L
Lee
I'm completely new to Encryption and Security in .NET (and programming
in general) and I'm trying to secure a private RSA key. Currently I'm
using a key container to store the key. I want to know that only the
creator can open the container. Will this always be the default case
(I thought it wasn't for an administrator on WinXP w/ server '03 as in
my case) or do I need to specify access rights?
What would I need to add to the basic (code below) to ensure that the
container is persisted on the machine and only the creator can open
this container? (I'm writing this in VB 2005)
Dim CSP As New CspParameters(1)
CSP.KeyContainerName = strCSPContainerName
Dim RSA As New RSACryptoServiceProvider(CSP)
I figured I need to make an instance of CryptoKeySecurity but I'm not
really sure how to use it and can't find any helpful documentation. If
I do something like this:
Dim RULES As New CryptoKeySecurity
Dim TEMP As New CryptoKeyAccessRule(My.User.Name,
CryptoKeyRights.FullControl, AccessControlType.Allow)
RULES.AddAccessRule(TEMP)
CSP.CryptoKeySecurity = RULES
Would that be the only access rule (I'm sure I wouldn't use
FullControl), does that even make sense, and how could I say everyone
else is denied (if needed)? If setting CryptoKeySecurity isn't the way
to go, how should I approach this?
This has to be through VB code, not changing default local settings etc
and can't use anything 3rd party.
in general) and I'm trying to secure a private RSA key. Currently I'm
using a key container to store the key. I want to know that only the
creator can open the container. Will this always be the default case
(I thought it wasn't for an administrator on WinXP w/ server '03 as in
my case) or do I need to specify access rights?
What would I need to add to the basic (code below) to ensure that the
container is persisted on the machine and only the creator can open
this container? (I'm writing this in VB 2005)
Dim CSP As New CspParameters(1)
CSP.KeyContainerName = strCSPContainerName
Dim RSA As New RSACryptoServiceProvider(CSP)
I figured I need to make an instance of CryptoKeySecurity but I'm not
really sure how to use it and can't find any helpful documentation. If
I do something like this:
Dim RULES As New CryptoKeySecurity
Dim TEMP As New CryptoKeyAccessRule(My.User.Name,
CryptoKeyRights.FullControl, AccessControlType.Allow)
RULES.AddAccessRule(TEMP)
CSP.CryptoKeySecurity = RULES
Would that be the only access rule (I'm sure I wouldn't use
FullControl), does that even make sense, and how could I say everyone
else is denied (if needed)? If setting CryptoKeySecurity isn't the way
to go, how should I approach this?
This has to be through VB code, not changing default local settings etc
and can't use anything 3rd party.