In this article I will explain how to encrypt and save AppSetting values in Web.Config or App.Config files and then fetch decrypt the encrypted AppSetting values in ASP.Net or Windows Application using C# and VB.Net.
The AppSetting values will be first encrypted using AES Symmetric key (Same key) algorithm and then the AppSetting values will be saved in Web.Config or App.Config files. When using it in program, the AppSetting values will be first fetched and then decrypted using AES Algorithm using the same key which was used for encryption.
 
Namespaces
You will need to import the following namespaces.

C#
using System.IO;
using System.Xml;
using System.Text;
using System.Configuration;
using System.Security.Cryptography;
 
VB.Net
Imports System.IO
Imports System.Xml
Imports System.Text
Imports System.Configuration
Imports System.Security.Cryptography
 
 
AES Algorithm Encryption and Decryption functions
Below are the functions for Encryption and Decryption which will be used for the Encrypting or Decrypting QueryString Parameter Values.
Note: The following functions have been explained in the article AES Encryption Decryption (Cryptography) Tutorial with example in ASP.Net using C# and VB.Net
 
 
AppSetting Key
The following AppSetting key will be used for encryption
<add key="Name" value="Mudassar Khan" />
 
 
Encrypting AppSetting Value
The following function is used to encrypt AppSetting value in Web.Config or App.Config file. This function accepts the name of the AppSetting Key as parameter. It first reads the Web.Config file using XmlDocument and the node is traversed using the name of the AppSetting key. Then from the node the AppSetting value is extracted, it is encrypted and then value set again and the Web.Config file is saved.
C#
private void EncryptAppSetting(string key)
{
    string path = Server.MapPath("~/Web.Config");
    XmlDocument doc = new XmlDocument();
    doc.Load(path);
    XmlNodeList list = doc.DocumentElement.SelectNodes(string.Format("appSettings/add[@key='{0}']", key));
 
    if (list.Count == 1)
    {
        XmlNode node = list[0];
        string value = node.Attributes["value"].Value;
        node.Attributes["value"].Value = Encrypt(value);
        doc.Save(path);
    }
}
 
private string Encrypt(string clearText)
{
    string EncryptionKey = "MAKV2SPBNI99212";
    byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
            {
                cs.Write(clearBytes, 0, clearBytes.Length);
                cs.Close();
            }
            clearText = Convert.ToBase64String(ms.ToArray());
        }
    }
    return clearText;
}
 
VB.Net
Private Sub EncryptAppSetting(key As String)
    Dim path As String = Server.MapPath("~/Web.Config")
    Dim doc As New XmlDocument()
    doc.Load(path)
    Dim list As XmlNodeList = doc.DocumentElement.SelectNodes(String.Format("appSettings/add[@key='{0}']", key))
 
    If list.Count = 1 Then
        Dim node As XmlNode = list(0)
        Dim value As String = node.Attributes("value").Value
        node.Attributes("value").Value = Encrypt(value)
        doc.Save(path)
    End If
End Sub
 
Private Function Encrypt(clearText As String) As String
    Dim EncryptionKey As String = "MAKV2SPBNI99212"
    Dim clearBytes As Byte() = Encoding.Unicode.GetBytes(clearText)
    Using encryptor As Aes = Aes.Create()
        Dim pdb As New Rfc2898DeriveBytes(EncryptionKey, New Byte() {&H49, &H76, &H61, &H6E, &H20, &H4D, _
         &H65, &H64, &H76, &H65, &H64, &H65, _
         &H76})
        encryptor.Key = pdb.GetBytes(32)
        encryptor.IV = pdb.GetBytes(16)
        Using ms As New MemoryStream()
            Using cs As New CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write)
                cs.Write(clearBytes, 0, clearBytes.Length)
                cs.Close()
            End Using
            clearText = Convert.ToBase64String(ms.ToArray())
        End Using
    End Using
    Return clearText
End Function
 
The EncryptAppSetting function syntax and usage
C#
this.EncryptAppSetting("Name");
 
VB.Net
Me.EncryptAppSetting("Name")
 
 
Encrypted AppSetting Key
Below is the updated value of the AppSetting key after Encryption is performed.
<add key="Name" value="J1i3VC4bVM/6svrgUor9V8y4gvfGlR6W5mtk2wspmIs=" />
 
 
Decrypting AppSetting Value
The Decryption is lot simpler, you simply need to fetch the Encrypted AppSetting value using ConfigurationManager AppSettings method and then pass it as parameter to the following Decrypt function.
C#
private string Decrypt(string cipherText)
{
    string EncryptionKey = "MAKV2SPBNI99212";
    byte[] cipherBytes = Convert.FromBase64String(cipherText);
    using (Aes encryptor = Aes.Create())
    {
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
        encryptor.Key = pdb.GetBytes(32);
        encryptor.IV = pdb.GetBytes(16);
        using (MemoryStream ms = new MemoryStream())
        {
            using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
            {
                cs.Write(cipherBytes, 0, cipherBytes.Length);
                cs.Close();
            }
            cipherText = Encoding.Unicode.GetString(ms.ToArray());
        }
    }
    return cipherText;
}
 
VB.Net
Private Function Decrypt(cipherText As String) As String
    Dim EncryptionKey As String = "MAKV2SPBNI99212"
    Dim cipherBytes As Byte() = Convert.FromBase64String(cipherText)
    Using encryptor As Aes = Aes.Create()
        Dim pdb As New Rfc2898DeriveBytes(EncryptionKey, New Byte() {&H49, &H76, &H61, &H6E, &H20, &H4D, _
         &H65, &H64, &H76, &H65, &H64, &H65, _
         &H76})
        encryptor.Key = pdb.GetBytes(32)
        encryptor.IV = pdb.GetBytes(16)
        Using ms As New MemoryStream()
            Using cs As New CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write)
                cs.Write(cipherBytes, 0, cipherBytes.Length)
                cs.Close()
            End Using
            cipherText = Encoding.Unicode.GetString(ms.ToArray())
        End Using
    End Using
    Return cipherText
End Function
 
The Decrypt function syntax and usage
C#
string name = Decrypt(ConfigurationManager.AppSettings["Name"]);
 
VB.Net
Dim name As String = Decrypt(ConfigurationManager.AppSettings("Name"))
 
 
Downloads