C#: Need for help on encrypting connection string in app.config and save it there and decrypting it and use?
I need help on encrypting connection strin开发者_开发问答g in app.config
and save it there and decrypt it for use.
You can use aspnet_regiis.exe -pef
for that.
See Encrypting the connection string in ASP.NET V2.0
and Encrypting Web.Config Values in ASP.NET 2.0 articles for further explanations.
If you want to do protection manually, you can use class ProtectedData
. Some code:
class ConnectionStringProtector
{
readonly byte[] _salt = new byte[] { 1, 2, 3, 4, 5, 6 }; // Random values
readonly Encoding _encoding = Encoding.Unicode;
readonly DataProtectionScope _scope = DataProtectionScope.LocalMachine;
public string Unprotect(string str)
{
var protectedData = Convert.FromBase64String(str);
var unprotected = ProtectedData.Unprotect(protectedData, _salt, _scope);
return _encoding.GetString(unprotected);
}
public string Protect(string unprotectedString)
{
var unprotected = _encoding.GetBytes(unprotectedString);
var protectedData = ProtectedData.Protect(unprotected, _salt, _scope);
return Convert.ToBase64String(protectedData);
}
}
here's a simple test:
static void Main(string[] args)
{
var originalConnectionString = "original string";
var protector = new ConnectionStringProtector();
var protectedString = protector.Protect(originalConnectionString);
Console.WriteLine(protectedString);
Console.WriteLine();
var unprotectedConnectionString = protector.Unprotect(protectedString);
Console.WriteLine(unprotectedConnectionString);
Console.WriteLine("Press ENTER to finish");
Console.ReadLine();
}
Further to @Li0liQ's comment, you can use the command line program that comes with the .NET Framework 2.0+ aspnet_regiis
. Check out the MSDN documentation here
精彩评论