In this solution, we will inscribe the private key and store it in the application directory. we will also modify the employee management system to retrieve the private key from the encrypted file.

1. Start Visual Basic .NET, and load the solution CH01_Encryption\ InstallKey\Start\InstallKey.sln.

2. Open MainModule.vb, and insert the following code:
’Insert code below...
Public G_PRIVATEKEY As String = "111222333444555666777888"
Sub Main()
’Encrypt the key and store it in the location
’c:\Documents And Settings\<username>\Application Data\emsKey
Settings.SaveEncrypted("EMSKey", G_PRIVATEKEY)
MsgBox("Done")
End Sub


3. Open SecurityLibrary.vb, and shift to the end of the file. You are about to add the required code to easily use the Windows CryptProtectData and CryptUnprotectData APIs. This is 120 lines of code, so it will be easiest to simply cut and paste it in. In the same directory as InstallKey.sln, you will find a text file named LoadAndSaveSettings.txt. Open this file, and copy and paste the contents at the end of SecurityLibrary.vb.

4. Press F5 to sprint the application. It will install a file termed EMSKey.txt in the Application Data directory, which is usually c:\Documents And Settings\<username>\Application Data\EMSKey.txt.

5. Now that the key is installed, we need to modify the employee management system to use the encrypted key. In Visual Basic .NET, open the solution CH01_Encryption\ EMS\Start\EMS.sln.

6. Open MainModule.vb, find the line that reads
Public G_PRIVATEKEY As String = "1122334455667788"
and alter it to
Public G_PRIVATEKEY As String = Settings.LoadEncrypted("EMSKey")

7. Press F5 to sprint the request. Now the private key is being loaded from an encrypted file.

One final note on private keys: In your own applications, you should create a private key that is more complicated than the 111222333444555666777888 used in this example—private keys should be a random string of characters, numbers, and punctuation.