Configuration Protector

Overview

The Configuration Protector is a developer tool designed to simplify the task of encrypting and decrypting configuration file sections during application development. When a configuration section has been encrypted using a defined protected configuration provider the .Net Framework will automatically decrypt it at run time. However, whilst developing an application you may need to make changes to the settings in an encrypted section, to add a new value, update an existing value or delete an existing value. To make changes such as these you will have to manually decrypt the section, make the change or changes and then encrypt the section again.

The Configuration Protector provides a graphical user interface that enables configuration sections to be encrypted and decrypted using a point and click technique that reduces typing and therefore mistakes and speeds up the whole process. Once you have specified a configuration file you can leave the Configuration Protector open whilst you are working on your application and return to it to decrypt and then re-encrypt a configuration section in seconds.

In addition to providing a simple and intuitive user interface for encrypting and decrypting configuration file sections the Configuration Protector also provides a graphical user interface for managing RSA key containers and their keys.

.Net Framework Version

The Configuration Protector targets .Net Framework version 2.0 and requires, at least, this version to operate successfully.

Running Configuration Protector

As a developer tool the Configuration Protector performs actions that will not, typically, be permitted when running under a standard user account. For example, the Configuration Protector needs to be able to load a configuration file and update it's settings, it also provides functionality to work with RSA key containers and their keys. Therefore, the account under which the Configuration Protector is running will, typically, need to be an administrator account or an account with similar elevated permissions.

Features

The Configuration Protector's main features are as follows:

• Encrypts and decrypts configuration section data in app.config and web.config files.
• Encrypts and decrypts configuration section data using the RSA and DPAPI protected configuration providers defined in the machine.config file when the .Net Framework is installed.
• Encrypts and decrypts configuration section data using the RSA and DPAPI protected configuration providers with custom attributes defined in the machine.config, app.config or web.config file.
• Encrypts and decrypts configuration section data using a custom protected configuration provider developed by yourself or by a third party and defined in the machine.config, app.config or web.config file.
• Define custom attributes for the RSA and DPAPI protected configuration providers and save the provider definition to the app.config or web.config file.
• Define the attributes of a custom protected configuration provider, developed by yourself or a third party and save the custom provider definition to the app.config or web.config file.
• Specify the properties of a machine-level RSA key container. Create a machine-level RSA key container with a generated public/private key pair.
• Specify an RSA key container, user or group account and required access permission. Add the user or group account access permission to an RSA key container.
• Specify an RSA key container and user or group account. Remove the user or group account access permission from an RSA key container.
• Specify an RSA key container and export key file. Export the public and optionally the private key from an RSA key container to an XML key file.
• Specify an RSA key container and import key file. Import the public and optionally the private key from an XML key file into an RSA key container.
• Specify a machine-level RSA key container. Delete a machine-level RSA key container.