dpapi

How to scale SignalR using Azure Worker Role and OWIN

*爱你&永不变心* 提交于 2019-12-12 14:09:43
问题 SignalR scales fabulously using Azure Web Roles. However, when I use a self-hosted OWIN project inside an Azure Worker Role, SignalR will begin to exhibit problems when multiple instances are added. For the record, my project uses Redis for the backplane. When increasing the Azure Worker Role instances beyond one, client connections will randomly fail with an error "The ConnectionId is in the incorrect format" . I believe this is caused when the negotiation for a single client spans multiple

data encryption and key management in c#

安稳与你 提交于 2019-12-10 01:28:47
问题 Which route to take, whats the pros and cons, which is more secure.. 1) Generate AES key, encrypt the data with it and then encrypt the AES key with RSA, save the encrypted data and encrypted AES key to a file and RSA keypair to a KeyContainer. 2) Or use DPAPI ProtectedData class to encrypt the data and save it to a file and then store the entropy what i used with ProtectedData.Protect() to somewhere.. (maybe allso encrypt it with the RSA, store the RSA keypair to KeyContainer and the

IIS - AddDataProtection PersistKeysToFileSystem not creating

旧街凉风 提交于 2019-12-09 01:21:43
问题 I've developing an asp.net core application to tun on a web far, and I'm using "AddDataProtection" to protect for key encryption at rest like, the documentation recommends, but when I deploy my application and run directly from IIS with AppPool identity, the key is never created and I get errors on the DpapiNG windows logs. My code is the following: services.AddDataProtection(opt => opt.ApplicationDiscriminator = ApplicationConfig.dataProtectionApplicationDiscriminator)

ProtectedData.Unprotect on an IIS application - fails to work after IISRESET

余生长醉 提交于 2019-12-06 11:37:46
问题 I need to store and retrieve sensitive data from a local database - this data is used by a web application. In order to protect said data I've opted to make use of the ProtectedData class. The IIS application is running using a specific AD user (Identity property in the Advanced Settings). Everything works fine until I do an IISRESET - at this point, it seems that the identity is changed for the purposes of the ProtectedData class, and I'm left with data I cannot decrypt - I'm getting a Key

Which Encryption algorithm does ProtectedData use?

纵然是瞬间 提交于 2019-12-06 02:12:22
问题 For password encryption I want to use ProtectedData . As far as I found out, this is a wrapper for CryptProtectData . The MSDN only states something vague about encryption based on user credentials and that decryption usually must be done on the same machine, if user has no roaming profile. Which encryption algorithm does it use? Is there any analysis that states whether this encryption is suiting for password storage? How else to implement a local password storage? 回答1: This MSDN article has

ProtectedData.Unprotect on an IIS application - fails to work after IISRESET

廉价感情. 提交于 2019-12-04 17:38:56
I need to store and retrieve sensitive data from a local database - this data is used by a web application. In order to protect said data I've opted to make use of the ProtectedData class. The IIS application is running using a specific AD user (Identity property in the Advanced Settings). Everything works fine until I do an IISRESET - at this point, it seems that the identity is changed for the purposes of the ProtectedData class, and I'm left with data I cannot decrypt - I'm getting a Key not valid for use in specified state exception. Here's the code I'm using: static public string Encrypt

Which Encryption algorithm does ProtectedData use?

那年仲夏 提交于 2019-12-04 10:01:53
For password encryption I want to use ProtectedData . As far as I found out, this is a wrapper for CryptProtectData . The MSDN only states something vague about encryption based on user credentials and that decryption usually must be done on the same machine, if user has no roaming profile. Which encryption algorithm does it use? Is there any analysis that states whether this encryption is suiting for password storage? How else to implement a local password storage? This MSDN article has more information about CryptProtectData and DPAPI , and should contain the information you need. In

Securely Storing Optional Entropy While Using DPAPI

99封情书 提交于 2019-11-30 20:18:19
So I am trying to store the symmetric key using DPAPI. All is well and great, but what to do with the entropy? This answered question here really doesn't provide enough insight. It seems like a slippery slope - I could use the machine store to store the entropy but then what prevents someone from getting at that as well? Note: I am storing the current key using the User Scope. So my question is - what is the best way to store the entropy using DPAPI? Anything you store locally can be compromised. But there are steps you can take to make it more difficult. There is a document on Handling

Securely Storing Optional Entropy While Using DPAPI

假装没事ソ 提交于 2019-11-30 03:32:33
问题 So I am trying to store the symmetric key using DPAPI. All is well and great, but what to do with the entropy? This answered question here really doesn't provide enough insight. It seems like a slippery slope - I could use the machine store to store the entropy but then what prevents someone from getting at that as well? Note: I am storing the current key using the User Scope. So my question is - what is the best way to store the entropy using DPAPI? 回答1: Anything you store locally can be

DPAPI password encryption in C# and saving into database.Then Decrypting it using a key

倖福魔咒の 提交于 2019-11-29 23:32:26
问题 I have tried Password encryption using UTF8 Algorithm and SHA256, but was adviced not to use them. Instead , I was suggested to use DPAPI .I have browsed few sample codes from google which were not clear. Can you help me with the DPAPI Algorithm. 回答1: You can access DPAPI using the ProtectedData class. There are two modes of encryption: CurrentUser: The protected data is associated with the current user. Only threads running under the current user context can unprotect the data. LocalMachine: