Crypto.R.Us

The work on Paladin's connection string protection is finally done. Thanks to Softwaremaker who contributed his valueable time to come up with sample codes and researched on ways to generate secret keys for the encryption/decryption.

Developers can now protect their connection strings from prying eyes in the .config file when using Paladin with a new tool called CSEncrypt. They can define Connection Decryption Keys (CDK) and keep them within their application. The framework will generate a pair of irreversible keys for the encryption/decryption. The task of protecting the CDK will be the responsibility of the developer.

The connection string in the config file will look something like the following:

engine="mssql" encrypted="true" connectionString="WqRgnXenbovjJ0MXHnWDcXP0Od/ejkkEqn/Zg"/>

To decrypt the connection, the following line is required:

Paladin.Configuration.DatabaseSectionHandler
.ConnectionDecryptKey = "MySecretKey";

In the Entity class, just put the following line in the constructor:

base.ConnectionName = "encrypted";
// where 'encrypted' is the name defined in the .config file.

That's all to it!

P.S. This feature will be publicly available in the 0.8.8 release.