Ensuring the security of sensitive data, such as connection strings or API keys, stored in configuration files like appsettings.json is crucial for any application. In this blog post, we'll explore how to encrypt and decrypt values in appsettings.json using ASP.NET Core, providing end-to-end code examples and explanations.
Step 1: Create a .NET Core Web Application: Begin by creating a new ASP.NET Core web application in Visual Studio or through the command line:
dotnet new web -n MyApp
cd MyApp
Step 2: Install Required Packages:
To encrypt and decrypt values, we'll use the System.Security.Cryptography namespace. Ensure the following package is installed:
dotnet add package System.Security.Cryptography.ProtectedDataStep 3: Implement Encryption and Decryption Logic: Create a helper class to handle encryption and decryption operations:
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
public class EncryptionHelper
{
private const string entropy = "YourEntropyValue";
public static string Encrypt(string plainText)
{
byte[] plainBytes = Encoding.UTF8.GetBytes(plainText);
byte[] encryptedBytes = ProtectedData.Protect(plainBytes, Encoding.UTF8.GetBytes(entropy), DataProtectionScope.CurrentUser);
return Convert.ToBase64String(encryptedBytes);
}
public static string Decrypt(string encryptedText)
{
byte[] encryptedBytes = Convert.FromBase64String(encryptedText);
byte[] plainBytes = ProtectedData.Unprotect(encryptedBytes, Encoding.UTF8.GetBytes(entropy), DataProtectionScope.CurrentUser);
return Encoding.UTF8.GetString(plainBytes);
}
}
Step 4: Encrypt AppSettings.json Values:
In your appsettings.json, encrypt sensitive values using the Encrypt method:{ "AppSettings": { "ConnectionString": "#{EncryptedConnectionString#}" } }Step 5: Decrypt AppSettings.json Values at Runtime: Decrypt the encrypted values during application startup and replace placeholders:
using Microsoft.Extensions.Configuration; public class Startup { public IConfiguration Configuration { get; } public Startup(IConfiguration configuration) { Configuration = configuration; DecryptAppSettings(); } private void DecryptAppSettings() { var encryptedConnectionString = Configuration["AppSettings:ConnectionString"]; if (encryptedConnectionString.StartsWith("#{EncryptedConnectionString#}")) { Configuration["AppSettings:ConnectionString"] = EncryptionHelper.Decrypt(encryptedConnectionString.Substring(23)); } } }Step 6: Use Decrypted Values in Your Application: Now, you can safely use the decrypted values in your application:
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.DependencyInjection; public class Startup { public IConfiguration Configuration { get; } public Startup(IConfiguration configuration) { Configuration = configuration; DecryptAppSettings(); } private void DecryptAppSettings() { var encryptedConnectionString = Configuration["AppSettings:ConnectionString"]; if (encryptedConnectionString.StartsWith("#{EncryptedConnectionString#}")) { Configuration["AppSettings:ConnectionString"] = EncryptionHelper.Decrypt(encryptedConnectionString.Substring(23)); } } public void ConfigureServices(IServiceCollection services) { // Use decrypted values var connectionString = Configuration["AppSettings:ConnectionString"]; services.AddDbContext<MyDbContext>(options => options.UseSqlServer(connectionString)); } }Conclusion: Encrypting and decrypting sensitive values in appsettings.json ensures the security of your application's configuration data. By following the steps outlined in this guide, you can seamlessly integrate encryption and decryption logic into your ASP.NET Core application, safeguarding sensitive information from unauthorized access.
Comments
Post a Comment