I am working with an older application which uses the Enterprise Library Cryptography Application Block for data encryption.
Currently with every new server which is setup we have to manually run EntLibConfig.exe (a ui app), import a key exported from another machine, and restore the key for the new server.
This manual process needs to go away. Is there a way I can recreate this key using the command line? Perhaps by writing an application to generate the key? I haven't had luck figuring this out using the RijndaelManaged references in the .NET docs.
Using a Symmetric Provider, RijndaelManaged.
Actually any solution to restore a RijndaelManaged key based off of a current key would probably be useful. No UIs or manual processes/clicks!
After reading through the Enterprise Library source for a while I worked out a way to do this. This is just POC code, no checks, etc.
Assumptions:
c:\key\engagementproviderexport.txt is the key exported from a working serverc:\key\engagementprovider.key is the newly created RijndaelManaged key for the new machineexportKeyPw is the password used to protect the exported keyMicrosoft.Practices.EnterpriseLibrary.Security.Cryptography.dll reference addedSystem.Security.dll reference addedProtectedKey is Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.ProtectedKey classKeyManager is Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.KeyManager static class which does all the work here!POC:
using Microsoft.Practices.EnterpriseLibrary.Security.Cryptography;
using System.Security;
using System.IO;
string exportKeyFile = @"C:\key\EngagementProviderExport.txt";
string exportKeyPw = "p@ssword";
string saveKeyFile = @"C:\key\EngagementProvider.key";
ProtectedKey NewServerKey;
using (FileStream fs = File.OpenRead(exportKeyFile))
{
NewServerKey = KeyManager.RestoreKey(fs, exportKeyPw, System.Security.Cryptography.DataProtectionScope.LocalMachine);
}
using (FileStream ofs = File.OpenWrite(saveKeyFile))
{
KeyManager.Write(ofs, NewServerKey);
}