views:

87

answers:

2

What is the best way to automate the encryption of my c#.net application configuration file without interfering with the normal operations of the application?

A: 

If you create seperate functions to encrypt and decrypt a file, as explained here, rather than trying to incorproate it into the existing routines, then you can simply call the decryption routine before loading the file (i.e. at the top of the "Load" function) and call the encryption routine after saving it (i.e. just before returning from the "Save" function).

jheriko
+2  A: 
  • Here is Microsoft's recommendation.
  • Don't encrypt the whole file, obviously. Just encrypt sensitive data like DB connection strings.
  • You should consider encrypting only the /configuration/appSettings/add[@value] parts.
  • Use your favorite System.Security.Cryptography class.
  • Don't forget that this is a text file so convert binary to hex (e.g. \n => 0A)
Glenn
devstuff