Solved

how encrypt connection string in asp.net 3.5

Posted on 2009-05-19
4
2,620 Views
Last Modified: 2013-01-30
Hi
how encrypt connection string in asp.net 3.5
0
Comment
Question by:ram27
4 Comments
 
LVL 7

Assisted Solution

by:kGenius
kGenius earned 100 total points
ID: 24425323
Maybe this article can help you: http://www.codeproject.com/KB/aspnet/webconfig.aspx

jaan
0
 
LVL 9

Assisted Solution

by:tetorvik
tetorvik earned 100 total points
ID: 24425448
encryting with aspnet_regiis.exe see the section ("Using the aspnet_regiis.exe Command-Line Tool") at the bottom of this link:
http://www.4guysfromrolla.com/articles/021506-1.aspx
0
 
LVL 21

Accepted Solution

by:
Tapan Pattanaik earned 200 total points
ID: 24425533
hi ram27,
               check these links

Programmatically Encrypt and Decrypt Configuration Sections in web.config using ASP.NET 3.5

http://www.dotnetcurry.com/ShowArticle.aspx?ID=185&AspxAutoDetectCookieSupport=1


====================
How To: Encrypt Configuration Sections in ASP.NET 2.0:

http://msdn.microsoft.com/en-us/library/ms998280.aspx

Encrypting Configuration Information in ASP.NET 2.0 Applications :


http://www.4guysfromrolla.com/articles/021506-1.aspx

Encrypt Connection Strings AppSettings and Web.Config in ASP.NET 2.0 - Security Best Practices:

http://davidhayden.com/blog/dave/archive/2005/11/17/2572.aspx

Encryption of Connection Strings Inside the Web.config in ASP.NET 2.0 :

http://www.codeproject.com/KB/aspnet/webconfig.aspx
0
 
LVL 3

Assisted Solution

by:techprocess
techprocess earned 100 total points
ID: 24450174
add the Code in a Code File in the app_code folder.

then use
strint str= Cryptography.Encrypt("your Connection string");
and put str in your web.config file...

Now whenever you want to decrept... just use
Cryptography.Decrypt(str);


using System;
using System.Security.Cryptography;
using System.IO;
using System.Text;
 
 
 
 
    public class Cryptography
    {
        #region "Varible declaration"
        readonly static String passPhrase = "(`!M@#I*#L&$I^%.N:a;D#^)/";
        readonly static String saltValue = "/(:;A.`>~!M*@;&#I^^$%N%)";
        readonly static String hashAlgorithm = "SHA1";
        readonly static Int32 passwordIterations = 101;
        readonly static String initVector = "$MjHyUhVvGcTreM$";
        readonly static Int32 keySize = 256;
        #endregion
 
        public Cryptography() { }
 
        #region "internal Static Decryption Method."
 
		public static String Decrypt(string Value)
        {
            byte[] keyBytes, cipherTextBytes, saltValueBytes, initVectorBytes;
            PasswordDeriveBytes Password;
            RijndaelManaged symmetricKey = new RijndaelManaged();
            MemoryStream MemoryStream;
            ICryptoTransform Decryptor;
            CryptoStream cryptoStream;
            int decryptedByteCount;
            string DecVal;
            byte[] plainTextBytes = new byte[1];
            try
            {
                initVectorBytes = Encoding.ASCII.GetBytes(initVector);
                saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
                cipherTextBytes = Convert.FromBase64String(Value);
                Password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, passwordIterations);
                keyBytes = Password.GetBytes(keySize / 8);
                symmetricKey.Mode = CipherMode.CBC;
                Decryptor = symmetricKey.CreateDecryptor(keyBytes, initVectorBytes);
                MemoryStream = new MemoryStream(cipherTextBytes);
                cryptoStream = new CryptoStream(MemoryStream, Decryptor, CryptoStreamMode.Read);
                Array.Resize(ref plainTextBytes, cipherTextBytes.Length);
                decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
                MemoryStream.Close();
                cryptoStream.Close();
                DecVal = Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount);
            }
            catch (Exception ex)
            {
                throw new Exception("<center><font color=red><h2>" + ex.Message + "</h2></font></center>");
            }
            return DecVal.ToString();
        }
        #endregion
 
        #region "internal Static Encryption Method."
 
		public static String Encrypt(string Value)
        {
            string EncVal;
            byte[] cipherTextBytes, keyBytes, plainTextBytes, initVectorBytes, saltValueBytes;
            PasswordDeriveBytes Password;
            ICryptoTransform Encryptor;
            CryptoStream cryptoStream;
            RijndaelManaged symmetricKey = new RijndaelManaged();
            MemoryStream memoryStream = new MemoryStream();
            try
            {
                initVectorBytes = Encoding.ASCII.GetBytes(initVector);
                saltValueBytes = Encoding.ASCII.GetBytes(saltValue);
                plainTextBytes = Encoding.UTF8.GetBytes(Value);
                Password = new PasswordDeriveBytes(passPhrase, saltValueBytes, hashAlgorithm, passwordIterations);
                keyBytes = Password.GetBytes(keySize / 8);
                symmetricKey.Mode = CipherMode.CBC;
                Encryptor = symmetricKey.CreateEncryptor(keyBytes, initVectorBytes);
                cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
                cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
                cryptoStream.FlushFinalBlock();
                cipherTextBytes = memoryStream.ToArray();
                memoryStream.Close();
                cryptoStream.Close();
                EncVal = Convert.ToBase64String(cipherTextBytes);
            }
            catch (Exception ex)
            {
                throw new Exception("<center><font color=red><h2>" + ex.Message + "</h2></font></center>");
            }
            return EncVal.ToString();
        }
        #endregion
    }

Open in new window

0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
convert html to string 6 38
Obtain cell value using column ID in DataGrid using VB.NET 2 25
jquery + C#.net radiobuttonlist 3 30
How to repeat the data 4 17
Lots of people ask this question on how to extend the “MembershipProvider” to make use of custom authentication like using existing database or make use of some other way of authentication. Many blogs show you how to extend the membership provider c…
Problem Hi all,    While many today have fast Internet connection, there are many still who do not, or are connecting through devices with a slower connect, so light web pages and fast load times are still popular.    If your ASP.NET page …
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question