HashConfigCs.exe - Compiled Binary of the Microsoft Hashing Code
Microsoft released an article on how to do forms encryption for .NET based applications. The good part about this, other than the obvious, is that you can use these AES encryption keys to facilitate IIS web farms. These keys will encrypt session data with the same key inside a SQL database and store session state data so that user information is carried between servers seamlessly when users move from server to server.To facilitate this you generate keys with a utility and then copy the information generated by the utility into the appropriate machine.config file. This works great but there is one draw back.
Well the crappy part about this article is that the just give you code and not an actual binary to do the generation of the hash keys. Well I thought I'd post the binary so that you don't actually have to compile it yourself if you need to generate the keys.
For the anal retentive you may want to download and compile the code yourself but for the other 99% of us the binary is good enough. If you really feel the need to compile the code yourself download Visual C# Express and you can do it for free yourself.
Execute this program by typing "hashconfigcs.exe 24 64". The parameters tell it to generate the most secure of the available key types. Note that the keys should change every time you run the program.
HashConfigCs.zip - 2.09 KBUntil next time.
| Send this to: |  |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
 |
Comments
said...
I thought I would share the below as I had to update the machinekeys on a heaps of systems, script below works really well. You will need to change this if you have the section of your web.config encrypted.
First created a batch file that you call at a command prompt with a space and the path to your web.config using the below single line
for /f "delims=" %%a in (''HashConfigCs.exe 24 64'') do cscript machine-key.vbs %1 "%%a"
then create a vbs script called machine-key.vbs to create the section as below, this is called from the batch file:
Const ForReading = 1
Const ForWriting = 2
sDomain = WScript.Arguments.Item(0)
sKey = WScript.Arguments.Item(1)
Wscript.echo sKey
''
''Insert the machine key section
''
Set objFSO = CreateObject("Scripting.FileSystemObject")
Set objFile = objFSO.OpenTextFile("" & sDomain & "\web.config", ForReading)
strText = objFile.ReadAll
objFile.Close
strNewText = Replace(strText, "", ""& sKey & vbCrLf&" ")
Set objFile = objFSO.OpenTextFile("" & sDomain & "\web.config", ForWriting)
objFile.WriteLine strNewText
objFile.Close
12/2/2009 10:26:30 PM