[Mono-devel-list] Key Pair Persistence

Sébastien Pouliot spouliot at videotron.ca
Tue Feb 10 08:53:39 EST 2004


Hello all,

Key pair persistance is a service that CryptoAPI offers (under Windows) that
is exposed in the .NET framework. The exact location of the key pairs varies
between Windows OS releases and their format is undocumented (both offers
integrity and confidentiality - maybe too much of the later ;-). Normally
key pairs can be (optional) password protected - but this functionality
isn't (yet) exposed in the .NET framework (as this causes UI issues).

Note: Only key pairs created with a CspParameters parameter in the
constructor are persisted. Code that do not use CspParameters or
PersistKeyInCsp won't get their key pair persisted.

For compatibility, similar support for key pair persistence has been added
to Mono (this applies to DSACryptoServiceProvider and
RSACryptoServiceProvider classes). The key pairs are stored as XML files
(without any more protection) under

	Environment.SpecialFolder.ApplicationData + "/.mono/keypairs" (using
Path.Combine ;-).

This resolves into "~/.mono/keypairs/" under Linux. Note that this won't
work (right now), in most case, under Windows (mono's corlib) because of
issue #50532 (%HOME% used but not defined). Useing MS runtime the path would
resolve to "%USERPROFILE%\Application Data\.mono\keypairs".

This is similar to how the SSH keys are stored (except they can't be used
unless the private key access is limited to it's owner).

The only thing not currently implemented is the "machine" keys storage
(shared between all users).
Any ideas where such keys should be stored on Linux ?

Comments welcomed!

Sebastien
http://pages.infinit.net/ctech/poupou.html




More information about the Mono-devel-list mailing list