProvider")
                {
                    protection_provider = reader.Value;
                }
                else if (localName == "configSource")
                {
                    config_source = reader.Value;
                }
            }

            /* XXX this stuff shouldn't be here */
            {
                if (protection_provider != null)
                {
                    ProtectedConfigurationProvider prov = ProtectedConfiguration.GetProvider(protection_provider, true);
                    XmlDocument doc = new ConfigurationXmlDocument();

                    reader.MoveToElement();

                    doc.Load(new StringReader(reader.ReadInnerXml()));

                    XmlNode n = prov.Decrypt(doc);

                    reader = new XmlNodeReader(n);

                    SectionInformation.ProtectSection(protection_provider);

                    reader.MoveToContent();
                }
            }

            if (config_source != null)
            {
                SectionInformation.ConfigSource = config_source;
            }

            SectionInformation.SetRawXml(RawXml);
            if (SectionHandler == null)
            {
                DeserializeElement(reader, false);
            }
        }
Пример #18
0
        private ProtectedConfigurationProvider CreateAndInitializeProviderWithAssert(Type t, ProviderSettings pn)
        {
            ProtectedConfigurationProvider provider   = (ProtectedConfigurationProvider)System.Configuration.TypeUtil.CreateInstanceWithReflectionPermission(t);
            NameValueCollection            parameters = pn.Parameters;
            NameValueCollection            config     = new NameValueCollection(parameters.Count);

            foreach (string str in parameters)
            {
                config[str] = parameters[str];
            }
            provider.Initialize(pn.Name, config);
            return(provider);
        }
Пример #19
0
        public override XmlNode Encrypt(XmlNode node)
        {
            string text    = node.OuterXml;
            string encText = EncryptText(text);
            string pre     = @"<EncryptedData><CipherData><CipherValue>";
            string post    = @"</CipherValue></CipherData></EncryptedData>";
            string xmlText = pre + encText + post;

            XmlDocument xmlDocument = new XmlDocument();

            xmlDocument.PreserveWhitespace = true;
            ProtectedConfigurationProvider.LoadXml(xmlDocument, xmlText);
            return(xmlDocument.DocumentElement);
        }
        public override XmlNode Decrypt(XmlNode encryptedNode)
        {
            XmlDocument              xmlDocument = new XmlDocument();
            EncryptedXml             exml        = null;
            RSACryptoServiceProvider rsa         = GetCryptoServiceProvider(false, true);

            xmlDocument.PreserveWhitespace = true;
            ProtectedConfigurationProvider.LoadXml(xmlDocument, encryptedNode.OuterXml);
            exml = new FipsAwareEncryptedXml(xmlDocument);
            exml.AddKeyNameMapping(_KeyName, rsa);
            exml.DecryptDocument();
            rsa.Clear();
            return(xmlDocument.DocumentElement);
        }
        ProtectedConfigurationProvider InstantiateProvider(ProviderSettings ps)
        {
            Type t = Type.GetType(ps.Type, true);
            ProtectedConfigurationProvider prov = Activator.CreateInstance(t) as ProtectedConfigurationProvider;

            if (prov == null)
            {
                throw new Exception("The type specified does not extend ProtectedConfigurationProvider class.");
            }

            prov.Initialize(ps.Name, ps.Parameters);

            return(prov);
        }
Пример #22
0
        private ProtectedConfigurationProvider CreateAndInitializeProviderWithAssert(Type t, ProviderSettings pn)
        {
            ProtectedConfigurationProvider provider =
                (ProtectedConfigurationProvider)TypeUtil.CreateInstance(t);
            NameValueCollection pars        = pn.Parameters;
            NameValueCollection cloneParams = new NameValueCollection(pars.Count);

            foreach (string key in pars)
            {
                cloneParams[key] = pars[key];
            }

            provider.Initialize(pn.Name, cloneParams);
            return(provider);
        }
Пример #23
0
 internal void SetRuntimeConfigurationInformation(BaseConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord)
 {
     this._flags[1]            = true;
     this._configKey           = factoryRecord.ConfigKey;
     this._group               = factoryRecord.Group;
     this._name                = factoryRecord.Name;
     this._typeName            = factoryRecord.FactoryTypeName;
     this._allowDefinition     = factoryRecord.AllowDefinition;
     this._allowExeDefinition  = factoryRecord.AllowExeDefinition;
     this._flags[8]            = factoryRecord.AllowLocation;
     this._flags[0x10]         = factoryRecord.RestartOnExternalChanges;
     this._flags[0x20]         = factoryRecord.RequirePermission;
     this._overrideModeDefault = factoryRecord.OverrideModeDefault;
     if (factoryRecord.IsUndeclared)
     {
         this._flags[0x2000] = true;
         this._flags[2]      = false;
         this._flags[4]      = false;
     }
     else
     {
         this._flags[0x2000] = false;
         this._flags[2]      = configRecord.GetFactoryRecord(factoryRecord.ConfigKey, false) != null;
         this._flags[4]      = configRecord.IsRootDeclaration(factoryRecord.ConfigKey, false);
     }
     this._flags[0x40]   = sectionRecord.Locked;
     this._flags[0x80]   = sectionRecord.LockChildren;
     this._flags[0x4000] = sectionRecord.LockChildrenWithoutFileInput;
     if (sectionRecord.HasFileInput)
     {
         SectionInput fileInput = sectionRecord.FileInput;
         this._flags[0x800]       = fileInput.IsProtectionProviderDetermined;
         this._protectionProvider = fileInput.ProtectionProvider;
         SectionXmlInfo sectionXmlInfo = fileInput.SectionXmlInfo;
         this._configSource           = sectionXmlInfo.ConfigSource;
         this._configSourceStreamName = sectionXmlInfo.ConfigSourceStreamName;
         this._overrideMode           = sectionXmlInfo.OverrideModeSetting;
         this._flags[0x100]           = !sectionXmlInfo.SkipInChildApps;
         this._protectionProviderName = sectionXmlInfo.ProtectionProviderName;
     }
     else
     {
         this._flags[0x800]       = false;
         this._protectionProvider = null;
     }
     this._configurationSection.AssociateContext(configRecord);
 }
Пример #24
0
		string LoadSection (string configFile, string configSection, string containerName, bool useMachineStore,
				    out XmlDocument doc, out XmlNode section, out ProtectedConfigurationProvider provider)
		{
			if (!IsValidSection (configFile, configSection))
				throw new InvalidOperationException (String.Format ("Section '{0}' is not a valid section in file '{1}'", configSection, configFile));
			
			// This should be done using Configuration, but currently the Mono
			// System.Configuration saves configuration files without preserving
			// non-significant whitespace which gives a very ugly result.
			doc = new XmlDocument ();
			doc.PreserveWhitespace = true;
			doc.Load (configFile);

			XmlNamespaceManager nsmgr = null;
			XmlElement root = doc.DocumentElement;
			string ns = null;
			if (root.HasAttributes) {
				ns = root.GetAttribute ("xmlns");
				if (!String.IsNullOrEmpty (ns)) {
					nsmgr = new XmlNamespaceManager (doc.NameTable);
					nsmgr.AddNamespace ("config", ns);
				}
			}
			
			section = doc.DocumentElement.SelectSingleNode (BuildXPathExpression (configSection), nsmgr);
			// This check is necessary even though IsValidSection returned true - it's
			// because the section might have been found in files other than the one
			// we're processing.
			if (section == null)
				throw new InvalidOperationException (String.Format ("Section '{0}' not found in config file '{1}'", configSection, configFile));

			XmlAttribute attr = section.Attributes ["configProtectionProvider"];
			string configProtectionProvider = attr == null ? null : attr.Value;
			
			provider = GetProvider (configProtectionProvider, containerName, useMachineStore);

			return ns;
		}
Пример #25
0
        public void ProtectSection(string protectionProvider)
        {
            ProtectedConfigurationProvider protectionProviderFromName = null;

            this.VerifyIsEditable();
            if (!this.AllowLocation || (this._configKey == "configProtectedData"))
            {
                throw new InvalidOperationException(System.Configuration.SR.GetString("Config_not_allowed_to_encrypt_this_section"));
            }
            if (this._configRecord == null)
            {
                throw new InvalidOperationException(System.Configuration.SR.GetString("Must_add_to_config_before_protecting_it"));
            }
            if (string.IsNullOrEmpty(protectionProvider))
            {
                protectionProvider = this._configRecord.DefaultProviderName;
            }
            protectionProviderFromName   = this._configRecord.GetProtectionProviderFromName(protectionProvider, true);
            this._protectionProviderName = protectionProvider;
            this._protectionProvider     = protectionProviderFromName;
            this._flags[0x800]           = true;
            this._modifiedFlags[0x80000] = true;
        }
Пример #26
0
        public override XmlNode Decrypt(XmlNode encryptedNode)
        {
            if (encryptedNode.NodeType != XmlNodeType.Element ||
                encryptedNode.Name != "EncryptedData")
            {
                throw new ConfigurationErrorsException(SR.GetString(SR.DPAPI_bad_data));
            }

            XmlNode cipherNode = TraverseToChild(encryptedNode, "CipherData", false);

            if (cipherNode == null)
            {
                throw new ConfigurationErrorsException(SR.GetString(SR.DPAPI_bad_data));
            }

            XmlNode cipherValue = TraverseToChild(cipherNode, "CipherValue", true);

            if (cipherValue == null)
            {
                throw new ConfigurationErrorsException(SR.GetString(SR.DPAPI_bad_data));
            }

            string encText = cipherValue.InnerText;

            if (encText == null)
            {
                throw new ConfigurationErrorsException(SR.GetString(SR.DPAPI_bad_data));
            }

            string      decText     = DecryptText(encText);
            XmlDocument xmlDocument = new XmlDocument();

            xmlDocument.PreserveWhitespace = true;
            ProtectedConfigurationProvider.LoadXml(xmlDocument, decText);
            return(xmlDocument.DocumentElement);
        }
Пример #27
0
		public void UnprotectSection ()
		{
			protection_provider = null;
		}
Пример #28
0
		public void ProtectSection (string provider)
		{
			protection_provider = ProtectedConfiguration.GetProvider (provider, true);
		}
 public virtual string EncryptSection(string clearTextXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection) {
     return Host.EncryptSection(clearTextXml, protectionProvider, protectedConfigSection);
 }
        private ConfigXmlReader DecryptConfigSection(ConfigXmlReader reader, ProtectedConfigurationProvider protectionProvider) {
            ConfigXmlReader     clone           = reader.Clone();
            IConfigErrorInfo    err             = (IConfigErrorInfo)clone;
            string              encryptedXml    = null;
            string              clearTextXml    = null;
            XmlNodeType         nodeType;

            clone.Read();

            // Save the file and line at the top of the section
            
            string filename = err.Filename;
            int lineNumber = err.LineNumber;
            int sectionLineNumber = lineNumber;

            if (clone.IsEmptyElement) {
                throw new ConfigurationErrorsException(SR.GetString(SR.EncryptedNode_not_found), filename, lineNumber);
            }

            //////////////////////////////////////////////////////////
            // Find the <EncryptedData> node
            for (;;) {
                clone.Read(); // Keep reading till we find a relavant node
                
                nodeType = clone.NodeType;
                
                if (nodeType  == XmlNodeType.Element && clone.Name == "EncryptedData")  { // Found it!
                    break;
                }

                if (nodeType == XmlNodeType.EndElement) {
                    throw new ConfigurationErrorsException(SR.GetString(SR.EncryptedNode_not_found), filename, lineNumber);
                }
                else if (nodeType  != XmlNodeType.Comment && nodeType != XmlNodeType.Whitespace) {
                    // some other unexpected content
                    throw new ConfigurationErrorsException(SR.GetString(SR.EncryptedNode_is_in_invalid_format), filename, lineNumber);
                }
            }

            //////////////////////////////////////////////////////////
            // Do the decryption

            // Save the line at the top of the <EncryptedData> node
            lineNumber = err.LineNumber;

            encryptedXml = clone.ReadOuterXml();
            try {
                clearTextXml = CallHostDecryptSection(encryptedXml, protectionProvider, ProtectedConfig);
            } catch (Exception e) {
                throw new ConfigurationErrorsException(SR.GetString(SR.Decryption_failed, protectionProvider.Name, e.Message), e, filename, lineNumber);
            }
            catch {
                throw new ConfigurationErrorsException(SR.GetString(SR.Decryption_failed, protectionProvider.Name, ExceptionUtil.NoExceptionInformation), filename, lineNumber);
            }

            // Detect if there is any XML left over after <EncryptedData>
            do {
                nodeType = clone.NodeType;
                
                if (nodeType == XmlNodeType.EndElement) {
                    break;
                }
                else if (nodeType  != XmlNodeType.Comment && nodeType != XmlNodeType.Whitespace) {
                    // Got other unexpected content
                    throw new ConfigurationErrorsException(SR.GetString(SR.EncryptedNode_is_in_invalid_format), filename, lineNumber);
                }
            } while (clone.Read());
            
            // Create a new reader, using the position of the original reader
            return new ConfigXmlReader(clearTextXml, filename, sectionLineNumber, true);
        }
Пример #31
0
 public override string EncryptSection(string clearTextXml, ProtectedConfigurationProvider protectionProvider,
     ProtectedConfigurationSection protectedConfigSection)
 {
     return base.EncryptSection(clearTextXml, protectionProvider, protectedConfigSection);
 }
 internal static string DecryptSection(string encryptedXml, ProtectedConfigurationProvider provider)
 {
     XmlDocument document = new XmlDocument();
     document.LoadXml(encryptedXml);
     return provider.Decrypt(document.DocumentElement).OuterXml;
 }
Пример #33
0
 string IInternalConfigHost.EncryptSection(string clearXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedSection)
 {
     return(protectedSection.EncryptSection(clearXml, protectionProvider));
 }
        internal void SetRuntimeConfigurationInformation(BaseConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord) {
            _flags[ Flag_Attached ] = true;

            // factory info
            _configKey          = factoryRecord.ConfigKey;
            _group              = factoryRecord.Group;
            _name               = factoryRecord.Name;
            _typeName           = factoryRecord.FactoryTypeName;
            _allowDefinition    = factoryRecord.AllowDefinition;
            _allowExeDefinition = factoryRecord.AllowExeDefinition;
            _flags[ Flag_AllowLocation            ] = factoryRecord.AllowLocation;
            _flags[ Flag_RestartOnExternalChanges ] = factoryRecord.RestartOnExternalChanges;
            _flags[ Flag_RequirePermission        ] = factoryRecord.RequirePermission;

            if (factoryRecord.IsUndeclared) {
                _flags[ Flag_IsUndeclared             ] = true;
                _flags[ Flag_Declared                 ] = false;
                _flags[ Flag_DeclarationRequired      ] = false;
            }
            else {
                _flags[ Flag_IsUndeclared             ] = false;
                _flags[ Flag_Declared                 ] = configRecord.GetFactoryRecord(factoryRecord.ConfigKey, false) != null;
                _flags[ Flag_DeclarationRequired      ] = configRecord.IsRootDeclaration(factoryRecord.ConfigKey, false);
            }

            // section info
            _flags[ Flag_LocationLocked ]           = sectionRecord.Locked;

            if (sectionRecord.HasFileInput) {
                SectionInput fileInput = sectionRecord.FileInput;

                _flags[ Flag_ProtectionProviderDetermined ] = fileInput.IsProtectionProviderDetermined;
                _protectionProvider                         = fileInput.ProtectionProvider;
                
                SectionXmlInfo sectionXmlInfo = fileInput.SectionXmlInfo;

                _configSource                       = sectionXmlInfo.ConfigSource;
                _configSourceStreamName             = sectionXmlInfo.ConfigSourceStreamName;
                _flags[ Flag_AllowOverride ]        = !sectionXmlInfo.LockChildren;
                _flags[ Flag_InheritInChildApps ]   = !sectionXmlInfo.SkipInChildApps;
                _protectionProviderName             = sectionXmlInfo.ProtectionProviderName;
            }
            else {
                _flags[ Flag_ProtectionProviderDetermined ] = false;
                _protectionProvider = null;
            }

            // element context information
            _configurationSection.AssociateContext( configRecord );
        }
        public void UnprotectSection() {
            VerifyIsEditable();

            _protectionProvider = null;
            _protectionProviderName = null;
            _flags[ Flag_ProtectionProviderDetermined ] = true;
            _modifiedFlags[ Flag_ProtectionProviderModified ] = true;
        }
 protected virtual string CallHostDecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfig) {
     return Host.DecryptSection(encryptedXml, protectionProvider, protectedConfig);
 }
 internal void SetRuntimeConfigurationInformation(BaseConfigurationRecord configRecord, FactoryRecord factoryRecord, SectionRecord sectionRecord)
 {
     this._flags[1] = true;
     this._configKey = factoryRecord.ConfigKey;
     this._group = factoryRecord.Group;
     this._name = factoryRecord.Name;
     this._typeName = factoryRecord.FactoryTypeName;
     this._allowDefinition = factoryRecord.AllowDefinition;
     this._allowExeDefinition = factoryRecord.AllowExeDefinition;
     this._flags[8] = factoryRecord.AllowLocation;
     this._flags[0x10] = factoryRecord.RestartOnExternalChanges;
     this._flags[0x20] = factoryRecord.RequirePermission;
     this._overrideModeDefault = factoryRecord.OverrideModeDefault;
     if (factoryRecord.IsUndeclared)
     {
         this._flags[0x2000] = true;
         this._flags[2] = false;
         this._flags[4] = false;
     }
     else
     {
         this._flags[0x2000] = false;
         this._flags[2] = configRecord.GetFactoryRecord(factoryRecord.ConfigKey, false) != null;
         this._flags[4] = configRecord.IsRootDeclaration(factoryRecord.ConfigKey, false);
     }
     this._flags[0x40] = sectionRecord.Locked;
     this._flags[0x80] = sectionRecord.LockChildren;
     this._flags[0x4000] = sectionRecord.LockChildrenWithoutFileInput;
     if (sectionRecord.HasFileInput)
     {
         SectionInput fileInput = sectionRecord.FileInput;
         this._flags[0x800] = fileInput.IsProtectionProviderDetermined;
         this._protectionProvider = fileInput.ProtectionProvider;
         SectionXmlInfo sectionXmlInfo = fileInput.SectionXmlInfo;
         this._configSource = sectionXmlInfo.ConfigSource;
         this._configSourceStreamName = sectionXmlInfo.ConfigSourceStreamName;
         this._overrideMode = sectionXmlInfo.OverrideModeSetting;
         this._flags[0x100] = !sectionXmlInfo.SkipInChildApps;
         this._protectionProviderName = sectionXmlInfo.ProtectionProviderName;
     }
     else
     {
         this._flags[0x800] = false;
         this._protectionProvider = null;
     }
     this._configurationSection.AssociateContext(configRecord);
 }
 internal static string EncryptSection(string clearXml, ProtectedConfigurationProvider provider) {
     XmlDocument xmlDocument = new XmlDocument();
     xmlDocument.PreserveWhitespace = true;
     xmlDocument.LoadXml(clearXml);
     string sectionName = xmlDocument.DocumentElement.Name;
     XmlNode encNode = provider.Encrypt(xmlDocument.DocumentElement);
     return encNode.OuterXml;
 }
        public override XmlNode Encrypt(XmlNode node)
        {
            XmlDocument  xmlDocument;
            EncryptedXml exml;

            byte[]                   rgbOutput;
            EncryptedData            ed;
            KeyInfoName              kin;
            EncryptedKey             ek;
            KeyInfoEncryptedKey      kek;
            XmlElement               inputElement;
            RSACryptoServiceProvider rsa = GetCryptoServiceProvider(false, false);

            // Encrypt the node with the new key
            xmlDocument = new XmlDocument();
            xmlDocument.PreserveWhitespace = true;
            ProtectedConfigurationProvider.LoadXml(xmlDocument, "<foo>" + node.OuterXml + "</foo>");
            exml         = new EncryptedXml(xmlDocument);
            inputElement = xmlDocument.DocumentElement;

            using (SymmetricAlgorithm symAlg = GetSymAlgorithmProvider()) {
                rgbOutput           = exml.EncryptData(inputElement, symAlg, true);
                ed                  = new EncryptedData();
                ed.Type             = EncryptedXml.XmlEncElementUrl;
                ed.EncryptionMethod = GetSymEncryptionMethod();
                ed.KeyInfo          = new KeyInfo();

                ek = new EncryptedKey();
                ek.EncryptionMethod       = new EncryptionMethod(EncryptedXml.XmlEncRSA15Url);
                ek.KeyInfo                = new KeyInfo();
                ek.CipherData             = new CipherData();
                ek.CipherData.CipherValue = EncryptedXml.EncryptKey(symAlg.Key, rsa, UseOAEP);
            }

            kin       = new KeyInfoName();
            kin.Value = _KeyName;
            ek.KeyInfo.AddClause(kin);
            kek = new KeyInfoEncryptedKey(ek);
            ed.KeyInfo.AddClause(kek);
            ed.CipherData             = new CipherData();
            ed.CipherData.CipherValue = rgbOutput;
            EncryptedXml.ReplaceElement(inputElement, ed, true);

            rsa.Clear();

            // Get node from the document
            foreach (XmlNode node2 in xmlDocument.ChildNodes)
            {
                if (node2.NodeType == XmlNodeType.Element)
                {
                    foreach (XmlNode node3 in node2.ChildNodes) // node2 is the "foo" node
                    {
                        if (node3.NodeType == XmlNodeType.Element)
                        {
                            return(node3); // node3 is the "EncryptedData" node
                        }
                    }
                }
            }
            return(null);
        }
 protected override string CallHostDecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfig) {
     // Decrypt should always succeed in runtime.  (VSWhidbey 429996)
     // Need to override in order to Assert before calling the base class method.
     return base.CallHostDecryptSection(encryptedXml, protectionProvider, protectedConfig);
 }
Пример #41
0
 string IInternalConfigHost.DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedSection)
 {
     return(protectedSection.DecryptSection(encryptedXml, protectionProvider));
 }
Пример #42
0
 protected override string CallHostDecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfig)
 {
     // Decrypt should always succeed in runtime.  (VSWhidbey 429996)
     // Need to override in order to Assert before calling the base class method.
     return(base.CallHostDecryptSection(encryptedXml, protectionProvider, protectedConfig));
 }
 protected override string CallHostDecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfig)
 {
     return(base.CallHostDecryptSection(encryptedXml, protectionProvider, protectedConfig));
 }
		string IInternalConfigHost.EncryptSection (string clearXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedSection)
		{
			return protectedSection.EncryptSection (clearXml, protectionProvider);
		}
 public override string EncryptSection(string clearTextXmlString, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection)
 {
     return this.CallEncryptOrDecrypt(true, clearTextXmlString, protectionProvider, protectedConfigSection);
 }
Пример #46
0
 public override string DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider,
     ProtectedConfigurationSection protectedConfigSection)
 {
     return base.DecryptSection(encryptedXml, protectionProvider, protectedConfigSection);
 }
 public void ProtectSection(string provider)
 {
     protection_provider = ProtectedConfiguration.GetProvider(provider, true);
 }
 public void UnprotectSection()
 {
     protection_provider = null;
 }
		string IInternalConfigHost.DecryptSection (string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedSection)
		{
			return protectedSection.DecryptSection (encryptedXml, protectionProvider);
		}
 public virtual string DecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfigSection) {
     return Host.DecryptSection(encryptedXml, protectionProvider, protectedConfigSection);
 }
 internal static string DecryptSection(string encryptedXml, ProtectedConfigurationProvider provider) {
     XmlDocument doc = new XmlDocument();
     doc.LoadXml(encryptedXml);
     XmlNode resultNode = provider.Decrypt(doc.DocumentElement);
     return resultNode.OuterXml;
 }
 protected override string CallHostDecryptSection(string encryptedXml, ProtectedConfigurationProvider protectionProvider, ProtectedConfigurationSection protectedConfig) {
     return base.CallHostDecryptSection(encryptedXml, protectionProvider, protectedConfig);
 }
 public void ProtectSection(string protectionProvider)
 {
     ProtectedConfigurationProvider protectionProviderFromName = null;
     this.VerifyIsEditable();
     if (!this.AllowLocation || (this._configKey == "configProtectedData"))
     {
         throw new InvalidOperationException(System.Configuration.SR.GetString("Config_not_allowed_to_encrypt_this_section"));
     }
     if (this._configRecord == null)
     {
         throw new InvalidOperationException(System.Configuration.SR.GetString("Must_add_to_config_before_protecting_it"));
     }
     if (string.IsNullOrEmpty(protectionProvider))
     {
         protectionProvider = this._configRecord.DefaultProviderName;
     }
     protectionProviderFromName = this._configRecord.GetProtectionProviderFromName(protectionProvider, true);
     this._protectionProviderName = protectionProvider;
     this._protectionProvider = protectionProviderFromName;
     this._flags[0x800] = true;
     this._modifiedFlags[0x80000] = true;
 }
        // method to cause a section to be protected using the specified provider
        public void ProtectSection(string protectionProvider) {
            ProtectedConfigurationProvider protectedConfigurationProvider = null;

            VerifyIsEditable();

            // Do not encrypt sections that will be read by a native reader.
            // These sections are be marked with allowLocation=false.
            // Also, the configProtectedData section cannot be encrypted!
            if (!AllowLocation || _configKey == BaseConfigurationRecord.RESERVED_SECTION_PROTECTED_CONFIGURATION) {
                throw new InvalidOperationException(SR.GetString(SR.Config_not_allowed_to_encrypt_this_section));
            }

            if (_configRecord != null) {
                if (String.IsNullOrEmpty(protectionProvider)) {
                    protectionProvider = _configRecord.DefaultProviderName;
                }

                protectedConfigurationProvider = _configRecord.GetProtectionProviderFromName(protectionProvider, true);
            }
            else {
                throw new InvalidOperationException(SR.GetString(SR.Must_add_to_config_before_protecting_it));
            }

            _protectionProviderName = protectionProvider;
            _protectionProvider = protectedConfigurationProvider;

            _flags[ Flag_ProtectionProviderDetermined ] = true;
            _modifiedFlags[ Flag_ProtectionProviderModified ] = true;
        }
 public void UnprotectSection()
 {
     this.VerifyIsEditable();
     this._protectionProvider = null;
     this._protectionProviderName = null;
     this._flags[0x800] = true;
     this._modifiedFlags[0x80000] = true;
 }
 public CloudConfigCryptoController(ProtectedConfigurationProvider provider)
 {
     _provider = provider;
 }