Using the cryptography enterprise library application block
am 04.04.2008 15:50:01 von BrianNielsen
Hi
I'm trying to use the Cryptography application block within a web
application and have encountered a problem that I hope you can help resolve.
1. When I create a key file through "Enterprise Library Configuration", I
select e.g the 3DES provider and goes through the wizard of creating a key.
A part of the wizard wants to further enhance security by encrypting the key
either in "User mode" or "Machine mode", using the currently logged in user
to encrypt the key or some machine information to encrypt the key.
If I select "User mode", does this mean that the only person that can
encrypt/decrypt data using this key, is the user that created the key because
the key have been encrypted using that user credentials?
If so, how can I make the Cryptographic application block use a key that
anyone have access to and can use?
And how do I create this key?
I hope my questions make sense to you :-)
Regards
Brian Braad Nielsen
Re: Using the cryptography enterprise library application block
am 04.04.2008 17:42:32 von NoSpamMgbworld
Not necessarily. It will restrict the data to the process as the "user" in
question is generally the process ASP.NET is running under. Both machine
mode and user mode keys are already created by .NET.
I have not delved deeply into Ent Lib, so I cannot answer the best way to
set up the Crypto block. If you want more info on what is going on
underneath the hood, look up the Data Protection API (DPAPI). You will
likely find clues there.
For the EntLib, I would consider looking at the following:
http://msdn2.microsoft.com/en-us/library/aa480453.aspx
--
Gregory A. Beamer
MVP, MCP: +I, SE, SD, DBA
Subscribe to my blog
http://gregorybeamer.spaces.live.com/lists/feed.rss
or just read it:
http://gregorybeamer.spaces.live.com/
*************************************************
| Think outside the box!
|
*************************************************
"Brian Nielsen" wrote in message
news:F99F23F0-81A0-4397-95DC-9D5A7B1F3AEE@microsoft.com...
> Hi
>
> I'm trying to use the Cryptography application block within a web
> application and have encountered a problem that I hope you can help
> resolve.
>
> 1. When I create a key file through "Enterprise Library Configuration", I
> select e.g the 3DES provider and goes through the wizard of creating a
> key.
> A part of the wizard wants to further enhance security by encrypting the
> key
> either in "User mode" or "Machine mode", using the currently logged in
> user
> to encrypt the key or some machine information to encrypt the key.
>
> If I select "User mode", does this mean that the only person that can
> encrypt/decrypt data using this key, is the user that created the key
> because
> the key have been encrypted using that user credentials?
>
> If so, how can I make the Cryptographic application block use a key that
> anyone have access to and can use?
>
> And how do I create this key?
>
>
> I hope my questions make sense to you :-)
>
> Regards
>
> Brian Braad Nielsen