Posts

....
Technical Blog for .NET Developers ©

Tuesday, January 15, 2013

Encryption of the Connection String

To see the whole process of encriptyon, we will create a new application, will add it a new data source and finally we will encrypt its App.Config section



The created connection string will be stored in the App.config file 



     
    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>
        <configSections>
        </configSections>
        <connectionStrings>
            <add name="Encryption.Properties.Settings.BUSINESSConnectionString"
                connectionString="Data Source=METHOD-PC;Initial Catalog=BUSINESS;
                Persist Security Info=True;User ID=sa;Password=***"
                providerName="System.Data.SqlClient" />
        </connectionStrings>
    </configuration>


Now we will program a function with the only aim of encrypting the connection strings section 

     
    static uint encryptConnectionString()
    {
        try
        {
            Configuration config;
            config = ConfigurationManager.OpenExeConfiguration(ConfigurationUserLevel.None);
            config.ConnectionStrings.SectionInformation.ProtectSection(null);
            config.Save();

            Console.WriteLine("Encryption Succeeded");
            return 1;
        }
        catch (Exception ex)
        {
            Console.WriteLine("Encryption Error: " + ex.Message);
            return 0;
        }
    }


Now run the program with an administrator account



The encrypted section will still to be readable from the program, but if we open the app.config from any text processor, the result will be the following 

     
    <?xml version="1.0" encoding="utf-8" ?>
    <configuration>
        <configSections>
        </configSections>
        <connectionStrings configProtectionProvider="RsaProtectedConfigurationProvider">
            <EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element"
                xmlns="http://www.w3.org/2001/04/xmlenc#">
                <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
                <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                    <EncryptedKey xmlns="http://www.w3.org/2001/04/xmlenc#">
                        <EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
                        <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                            <KeyName>Rsa Key</KeyName>
                        </KeyInfo>
                        <CipherData>
                            <CipherValue>UXZP4hcmgnrleCwGuRzpigvJ</CipherValue>
                        </CipherData>
                    </EncryptedKey>
                </KeyInfo>
                <CipherData>
                    <CipherValue>uG2JUaE+Rq3ggcx5oUxJtGWwwAZcxo6SwS96Ro2Pgz1/U5</CipherValue>
                </CipherData>
            </EncryptedData>
        </connectionStrings>
    </configuration>


The encryption algorithm used in this example is RSA (Rivest, Shamir, and Adleman) a public key cryptography system developed in 1977. It is the first and most widely used algorithm of this type and it is valid to both encrypt and digitally sign

<METHOD SOFTWARE © 2013>
Publicado por
Etiquetas: ,