C#: Need for help on encrypting connection string in app.config and save it there and decrypting it and use?

Question

I need help on encrypting connection string in app.config and save it there and decrypt it for use.

Answer 1

If you want to do protection manually, you can use class ProtectedData. Some code:

class ConnectionStringProtector
{
    readonly byte[] _salt = new byte[] { 1, 2, 3, 4, 5, 6 };  // Random values
    readonly Encoding _encoding = Encoding.Unicode;
    readonly DataProtectionScope _scope = DataProtectionScope.LocalMachine;

    public string Unprotect(string str)
    {
        var protectedData = Convert.FromBase64String(str);
        var unprotected = ProtectedData.Unprotect(protectedData, _salt, _scope);
        return _encoding.GetString(unprotected);
    }

    public string Protect(string unprotectedString)
    {
        var unprotected = _encoding.GetBytes(unprotectedString);
        var protectedData = ProtectedData.Protect(unprotected, _salt, _scope);
        return Convert.ToBase64String(protectedData);
    }
}

here's a simple test:

static void Main(string[] args)
{
    var originalConnectionString = "original string";

    var protector = new ConnectionStringProtector();

    var protectedString = protector.Protect(originalConnectionString);
    Console.WriteLine(protectedString);
    Console.WriteLine();

    var unprotectedConnectionString = protector.Unprotect(protectedString);
    Console.WriteLine(unprotectedConnectionString);

    Console.WriteLine("Press ENTER to finish");
    Console.ReadLine();
}

Answer 2

Further to @Li0liQ's comment, you can use the command line program that comes with the .NET Framework 2.0+ aspnet_regiis. Check out the MSDN documentation here

Answer 3

You can use aspnet_regiis.exe -pef for that.
See Encrypting the connection string in ASP.NET V2.0 and Encrypting Web.Config Values in ASP.NET 2.0 articles for further explanations.