如何将公钥存储在机器级 RSA 密钥容器中

发布于 2024-08-21 22:50:30 字数 1941 浏览 7 评论 0 原文

当仅存储公钥/私钥对的公钥时，我在使用机器级 RSA 密钥容器时遇到问题。

以下代码创建一个公钥/私钥对并从该对中提取公钥。该对和公钥存储在单独的密钥容器中。然后从这些密钥容器中获取密钥，此时它们应该与进入容器的密钥相同。

当为 CspParameters.Flags 指定 CspProviderFlags.UseDefaultKeyContainer 时，该代码有效（即从 PublicKey 容器读回的密钥是相同的），但是，当为 CspParameters.Flags 指定 CspProviderFlags.UseMachineKeyStore 时，从 PublicKey 读回的密钥会有所不同。

为什么行为不同？我需要采取哪些不同措施才能从计算机级 RSA 密钥容器中检索公钥？

var publicPrivateRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicPrivateKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    )
{
    PersistKeyInCsp = true,

};

var publicRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    )
{
    PersistKeyInCsp = true
};


//Export the key.
publicRsa.ImportParameters(publicPrivateRsa.ExportParameters(false));


Console.WriteLine(publicRsa.ToXmlString(false));
Console.WriteLine(publicPrivateRsa.ToXmlString(false));

//Dispose those two CSPs.
using (publicRsa)
{
    publicRsa.Clear();
}
using (publicPrivateRsa)
{
    publicRsa.Clear();
}

publicPrivateRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicPrivateKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    );


publicRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    );

Console.WriteLine(publicRsa.ToXmlString(false));
Console.WriteLine(publicPrivateRsa.ToXmlString(false));


using (publicRsa)
{
    publicRsa.Clear();
}
using (publicPrivateRsa)
{
    publicRsa.Clear();
}

原文

I'm having a problem using a machine level RSA key container when storing only the public key of a public/private key pair.

The following code creates a public/private pair and extracts the public key from that pair. The pair and the public key are stored in separate key containers. The keys are then obtained from those key containers at which point they should be the same as the keys going into the containers.

The code works when CspProviderFlags.UseDefaultKeyContainer is specified for CspParameters.Flags (i.e. the key read back out from the PublicKey container is the same), but when CspProviderFlags.UseMachineKeyStore is specified for CspParameters.Flags the key read back from PublicKey is different.

Why is the behaviour different, and what do I need to do differently to retrieve the public key from a machine-level RSA key container?

var publicPrivateRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicPrivateKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    )
{
    PersistKeyInCsp = true,

};

var publicRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    )
{
    PersistKeyInCsp = true
};


//Export the key.
publicRsa.ImportParameters(publicPrivateRsa.ExportParameters(false));


Console.WriteLine(publicRsa.ToXmlString(false));
Console.WriteLine(publicPrivateRsa.ToXmlString(false));

//Dispose those two CSPs.
using (publicRsa)
{
    publicRsa.Clear();
}
using (publicPrivateRsa)
{
    publicRsa.Clear();
}

publicPrivateRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicPrivateKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    );


publicRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    );

Console.WriteLine(publicRsa.ToXmlString(false));
Console.WriteLine(publicPrivateRsa.ToXmlString(false));


using (publicRsa)
{
    publicRsa.Clear();
}
using (publicPrivateRsa)
{
    publicRsa.Clear();
}

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

探春 2024-08-28 22:50:30

似乎关键容器并非用于此目的（这暗示了“如何：将不对称键存储在密钥容器中”，从.NET Framework Developer's指南中，并由MSDN 上的讨论）。

需要使用其他机制（例如将密钥存储在 XML 文件中）来实现此目标。

回复收藏 0 原文

迷鸟归林 2024-08-28 22:50:30

此链接可能对您有帮助。 http://msdn.microsoft.com/en- IN/library/tswxhw92(v=vs.80).aspx

var cp = new CspParameters();
cp.KeyContainerName = ContainerName;

// Create a new instance of RSACryptoServiceProvider that accesses
// the key container.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);

// Delete the key entry in the container.
rsa.PersistKeyInCsp = false;

// Call Clear to release resources and delete the key from the container.
rsa.Clear();

这就是关于密钥删除的内容。

This link may help you. http://msdn.microsoft.com/en-IN/library/tswxhw92(v=vs.80).aspx

var cp = new CspParameters();
cp.KeyContainerName = ContainerName;

// Create a new instance of RSACryptoServiceProvider that accesses
// the key container.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);

// Delete the key entry in the container.
rsa.PersistKeyInCsp = false;

// Call Clear to release resources and delete the key from the container.
rsa.Clear();

This is what it says about key deletion.

回复收藏 0 原文

~没有更多了~