Different ways to encrypt and decrypt database connection string within configuration in C#
What is Encryption and Decryption ?
Encryption involves transforming a regular message (plaintext) into an incomprehensible message (Ciphertext), while Decryption is the process of reversing this, converting the Ciphertext back into its original form (Plaintext). The key difference between encryption and decryption lies in the conversion of a message into an unintelligible form that remains indecipherable until decrypted, and decryption is the retrieval of the original message from the encrypted data.
1.ChustaSoft Open-Source community
This tool allows to encrypt configuration sections on app.settings files, and decrypt the information in runtime adding those configuration as a singleton inside the application.
Here are the steps to accomplish it:
1. Install ChustaSoft.Tools.SecureConfig package via NuGet Package manager
2. Setup a private key in a secure way (ie: as a environment variable), SecureConfig will use it for encrypt and decrypt the settings files
3. Create a Settings object inside the project, should match the section that will be encrypted
Add the AppSettings section in all the different environment appsettings
1. At Program.cs
var settings = builder.SetUpSecureConfig<AppSettings>(testApikey);
// [...] More stuff
// After build called from WebApplicationBuilder
// [...] More stuff
app.EncryptSettings<AppSettings>();
Example: Encryption and Decryption using Chustasoft Open Sourcecommunity
2.RSA CRYPTOGRAPHY
RSA, a widely used asymmetric encryption algorithm, involves the generation of a public-private key pair, where the private key is employed for decryption, while the public key is utilized for encryption purposes. This algorithm provides secure communication, facilitates digital signatures, and supports key exchange. Its security is dependent on the difficulty of factoring large numbers.
Here are the steps to accomplish it:
1. Create an RSA public/private keypair
2. Transmit the public key (or for proof of concept, just move it in a string variable)
3. Create a new RSA crypto and encrypt a connection string with the public key
4. Transmit the encrypted connection string (or data) back to the original crypto and decrypt the connection string
using System.Security.Cryptography;
using System.Text;
using System.Xml.Serialization;
namespace ConsoleApp4
{
public class RsaEncrytion
{
private static RSACryptoServiceProvider csp = new RSACryptoServiceProvider(2048);
private RSAParameters _privateKey;
private RSAParameters _publicKey;
public RsaEncrytion()
{
_privateKey = csp.ExportParameters(true);
_publicKey = csp.ExportParameters(false);
}
public string GetPublicKey()
{
var sw = new StringWriter();
var xs = new XmlSerializer(typeof(RSAParameters));
xs.Serialize(sw,_publicKey);
return sw.ToString();
}
public string Encrypt(string plainText)
{
csp = new RSACryptoServiceProvider();
csp.ImportParameters(_publicKey);
var data = Encoding.Unicode.GetBytes(plainText);
var cypher = csp.Encrypt(data, false);
return Convert.ToBase64String(cypher);
}
public string Decrypt(string cypherText)
{
var dataBytes = Convert.FromBase64String(cypherText);
csp.ImportParameters(_privateKey);
var plainText = csp.Decrypt(dataBytes, false);
return Encoding.Unicode.GetString(plainText);
}
class Program
{
static void Main(string[] args)
{
RsaEncrytion rsa = new RsaEncrytion();
string cypher = string.Empty;
Console.WriteLine($"Public Key: {rsa.GetPublicKey()} \n");
Console.WriteLine("enter your text to encrypt");
var text = Console.ReadLine();
if(!string.IsNullOrEmpty(text))
{
cypher = rsa.Encrypt(text);
Console.WriteLine($"Encrypted Text: {cypher}");
}
Console.WriteLine("press any key to decrypt text");
Console.ReadLine();
var plainText = rsa.Decrypt(cypher);
Console.WriteLine($"Decrypted Message :{plainText}");
Console.ReadLine();
}
}
}
}
PS : Please be aware that there are numerous methods available for conducting independent research. I've highlighted two approaches to streamline your efforts and enhance your knowledge.
Comments
Post a Comment