Storing an encrypted string in a database

https://stackoverflow.com/questions/18422490

c#
encryption
ado.net
securestring

26-06-2022
|

题

I need to store the passwords of X.509 certificates in a database. But there's a problem: I can't hash the passwords, so I need to store them in encrypted form.

How can I do this without explicit encryption and decryption?

Also, is it possible to store a SecureString with ADO.NET?

解决方案

No, SecureString no. It's just a pointer to the actual protected memory address, tied up to the Windows DPAPI. Whatever you do will always require some kind of coding.

If your are using MS SQL, you can have the encryption tasks right there: Encrypting by passphrase, symmetric keys or asymmetric keys.

Take a look at: http://blog.sqlauthority.com/2009/04/28/sql-server-introduction-to-sql-server-encryption-and-symmetric-key-encryption-tutorial-with-script/

or you might want to take a look at this great book: http://www.apress.com/9781430224648

许可以下： CC-BY-SA 和归因

不隶属于 StackOverflow