4

I am writing a Windows Forms application for public distribution that utilizes a cloud database. I need to encrypt the connection string in the published app.config file. I am using Entity Framework and .net 4.5 for this project. From what I've read (and it may be wrong), EF does not automatically decrypt connection strings. How do I accomplish that?

Daniel A. White
  • 187,200
  • 47
  • 362
  • 445
Payton Byrd
  • 956
  • 1
  • 12
  • 27
  • possible duplicate of [Entity Framework Encrypt Connection String](http://stackoverflow.com/questions/1335413/entity-framework-encrypt-connection-string) – Daniel A. White Oct 01 '13 at 18:51
  • 3
    Clearly not a duplicate. I'm asking about Windows Forms, not ASP.Net. – Payton Byrd Oct 01 '13 at 18:59
  • @PaytonByrd the concept is the same. – Daniel A. White Oct 01 '13 at 19:09
  • 3
    @DanielA.White yes but running `aspnet_regiis` (which is what the only answer for that question says to do) is not a option if you are not using IIS. – Scott Chamberlain Oct 01 '13 at 19:11
  • @DanielA.White But the answer is completely different. – Mathew Thompson Oct 01 '13 at 19:11
  • 1
    Guys, please understand that I'm NOT using ASP.Net, which means there's not any automatic decryption by the web server. If you read the articles posted here and in the other "answer" it clearly states that the solution is for ASP.Net. **I AM NOT USING ASP.NET** – Payton Byrd Oct 01 '13 at 19:12
  • See this link might be useful, http://stackoverflow.com/questions/2203578/encrypting-sections-and-or-settings-in-an-app-config-file-that-will-be-redistrib – Bearcat9425 Oct 01 '13 at 19:49
  • Following some links from Bearcat9425 I see how to do the cryptography to encrypt and decrypt the data. The issue is that by default the default constructor for entity context looks for the connection string key and passes that to it's base class's constructor. So, I've found that if I change the code generated by the designer to pass a connection string instead of the name of a connection string from the default constructor that I can use a normal encryption technique to get the encryption string. While I was in there I went ahead and created a singleton to hold the connection string. – Payton Byrd Oct 01 '13 at 20:09
  • `aspnet_regiis` comes with the .net framework. – Daniel A. White Oct 01 '13 at 20:21
  • @Daniel A White - How does encrypting the connection string with aspnet_regiis relate to a Windows Forms application? – Payton Byrd Oct 01 '13 at 20:26
  • @PaytonByrd you still have not answered my question, "Who are you protecting the connection string from?", other users on the same computer, someone getting a dump of the setting file and copying it to another computer, or the user of the computer itself? – Scott Chamberlain Oct 01 '13 at 21:07
  • I"m protecting the username and password from hackers. I'm using string obfusacation on the code so that the strings are not sitting in the assemblies unencrypted. I was hoping app.config would be easy but I've moved the security to a couple of classes in the assembly to spread out the data. – Payton Byrd Oct 02 '13 at 15:16

2 Answers2

0

You should use Windows authentication. If you give the users an encrypted connection string and expect them to pass it back unencrypted then you have to give them the means to decrypt basically the public key which is a security no no. You may be able to encrypt the string in the file and have the application pass it up to a WCF or REST service that holds the private key, decrypts, establishes connection to the database, and makes the query to the database. But that still makes the encrypted value as good as a password. This is why you need to use windows authentication so the user can provide his credentials and you authorize them. That way you can control who is accessing the database and the user is the only person with access to their password (theoretically anyhow).

This is also why ASP.Net has this functionality and WinForm apps don't ASP.Net apps run in a controlled server environment where they can have access to a private key without sharing it with the world.

Van
  • 17
  • 2
  • Windows authentication is impossible. This is a public application hitting a central database, not an internally distributed app. – Payton Byrd Oct 02 '13 at 15:13
-2

To expand on my comments to make it an answer, you can use aspnet_regiis. Rename your app.config to web.config, then follow the steps described in

Encrypting sections and-or settings in an App.config file that will be redistributed

After it is done, rename the file back.

Community
  • 1
  • 1
Daniel A. White
  • 187,200
  • 47
  • 362
  • 445
  • 1
    This method requires that same machine key is used on all clients. So this method does not really protect connection string data. – Alexander Taran Oct 02 '13 at 11:30