added de and encryption of config files

[chaostrichter]

The config files of the server system will be encrypted with an AES function.

[dbeuchler]

The encryption mechanism should be fully configurable, including the encryption key, which must not be hardcoded.

To achieve this, it might be better to implement a new version of ConfigManager rather than modifying the existing one. Since AddMoryxKernel and UseMoryxConfigurations are responsible for registering the IConfigManager for the process, they could be adjusted to support this new implementation.

Note: The configuration directory is already adjustable, which aligns well with this approach.

[dbeuchler]

After discussing with @1nf0rmagician, we’ve identified two possible approaches to address the current issue.

---

Option 1: Solve in Application

Handle password management directly in your application by:

• Removing passwords from configuration files
• Using environment variables, or
• Implementing a helper class that retrieves passwords from a secret manager (e.g., Windows Credential Manager). The Meziantou.Framework.Win32 package could help you with a one-liner.

---

Option 2: Simple change in ConfigManager

Since Runtime 3 is no longer supported, no new features should be implemented for it. In this case, the ConfigManager was not changed during last releases, so when a simple cherry-pick is possible in the supported versions, this should be fine.

Extend the ConfigManager to support password retrieval from external sources like environment variables if:

• The property is decorated with PasswordAttribute
• The value is empty
• A specific condition is met

---