Storing an encrypted string in a database

Question

I need to store the passwords of X.509 certificates in a database. But there's a problem: I can't hash the passwords, so I need to store them in encrypted form.

How can I do this without explicit encryption and decryption?

Also, is it possible to store a SecureString with ADO.NET?

That is not what I want, I want to store encrypted strings in a database without explicit encryption or decryption. — Knerd, Aug 24 '13 at 19:58
What are the certificates being used for? Perhaps there is a solution that would allow you to store/use the certificates without needing the password at all. — Scott Chamberlain, Aug 25 '13 at 00:08

score 2 · Accepted Answer · answered Aug 24 '13 at 22:41

No, SecureString no. It's just a pointer to the actual protected memory address, tied up to the Windows DPAPI. Whatever you do will always require some kind of coding.

If your are using MS SQL, you can have the encryption tasks right there: Encrypting by passphrase, symmetric keys or asymmetric keys.

Take a look at: http://blog.sqlauthority.com/2009/04/28/sql-server-introduction-to-sql-server-encryption-and-symmetric-key-encryption-tutorial-with-script/

or you might want to take a look at this great book: http://www.apress.com/9781430224648

Storing an encrypted string in a database

1 Answers1