CODEWITHSUNDEEP
c#configurationencryptionrsa
Michael Dausmann
Michael Dausmann

Reputation: 4540

ProtectSection with RsaProtectedConfigurationProvider where does the Key go?

I am using System.Configuration to encrypt and protect some passwords in a custom configuration section vis:-.

static public void SetPassAndProtectSection(string newPassword)
{

    // Get the current configuration file.
    System.Configuration.Configuration config =
        ConfigurationManager.OpenExeConfiguration(
        ConfigurationUserLevel.None);


    // Get the section.
    MyAppProtectedSection section = 
        (MyAppProtectedSection)config.GetSection(DEFAULT_SECTION_NAME);

    section.DBPassword = newPassword;

    // Protect (encrypt)the section.
    section.SectionInformation.ProtectSection("RsaProtectedConfigurationProvider");

    // Save the encrypted section.
    section.SectionInformation.ForceSave = true;

    config.Save(ConfigurationSaveMode.Full);
}

This appears to work fine but I need some extra information for my documentation.

Where is the Key stored?

How long is the Key?

Upvotes: 11

Views: 6478

Answers (2)

Mutation Person
Mutation Person

Reputation: 30500

I had a scenario where I needed to grant a local service account access to the RsaProtectedConfigurationProvider key on a Windows 2012 server.

In the end, granting access on C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys did the trick.

Upvotes: 1

h0b0
h0b0

Reputation: 1869

User level keys are stored at

\Documents and Settings{UserName}\Application Data\Microsoft\Crypto\RSA

Machine-level keys at

\Documents and Settings\All Users\Application Data\Microsoft\Crypto\RSA\MachineKeys

Yours is a user-level key.

Upvotes: 10

Related Questions