Show Table of Contents

The following example explains how to use CipherLite.NET to encrypt and decrypt data.

Overview

Consider an application that needs to keep a sensitive setting in the application configuration file. We will use DPAPI with machine-specific key to encrypt and decrypt data. Please be aware that while this option takes care of the key management issue, it also allows any application running on the server to decrypt data.

Encrypt

Launch the CipherLite.NET GUI tool on the machine where the application will run. In the Encryption tab, do the following:

  1. Check the Advanced option.
  2. From the Encrypt date using drop-down box, select the DPAPI (machine key ...) option.
  3. You can specify secondary entropy, but then you would need to pass to the decryption routine. Leave it -- along with description -- blank for now.
  4. Choose the preferred Ciphertext encoding option.
  5. Enter plain text in the Plaintext field, and click the Encrypt button:

Encrypt using DPAPI with machine key

Copy the encrypted value to the clipboard.

Back to top

Copy

Open your application's configuration (.config) file and paste the encrypted value from the clipboard to the appropriate appSettings section as shown below (in this example, the appSettings element is called secret):

...
<?xml version="1.0" encoding="utf-8" ?>
<configuration>

  <appSettings>
    <add key="secret" value="010000000d08c..." />
  </appSettings>
  
</configuration>

Back to top

Decrypt

Add a reference to the CipherLite.dll file to your project (by default, a copy of the DLL is installed in the C:\Program Files\Obviex\CipherSafe folder), and use code similar to the following:

//
// C# example
//
using System.Configuration;
using Obviex.CipherLite;
...
try
{
    // Get hex-encoded ciphertext value.
    string configValue = ConfigurationSettings.AppSettings["secret"];

    // Convert hex-encoded value to byte array.
    byte[] cipherText = Encoder.HexDecode(configValue);

    // Decrypt value using DPAPI.
    string secret = Dpapi.Decrypt(cipherText);

    // Use decrypted value.
    ...
}
catch (Exception ex)
{
    // Process exception.
}

'
' Visual Basic.NET example
'
Imports System.Configuration
Imports Obviex.CipherLite
...
Try
    ' Get hex-encoded ciphertext value.
    Dim configValue As String
    configValue = ConfigurationSettings.AppSettings("secret")

    ' Convert hex-encoded value to byte array.
    Dim cipherText As Byte()
    cipherText = Encoder.HexDecode(configValue)

    ' Decrypt value using DPAPI.
    Dim secret As String
    secret = Dpapi.Decrypt(cipherText)

    ' Use decrypted connection value.
    ...
Catch ex As Exception
    ' Process exception.
End Try

Back to top