Solved

how encrypt connection string in asp.net 3.5

Posted on 2009-05-19
4
2,616 Views
Last Modified: 2013-01-30
Hi
how encrypt connection string in asp.net 3.5
0
Comment
Question by:ram27
4 Comments
 
LVL 7

Assisted Solution

by:kGenius
kGenius earned 100 total points
ID: 24425323
Maybe this article can help you: http://www.codeproject.com/KB/aspnet/webconfig.aspx

jaan
0
 
LVL 9

Assisted Solution

by:tetorvik
tetorvik earned 100 total points
ID: 24425448
encryting with aspnet_regiis.exe see the section ("Using the aspnet_regiis.exe Command-Line Tool") at the bottom of this link:
http://www.4guysfromrolla.com/articles/021506-1.aspx
0
 
LVL 21

Accepted Solution

by:
Tapan Pattanaik earned 200 total points
ID: 24425533
hi ram27,
               check these links

Programmatically Encrypt and Decrypt Configuration Sections in web.config using ASP.NET 3.5

http://www.dotnetcurry.com/ShowArticle.aspx?ID=185&AspxAutoDetectCookieSupport=1


====================
How To: Encrypt Configuration Sections in ASP.NET 2.0:

http://msdn.microsoft.com/en-us/library/ms998280.aspx

Encrypting Configuration Information in ASP.NET 2.0 Applications :


http://www.4guysfromrolla.com/articles/021506-1.aspx

Encrypt Connection Strings AppSettings and Web.Config in ASP.NET 2.0 - Security Best Practices:

http://davidhayden.com/blog/dave/archive/2005/11/17/2572.aspx

Encryption of Connection Strings Inside the Web.config in ASP.NET 2.0 :

http://www.codeproject.com/KB/aspnet/webconfig.aspx
0
 
LVL 3

Assisted Solution

by:techprocess
techprocess earned 100 total points
ID: 24450174
add the Code in a Code File in the app_code folder.

then use
strint str= Cryptography.Encrypt("your Connection string");
and put str in your web.config file...

Now whenever you want to decrept... just use
Cryptography.Decrypt(str);


using System;

using System.Security.Cryptography;

using System.IO;

using System.Text;
 
 
 
 

    public class Cryptography

    {

        #region "Varible declaration"

        readonly static String passPhrase = "(`!M@#I*#L&$I^%.N:a;D#^)/";

        readonly static String saltValue = "/(:;A.`>~!M*@;&#I^^$%N%)";

        readonly static String hashAlgorithm = "SHA1";

        readonly static Int32 passwordIterations = 101;

        readonly static String initVector = "$MjHyUhVvGcTreM$";

        readonly static Int32 keySize = 256;

        #endregion
 

        public Cryptography() { }
 

        #region "internal Static Decryption Method."
 

		public static String Decrypt(string Value)

        {

            byte[] keyBytes, cipherTextBytes, saltValueBytes, initVectorBytes;

            PasswordDeriveBytes Password;

            RijndaelManaged symmetricKey = new RijndaelManaged();

            MemoryStream MemoryStream;

            ICryptoTransform Decryptor;

            CryptoStream cryptoStream;

            int decryptedByteCount;

            string DecVal;

            byte[] plainTextBytes = new byte[1];

            try

            {

                initVectorBytes = Encoding.ASCII.GetBytes(initVector);

                saltValueBytes = Encoding.ASCII.GetBytes(saltValue);

                cipherTextBytes = Convert.FromBase64String(Value);

                Password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, passwordIterations);

                keyBytes = Password.GetBytes(keySize / 8);

                symmetricKey.Mode = CipherMode.CBC;

                Decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);

                MemoryStream = new MemoryStream(cipherTextBytes);

                cryptoStream = new CryptoStream(MemoryStream, Decryptor, CryptoStreamMode.Read);

                Array.Resize(ref plainTextBytes, cipherTextBytes.Length);

                decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);

                MemoryStream.Close();

                cryptoStream.Close();

                DecVal = Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);

            }

            catch (Exception ex)

            {

                throw new Exception("<center><font color=red><h2>" + ex.Message + "</h2></font></center>");

            }

            return DecVal.ToString();

        }

        #endregion
 

        #region "internal Static Encryption Method."
 

		public static String Encrypt(string Value)

        {

            string EncVal;

            byte[] cipherTextBytes, keyBytes, plainTextBytes, initVectorBytes, saltValueBytes;

            PasswordDeriveBytes Password;

            ICryptoTransform Encryptor;

            CryptoStream cryptoStream;

            RijndaelManaged symmetricKey = new RijndaelManaged();

            MemoryStream memoryStream = new MemoryStream();

            try

            {

                initVectorBytes = Encoding.ASCII.GetBytes(initVector);

                saltValueBytes = Encoding.ASCII.GetBytes(saltValue);

                plainTextBytes = Encoding.UTF8.GetBytes(Value);

                Password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, passwordIterations);

                keyBytes = Password.GetBytes(keySize / 8);

                symmetricKey.Mode = CipherMode.CBC;

                Encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);

                cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);

                cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);

                cryptoStream.FlushFinalBlock();

                cipherTextBytes = memoryStream.ToArray();

                memoryStream.Close();

                cryptoStream.Close();

                EncVal = Convert.ToBase64String(cipherTextBytes);

            }

            catch (Exception ex)

            {

                throw new Exception("<center><font color=red><h2>" + ex.Message + "</h2></font></center>");

            }

            return EncVal.ToString();

        }

        #endregion

    }

Open in new window

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Two different visual studio versions 3 22
Syntax Error 2 43
Help with C#, MVC, razor. 6 21
IIS issues - Convert to Application - APS.NET v4.0 3 19
In .NET 2.0, Microsoft introduced the Web Site.  This was the default way to create a web Project in Visual Studio 2005.  In Visual Studio 2008, the Web Application has been restored as the default web Project in Visual Studio/.NET 3.x The Web Si…
International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.
A short film showing how OnPage and Connectwise integration works.

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now