How to securely store a connection string in a WinForms application?

by

Simply , the .net framework allows you to do that , see

http://msdn.microsoft.com/en-us/library/89211k9b(v=vs.80).aspx

Relevant information:

This goes into the machine.config file:

<configProtectedData defaultProvider="RsaProtectedConfigurationProvider">
  <providers>
    <add name="RsaProtectedConfigurationProvider" 
      type="System.Configuration.RsaProtectedConfigurationProvider, ... />
    <add name="DataProtectionConfigurationProvider" 
      type="System.Configuration.DpapiProtectedConfigurationProvider, ... />
  </providers>
</configProtectedData>

And this is the application code:

Shared Sub ToggleConfigEncryption(ByVal exeConfigName As String)
    ' Takes the executable file name without the
    ' .config extension.
    Try
        ' Open the configuration file and retrieve 
        ' the connectionStrings section.
        Dim config As Configuration = ConfigurationManager. _
            OpenExeConfiguration(exeConfigName)

        Dim section As ConnectionStringsSection = DirectCast( _
            config.GetSection("connectionStrings"), _
            ConnectionStringsSection)

        If section.SectionInformation.IsProtected Then
            ' Remove encryption.
            section.SectionInformation.UnprotectSection()
        Else
            ' Encrypt the section.
            section.SectionInformation.ProtectSection( _
              "DataProtectionConfigurationProvider") 'this is an entry in machine.config
        End If

        ' Save the current configuration.
        config.Save()

        Console.WriteLine("Protected={0}", _
        section.SectionInformation.IsProtected)

    Catch ex As Exception
        Console.WriteLine(ex.Message)
    End Try
End Sub

UPDATE 1

Thanks @wpcoder, for this link

More Related Contents:

  1. When would I need a SecureString in .NET?
  2. Encrypting connectionStrings section – utility for app.config
  3. Encrypting appSettings in web.config
  4. For Each Loop in Visual Basic: IndexOutOfRangeException [closed]
  5. Override Authorize Attribute in ASP.NET MVC
  6. “There is already an open DataReader…” Reuse or Dispose DB Connections?
  7. How do you parse an HTML in vb.net
  8. The proper way to dispose Excel com object using VB.NET?
  9. “Items collection must be empty before using ItemsSource.”
  10. Searching values via a datagridview
  11. Getting the path of the current assembly
  12. What is the difference between Dim v As String() and Dim v() As String?
  13. AES interoperability between .Net and iPhone?
  14. How can I make a single event handler handle ALL Button.Click events?
  15. How do I shuffle and deal cards one at a time to players?
  16. Analyze colors of an Image
  17. Secure Password Hashing [closed]
  18. Pass Command Line to first instance of a Single Instance App
  19. Sorting a Data Table
  20. Start a Task in the Form Shown event
  21. How to convert SecureString to System.String?
  22. WCF error: The caller was not authenticated by the service
  23. VB.NET: impossible to use Extension method on System.Object instance
  24. How to find the main() entry point in a VB.Net winforms app?
  25. How do I find out which control has focus in .NET Windows Forms?
  26. App.config connection string relative path
  27. Why doesn’t doubleclick event fire after mouseDown event on same element fires?
  28. Is “Code Access Security” of any real world use?
  29. String manipulation with & or + in VB.NET
  30. Memory randomization as application security enhancement?

Leave a Comment