tags:

views:

622

answers:

2
Q: 

ProtectSection with RsaProtectedConfigurationProvider where does the Key go?

I am using System.Configuration to encrypt and protect some passwords in a custom configuration section vis:-.

static public void SetPassAndProtectSection(string newPassword)
{

    // Get the current configuration file.
    System.Configuration.Configuration config =
        ConfigurationManager.OpenExeConfiguration(
        ConfigurationUserLevel.None);


    // Get the section.
    MyAppProtectedSection section = 
        (MyAppProtectedSection)config.GetSection(DEFAULT_SECTION_NAME);

    section.DBPassword = newPassword;

    // Protect (encrypt)the section.
    section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");

    // Save the encrypted section.
    section.SectionInformation.ForceSave = true;

    config.Save(ConfigurationSaveMode.Full);
}

This appears to work fine but I need some extra information for my documentation.

Where is the Key stored?

How long is the Key?

Michael

+1  A: 

User level keys are stored at

\Documents and Settings{UserName}\Application Data\Microsoft\Crypto\RSA

Machine-level keys at

\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

Yours is a user-level key.

h0b0  2009-08-05 10:34:17
Thanks h0b0 I checked it out and that is correct. I was a little shocked to discover that the machine level keys location has a default access of 'everyone..read'. I'm thinking that I will need to use the user level keys because in my case the user of the key is a windows service that runs as a specific account. Thanks for your response.
Michael Dausmann  2009-08-07 06:36:20
A: 

Dear, How can i force the ProtectSection("RsaProtectedConfigurationProvider") to use my own created RSAKeyContainer that i generate by aspnet_regiis.exe tool?

Thanks..

 2009-08-26 12:55:51
sounds like a 'Dorothy Dix' question to me Samar but.. You need to create a custom configuration provider. this is from my App.config...<configProtectedData defaultProvider="MyCustomRsaProtectedConfigurationProvider"> <providers> <add name="MyCustomRsaProtectedConfigurationProvider"... etcand then use 'MyCustomRsaProtectedConfigurationProvider' in your code instead of 'RsaProtectedConfigurationProvider'
Michael Dausmann  2009-09-02 02:20:34

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?