EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Using x509 certificates for encrypting text

Posted: 10/30/2014 03:11:36
by Michael Isaacs (Priority Standard support level)
Joined: 09/05/2014
Posts: 2

I am looking to encrypt a setting in a .NET application's configuration settings file. I would like to secure the setting by using windows certificate stores. I would like to import a certificate into a particular user's certificate store, and use that particular certificate to decrypt the symmetric key in the config file. This way, only that particular user will be able to use the application or decrypt the symmetric key.

I have figured out how to get a user's certificate from the store, using the CertDemo and the TElWinCertStorage class Find ByHashSHA1 method, but now I can't figure out how to use that certificate to encrypt a byte array representing a symmetric key.

I see there is a sample called messages demo that would allow me to create a TElMemoryCertStorage object, associate it with a TElMessageEncryptor. I tested with this to see what it would do with a small file containing text with 8 characters and encrypting to AES-256. This output a 545 byte binary file, which seems to include some certificate information along with the encrypted data. I'm wondering if there is a way to just get the encrypted bytes, which I can then BASE64 encode to put into my application config file, and then later use the private key of the certificate in my store to decrypt that same data from the config file for use with symmetric encryption.

Is there a better way, or perhaps another class I should consider that uses certificate stores?
Posted: 10/30/2014 03:16:32
by Vsevolod Ievgiienko (Team)

Thank you for contacting us.

Please check the samples from \EldoS\SecureBlackbox.NET\Samples\C#\PKIBlackbox\Desktop\Primitives\Encrypt and Decrypt folders. They show how to use low level encryption using keys stored in certificates.
Posted: 11/11/2014 13:03:47
by Michael Isaacs (Priority Standard support level)
Joined: 09/05/2014
Posts: 2

This was exactly what I needed.




Topic viewed 698 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!