Click here to Skip to main content
15,884,176 members
Search within:


Articles / Web Development / ASP.NET
 

Enhanced and Secure Connection Strings in Web.Config

Rate me:
Please Sign up or sign in to vote.
2.25/5 (28 votes)
25 Jan 2003CPOL2 min read 150.3K   1.9K   61  
Here we would discuss some simple steps, which would facilitate keeping our database connection strings safe and encrypted in Web.Config.
 
using System;
using System.Security;
using System.Security.Cryptography;

namespace Deepak.Cryptography
{
	using System; 
	using System.IO; 
	using System.Xml; 
	using System.Text; 
	using System.Security.Cryptography; 

	public class Cryptography
	{

		/// <summary>
		///    Decrypts  a particular string with a specific Key
		/// </summary>
		public static string Decrypt( string stringToDecrypt, string sEncryptionKey) 
		{
			byte[] key = {}; 
			byte[] IV = {10, 20, 30, 40, 50, 60, 70, 80}; 
			byte[] inputByteArray = new byte[stringToDecrypt.Length]; 
			try 
			{ 
				key = Encoding.UTF8.GetBytes(sEncryptionKey.Substring(0,8)); 
				DESCryptoServiceProvider des = new DESCryptoServiceProvider(); 
				inputByteArray = Convert.FromBase64String(stringToDecrypt); 
				MemoryStream ms = new MemoryStream(); 
				CryptoStream cs = new CryptoStream(ms, des.CreateDecryptor(key, IV), CryptoStreamMode.Write); 
				cs.Write(inputByteArray, 0, inputByteArray.Length); 
				cs.FlushFinalBlock(); 
				Encoding encoding = Encoding.UTF8 ; 
				return encoding.GetString(ms.ToArray()); 
			} 
			catch (System.Exception ex) 
			{ 
			   return (string.Empty);
			} 
		} 

		/// <summary>
		///   Encrypts  a particular string with a specific Key
		/// </summary>
		/// <param name="stringToEncrypt"></param>
		/// <param name="sEncryptionKey"></param>
		/// <returns></returns>
		public static string Encrypt( string stringToEncrypt, string sEncryptionKey) 
		{
			byte[] key = {}; 
			byte[] IV = {10, 20, 30, 40, 50, 60, 70, 80}; 
			byte[] inputByteArray; //Convert.ToByte(stringToEncrypt.Length) 

			try 
			{ 
				key = Encoding.UTF8.GetBytes(sEncryptionKey.Substring(0,8)); 
				DESCryptoServiceProvider des = new DESCryptoServiceProvider(); 
				inputByteArray = Encoding.UTF8.GetBytes(stringToEncrypt); 
				MemoryStream ms = new MemoryStream(); 
				CryptoStream cs = new CryptoStream(ms, des.CreateEncryptor(key, IV), CryptoStreamMode.Write); 
				cs.Write(inputByteArray, 0, inputByteArray.Length); 
				cs.FlushFinalBlock(); 
				return Convert.ToBase64String(ms.ToArray()); 
			} 
			catch (System.Exception ex) 
			{ 
				return (string.Empty);
			} 
		} 
	} 
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Vasudevan Deepak Kumar
Software Developer
India India
Vasudevan Deepak Kumar is from Chennai, India who has been in the programming career since 1994, when he was 15 years old. He has his Bachelors of Engineering (in Computer Science and Engineering) from Vellore Engineering College. He also has a MBA in Systems from Alagappa University, Karaikudi, India.
He started his programming career with GWBasic and then in his college was involved in developing programs in Fortran, Cobol, C++. He has been developing in Microsoft technologies like ASP, SQLServer 2000.
His current focus is ASP.NET, C#, VB.NET, PHP, SQL Server and MySQL. In his past-time, he listens to polite Carnatic Music. But the big question is that with his current Todolist backlog, does he get some past time?

Comments and Discussions

Permalink
Advertise
Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Posted 25 Jan 2003

Article Copyright 2003 by Vasudevan Deepak Kumar
Everything else Copyright © CodeProject, 1999-2024

Web02 2.8:2024-04-02:1