Path of protectedKeyFilename in app.config

Topics: Cryptography Application Block, General discussion
Jul 19, 2007 at 9:04 PM
Is it necessary in .NET 3.0/ELB 3.1 to specify the full path for the protectedKeyFilename attribute of the <symmetricCryptoProviders> element of the app.config file? Or can I specify: protectedKeyFilename="mykeyfile.key" (ie, filename only, without a path)

We found that back in .NET 1.1/ELB 1.1, the answer was "sometimes". Most of the time, you wouldn't have a problem if you specify only the file name, without the path. But under some conditions (like after doing an OpenFileDialog, we suspect), the next call to an encryption method would fail with a file-not-found exception on the .key file. We found that specifying the full path of the .key file prevented the exception (actually, we specify only the file name at design time, then at runtime we update app.config to prepend the path to the filename, so we're independent of the installation location).

Does anyone know why it behaved this way in 1.1, and does it still have this exposure in 3.0/3.1 ? Or if the path is still needed, can it be specified as being relative to the app's executable? Or ....?