Geek Answers Handbook

How to set key size for RSAProtectedConfigurationProvider from code

My application has the ability to protect the selected configuration file. This is done using the SectionInformation.ProtectSection method for the specified section of the loaded Configuration . I am using the standard RsaProtectedConfigurationProvider provider.

The code is pretty simple - very similar to the example on MSDN .

Can I set the key size to be used by the provider? As I know, the standard for RSA is 1024. I need to set it to 2048 or more.

Similar can be done using the -size command line option when we use asp_regiis.exe . But I need to do this from code. Perhaps there is a way to configure RsaProtectedConfigurationProvider or pre-create the key and somehow insert it into the default keystore, so the next use of SectionInformation.ProtectSection catch it ...

Thanks for any tips or examples.

+6
source share
1 answer

RSAProtectedConfigurationProvider provides two different methods. One of them is called AddKey , which can be used to create a key inside the container. If you mark a key as exportable, you can use the ExportKey method later to capture that key and save it somewhere else.

If you already have an existing key, you can use the ImportKey method. It will accept an XML block similar to the one coming out of ExportKey .

RSAProtectedConfigurationProvider uses the default container name NetFrameworkConfigurationKey if not specified. So, if you pre-create your key and add it to this container, the provider should pick it up when you use it.

 // Same properties as .NET uses to load the key CspParameters csp = new CspParameters(); csp.KeyContainerName = "NetFrameworkConfigurationKey"; csp.KeyNumber = 1; csp.ProviderType = 1; // Create the new key, and save it in the key store rsa = new RSACryptoServiceProvider(2048, csp); rsa.PersistKeyInCsp = true; rsa.Clear();
+1
source

More articles:


All Articles