home · about us · blog · groups · contact us

ASP.NET machineKey Generator

This is an application that will generate a valid machineKey block with random, secure, hard-coded keys that you can paste inside the <system.web> in your web.config or machine.config file.

Hard-coded encryption and validation keys are needed if you have a web farm/web garden, if you use passwordFormat=Encrypted with ASP.NET 2.0's Membership provider, or if you have certain ViewState issues. I discuss those reasons more in-depth in my blog posts about "Invalid Viewstate" errors and the ASP.NET Membership Encrypted passwordFormat, or you can also read my machineKey CodeProject article for more background information.

Click the button to generate a machineKey block with a random set of keys.

ASP.NET 1.1 machineKey:

ASP.NET 2.0 machineKey:

 

If you want, you can also use the code (below) so you can generate the keys yourself, or download a sample project.

using System;
using System.Text;
using System.Security;
using System.Security.Cryptography;

private void Button1_Click(object sender, System.EventArgs e)
{
	txtASPNET20.Text = getASPNET20machinekey();
	txtASPNET11.Text = getASPNET11machinekey();
}

public string getASPNET20machinekey()
{
	StringBuilder aspnet20machinekey = new StringBuilder();
	string key64byte = getRandomKey(64);
	string key32byte = getRandomKey(32);
	aspnet20machinekey.Append("<machineKey \n");
	aspnet20machinekey.Append("validationKey=\"" + key64byte + "\"\n");
	aspnet20machinekey.Append("decryptionKey=\"" + key32byte + "\"\n");
	aspnet20machinekey.Append("validation=\"SHA1\" decryption=\"AES\"\n");
	aspnet20machinekey.Append("/>\n");
	return aspnet20machinekey.ToString();
}

public string getASPNET11machinekey()
{
	StringBuilder aspnet11machinekey = new StringBuilder();
	string key64byte = getRandomKey(64);
	string key24byte = getRandomKey(24);

	aspnet11machinekey.Append("<machineKey ");
	aspnet11machinekey.Append("validationKey=\"" + key64byte + "\"\n");
	aspnet11machinekey.Append("decryptionKey=\"" + key24byte + "\"\n");
	aspnet11machinekey.Append("validation=\"SHA1\"\n");
	aspnet11machinekey.Append("/>\n");
	return aspnet11machinekey.ToString();
}

public string getRandomKey(int bytelength)
{
	int len = bytelength * 2;
	byte[] buff = new byte[len / 2];
	RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
	rng.GetBytes(buff);
	StringBuilder sb = new StringBuilder(len);
	for (int i = 0; i < buff.Length; i++)
		sb.Append(string.Format("{0:X2}", buff[i]));
	return sb.ToString();
}

 
Discussion Groups
To read more about ASP.NET and programming in general, check out our USENET

web and technology discussion archives

, making the questions and answers of the web available right here on developmentnow.

If you're a Flash developer or ActionScript buff, you might like our new Macromedia archives like Flash, ActionScript, Flash data integration, Flash remoting, site design with Flash, and others.

We also added some IIS groups on general iis, ftp, iis security, email smtp, and nntp (newsgroups).

Lastly, feel free to peruse the new SQL Server groups, including groups for general sql server issues, DTS, sql server programming, database replication, or sql server reporting services.

home · blog · groups · about · products · contact us