18

Could somebody please do a rundown of how to programmatically encrypt a config-file in .NET, preferably in C#.

What I would like to do is do some kind of check on an application's startup to see if a section is unprotected, and if it is, then encrypt it. This for both settings and connection-strings.

Also if anyone could list the types of encryption-providers and what is the difference between them.

I don't know if the code for doing this in a normal WinForms-application is transparent to doing this in ASP.NET.

Chris
  • 6,761
  • 6
  • 52
  • 67
Seb Nilsson
  • 26,200
  • 30
  • 103
  • 130

5 Answers5

13

To summarize the answers and what I've found so far, here are some good links to answer this question:

Please feel free to complement with other links, maybe some to WinForms- or WPF-applications.

T.J. Crowder
  • 1,031,962
  • 187
  • 1,923
  • 1,875
Seb Nilsson
  • 26,200
  • 30
  • 103
  • 130
4

There is a good article from 4 guys about Encrypting Configuration Information in ASP.NET 2.0 Applications

Hope this helps

Espo
  • 41,399
  • 21
  • 132
  • 159
3

The solution at below site working fine for me.

http://www.a2zmenu.com/Blogs/CSharp/How-to-encrypt-configuration-file.aspx

Aviator007
  • 31
  • 1
1

@TK: a hashing algo can only be 'guessed', not reverse engineered. One can only reconstruct the input to a hash value by completely guessing the input (apart from collisions, that is) This can be done by a rainbow crack for example (see an implementation of a rainbow cracker here)

I would say that a 3rd party encryption tool is not safer than the .NET framework encryption algorithms, these libraries just help you doing your job faster

ArjanZuidhof
  • 146
  • 2
  • 5
0

I haven't used it myself, but the Microsoft Enterprise library has good encryption support that will possibly suit your needs:

http://msdn.microsoft.com/en-us/library/cc309503.aspx

DAC
  • 1,769
  • 1
  • 20
  • 32