[Mono-list] Configuring the location of the data protection user key store

Sebastien Pouliot sebastien.pouliot at gmail.com
Tue Dec 22 14:21:22 EST 2009 

On Tue, 2009-12-22 at 11:11 -0800, dnapierski wrote:
> How can I configure the location of the user key store when used by the data
> protection mechanism in mono 2.4 (running apache with mod_mono)?  I believe
> that the KeyPairPersistence class is making use of Environment.GetFolderPath
> (Environment.SpecialFolder.ApplicationData) so I tried setting the following
> in my httpd.conf, but it had no impact.
> 
>     SetEnv XDG_CONFIG_DIR /tmp/mono/.config

Try XDG_CONFIG_HOME
as specified in
http://standards.freedesktop.org/basedir-spec/latest/ar01s03.html

Sebastien

> 
> Instead, mono is still trying to create the user key store in
> '/sbin/.config/.mono/keypairs'
> Thanks
> Dan Napierski
> 
> NOTE: I deleted an earlier version of this message b/c the thread got taken
> over by another discussion.
> 
> Data protection failed.
>   at System.Security.Cryptography.ProtectedData.Protect (System.Byte[]
> userData, System.Byte[] optionalEntropy, DataProtectionScope scope)
> [0x00053] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/System.Security/System.Security.Cryptography/ProtectedData.cs:65
> Could not create user key store '/sbin/.config/.mono/keypairs'.
> 
>   at Mono.Security.Cryptography.KeyPairPersistence.get_UserPath () [0x00090]
> in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/Mono.Security.Cryptography/KeyPairPersistence.cs:224
>   at Mono.Security.Cryptography.KeyPairPersistence.get_Filename () [0x0007b]
> in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/Mono.Security.Cryptography/KeyPairPersistence.cs:141
>   at Mono.Security.Cryptography.KeyPairPersistence.Load () [0x00000] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/Mono.Security.Cryptography/KeyPairPersistence.cs:167
>   at System.Security.Cryptography.RSACryptoServiceProvider.Common (Int32
> dwKeySize, System.Security.Cryptography.CspParameters p) [0x000a3] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.Security.Cryptography/RSACryptoServiceProvider.cs:110
>   at System.Security.Cryptography.RSACryptoServiceProvider..ctor (Int32
> dwKeySize, System.Security.Cryptography.CspParameters parameters) [0x0000d]
> in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.Security.Cryptography/RSACryptoServiceProvider.cs:84
>   at Mono.Security.Cryptography.ManagedProtection.GetKey
> (DataProtectionScope scope) [0x0002f] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/System.Security/Mono.Security.Cryptography/ManagedProtection.cs:254
>   at Mono.Security.Cryptography.ManagedProtection.Protect (System.Byte[]
> userData, System.Byte[] optionalEntropy, DataProtectionScope scope)
> [0x00156] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/System.Security/Mono.Security.Cryptography/ManagedProtection.cs:106
>   at System.Security.Cryptography.ProtectedData.Protect (System.Byte[]
> userData, System.Byte[] optionalEntropy, DataProtectionScope scope)
> [0x00033] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/System.Security/System.Security.Cryptography/ProtectedData.cs:61
> : Access to the path "/sbin/.config" is denied.
>   at System.IO.Directory.CreateDirectoriesInternal (System.String path)
> [0x0006e] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.IO/Directory.cs:130
>   at System.IO.Directory.CreateDirectory (System.String path) [0x0009a] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.IO/Directory.cs:92
>   at System.IO.DirectoryInfo.Create () [0x00000] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.IO/DirectoryInfo.cs:141
>   at (wrapper remoting-invoke-with-check) System.IO.DirectoryInfo:Create ()
>   at System.IO.Directory.CreateDirectoriesInternal (System.String path)
> [0x00039] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.IO/Directory.cs:111
>   at System.IO.Directory.CreateDirectory (System.String path) [0x0009a] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.IO/Directory.cs:92
>   at System.IO.DirectoryInfo.Create () [0x00000] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.IO/DirectoryInfo.cs:141
>   at (wrapper remoting-invoke-with-check) System.IO.DirectoryInfo:Create ()
>   at System.IO.Directory.CreateDirectoriesInternal (System.String path)
> [0x00039] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.IO/Directory.cs:111
>   at System.IO.Directory.CreateDirectory (System.String path) [0x0009a] in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/System.IO/Directory.cs:92
>   at Mono.Security.Cryptography.KeyPairPersistence.get_UserPath () [0x00063]
> in
> /tmp/rmake/builds/mono/mono-2.4.2.3/mcs/class/corlib/Mono.Security.Cryptography/KeyPairPersistence.cs:218
> 
>

More information about the Mono-list mailing list