Cryptography oddness

From: Andy (ajohnstone_at_capcitypress.com)
Date: 08/29/05

Next message: Scott Zabolotzky: "Re: signcode vs signtool"
Previous message: Cantelmo Software: "Re: [ANN][X-POST] Goliath.NET Obfuscator..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: 29 Aug 2005 10:39:22 -0700

Hi all,

I'm using tripleDes encryption as provided by the .Net framework.

I have a key and a encrypted password which was stored in a config
file. Everything was working fine, and then today we changed the
password, so I generated a new cyphertext using the same key and
algorthm I had used before. The data encrypts and decrypts just fine
on my machine, but putting the new cyphertext into the config file on
the target machine results in a Bad data CryptographyException.

Any ideas?

Thanks
Andy

Next message: Scott Zabolotzky: "Re: signcode vs signtool"
Previous message: Cantelmo Software: "Re: [ANN][X-POST] Goliath.NET Obfuscator..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[Full-Disclosure] RE: FW: defeating Lotus Sametime "encryption"
... Subject: defeating Lotus Sametime "encryption" ... For example, Lotus Sametime provides encryption, logging, ... 00 -- length of opaque for auth data ... 00 -- length of opaque data for encrypted password ...
(Full-Disclosure)
Re: Help Encrypting Connection String
... I have simply 'overridden' the LocalSqlServer connection string to point to my SQL Server DB. ... to encrypt the section and places it into web.config - the config file then refers to the reg key. ... I don't like to hardcode anything, in general, but I'd rather do that with an encryption key than the underlying data itself. ...
(microsoft.public.dotnet.framework.aspnet.security)
RE: Secure Remoting Across Domains/Workgroups
... I stored the username and password of my application ... onrecoverable because the encryption keys were machine-level. ... So what I ended up doing is creating a whole new section in the config file ... // Handle Exception ...
(microsoft.public.dotnet.languages.csharp)
Re: Help Encrypting Connection String
... there is a command line tool called aspnet_regiis that can do the encryption. ... It also looks like DPAPI uses a machine specific key, ... I have simply 'overridden' the LocalSqlServer connection string to point to my SQL Server DB. ... There are a lot of wrappers out there, e.g. http://www.leastprivilege.com/DPAPITools.aspx the tool you are referring to is called aspnet_setreg - it uses DPAPI to encrypt the section and places it into web.config - the config file then refers to the reg key. ...
(microsoft.public.dotnet.framework.aspnet.security)
System.Configuration.ConfigurationErrorsException saving config file after encrypting with RsaProtec
... Forms application tries to encrypt and save the application config ... He's also able to do RSA encryption and decryption using the ... param, Boolean randomKeyContainer, SafeProvHandle& hProv) ... clearTextXml, ProtectedConfigurationProvider protectionProvider, ...
(microsoft.public.dotnet.security)