I'm working on my first .net project using .net 4, mvc4 and entity framework. The project is an api for an iOS application.
Unfortunately one of the requirements is that the project be delivered in a zip file with the connection strings pre-encrypted. This would be straight forward using aspnet_regiis except that I have no access to the server, am not allowed to do key exchange and encrypt on first run is also unacceptable to the client. I can however package any dlls I like in the app.
I have pointed out to the client that this only gives the illusion of security since I will have to pack the decrypt code in the app, to no avail.
So now I am trying to figure out how to pre-encrypt the connection strings in web.config in the simplest most straight forward manner. I've searched both here and via google and while I believe that I will need to create a custom provider and encrypt with aspnet_regiis I would really appreciate guidance from the community.