简单使用 RSACryptoServiceProvider KeyPassword 失败
我想用密码保护我的 RSA 私钥(谁不会),但以下 C# 失败:
SecureString pw = new SecureString();
pw.AppendChar('x');
CspParameters prms = new CspParameters();
prms.KeyPassword = pw;
RSACryptoServiceProvider crypto = new RSACryptoServiceProvider(prms);
byte[] encrypted = crypto.Encrypt(Encoding.ASCII.GetBytes("encryptme"), true);
...出现 CryptographicException:“指定的类型无效”。如果我去掉 KeyPassword 分配,它就可以正常工作。
我或微软做错了什么?
I want to protect my RSA private key with a password (who wouldn't) but the following C# fails:
SecureString pw = new SecureString();
pw.AppendChar('x');
CspParameters prms = new CspParameters();
prms.KeyPassword = pw;
RSACryptoServiceProvider crypto = new RSACryptoServiceProvider(prms);
byte[] encrypted = crypto.Encrypt(Encoding.ASCII.GetBytes("encryptme"), true);
...with the CryptographicException: "Invalid type specified". If I take the KeyPassword assignment out it works fine.
What am I, or Microsoft, doing wrong?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
设置
CspParameters.KeyPassword相当于使用PP_KEYEXCHANGE_PIN(或PP_SIGNATURE_PIN)调用CryptSetProvParam。默认的 Microsoft 加密服务提供商不支持此标志(它旨在与基于智能卡的 CSP 一起使用)。您可能想尝试设置
或生成非持久密钥对,将其导出并使用自己从密码派生的密钥对其进行加密。
Setting
CspParameters.KeyPasswordis equivalent to callingCryptSetProvParamwithPP_KEYEXCHANGE_PIN(orPP_SIGNATURE_PIN). This flag is not supported by the default Microsoft crypto-service-provider (it is intended for use with smartcard-based CSPs).You might want to try setting
or alternatively generating a non-persistent key-pair, exporting it and encrypting it with a key derived from a password yourself.