using System.Collections.Specialized; using System.Runtime.Versioning; using System.Security.Cryptography; using System.Text; using System.Xml; namespace System.Configuration { [SupportedOSPlatform("windows")] public sealed class DpapiProtectedConfigurationProvider : ProtectedConfigurationProvider { private bool _useMachineProtection = true; private string _keyEntropy; public bool UseMachineProtection => _useMachineProtection; public override XmlNode Decrypt(XmlNode encryptedNode) { if (encryptedNode.NodeType != XmlNodeType.Element || encryptedNode.Name != "EncryptedData") throw new ConfigurationErrorsException(System.SR.DPAPI_bad_data); XmlNode xmlNode = TraverseToChild(encryptedNode, "CipherData", false); if (xmlNode == null) throw new ConfigurationErrorsException(System.SR.DPAPI_bad_data); XmlNode xmlNode2 = TraverseToChild(xmlNode, "CipherValue", true); if (xmlNode2 == null) throw new ConfigurationErrorsException(System.SR.DPAPI_bad_data); string innerText = xmlNode2.InnerText; if (innerText == null) throw new ConfigurationErrorsException(System.SR.DPAPI_bad_data); string xml = DecryptText(innerText); XmlDocument xmlDocument = new XmlDocument(); xmlDocument.PreserveWhitespace = true; xmlDocument.LoadXml(xml); return xmlDocument.DocumentElement; } public override XmlNode Encrypt(XmlNode node) { string outerXml = node.OuterXml; string str = EncryptText(outerXml); string str2 = "<EncryptedData><CipherData><CipherValue>"; string str3 = "</CipherValue></CipherData></EncryptedData>"; string xml = str2 + str + str3; XmlDocument xmlDocument = new XmlDocument(); xmlDocument.PreserveWhitespace = true; xmlDocument.LoadXml(xml); return xmlDocument.DocumentElement; } private string EncryptText(string clearText) { if (clearText == null || clearText.Length < 1) return clearText; byte[] userData = PrepareDataBlob(clearText); byte[] optionalEntropy = PrepareDataBlob(_keyEntropy); byte[] inArray = ProtectedData.Protect(userData, optionalEntropy, UseMachineProtection ? DataProtectionScope.LocalMachine : DataProtectionScope.CurrentUser); return Convert.ToBase64String(inArray); } private string DecryptText(string encText) { if (encText == null || encText.Length < 1) return encText; byte[] encryptedData = Convert.FromBase64String(encText); byte[] optionalEntropy = PrepareDataBlob(_keyEntropy); byte[] bytes = ProtectedData.Unprotect(encryptedData, optionalEntropy, UseMachineProtection ? DataProtectionScope.LocalMachine : DataProtectionScope.CurrentUser); return Encoding.Unicode.GetString(bytes); } public override void Initialize(string name, NameValueCollection configurationValues) { base.Initialize(name, configurationValues); _useMachineProtection = GetBooleanValue(configurationValues, "useMachineProtection", true); _keyEntropy = configurationValues["keyEntropy"]; configurationValues.Remove("keyEntropy"); if (configurationValues.Count > 0) throw new ConfigurationErrorsException(System.SR.Format(System.SR.Unrecognized_initialization_value, configurationValues.GetKey(0))); } private static XmlNode TraverseToChild(XmlNode node, string name, bool onlyChild) { foreach (XmlNode childNode in node.ChildNodes) { if (childNode.NodeType == XmlNodeType.Element) { if (childNode.Name == name) return childNode; if (onlyChild) return null; } } return null; } private static byte[] PrepareDataBlob(string s) { if (s == null) return Array.Empty<byte>(); return Encoding.Unicode.GetBytes(s); } private static bool GetBooleanValue(NameValueCollection configurationValues, string valueName, bool defaultValue) { string text = configurationValues[valueName]; if (text == null) return defaultValue; configurationValues.Remove(valueName); if (text == "true") return true; if (text == "false") return false; throw new ConfigurationErrorsException(System.SR.Format(System.SR.Config_invalid_boolean_attribute, valueName)); } } }