private CryptoKeySecurity createAccessRules() { var defaultRules = true; var result = new CryptoKeySecurity(); foreach(var identity in getIdentityList(_writeAccess)) { result.AddAccessRule(new CryptoKeyAccessRule(new NTAccount(identity), CryptoKeyRights.FullControl, AccessControlType.Allow)); defaultRules = false; } foreach (var identity in getIdentityList(_readAccess)) { result.AddAccessRule(new CryptoKeyAccessRule(new NTAccount(identity), CryptoKeyRights.GenericRead, AccessControlType.Allow)); defaultRules = false; } return defaultRules ? null : result; }