問題描述

在僅存儲公鑰/私鑰對的公鑰時，我在使用機器級 RSA 密鑰容器時遇到了問題.

I'm having a problem using a machine level RSA key container when storing only the public key of a public/private key pair.

以下代碼創建一個公/私對并從該對中提取公鑰.該對和公鑰存儲在單獨的密鑰容器中.然后從這些密鑰容器中獲取密鑰，此時它們應該與進入容器的密鑰相同.

The following code creates a public/private pair and extracts the public key from that pair. The pair and the public key are stored in separate key containers. The keys are then obtained from those key containers at which point they should be the same as the keys going into the containers.

當為 CspParameters.Flags 指定 CspProviderFlags.UseDefaultKeyContainer(即從 PublicKey 容器中讀出的鍵是相同)，但是當為 CspParameters.Flags 指定 CspProviderFlags.UseMachineKeyStore 時，從 PublicKey 讀回的密鑰是不同的.

The code works when CspProviderFlags.UseDefaultKeyContainer is specified for CspParameters.Flags (i.e. the key read back out from the PublicKey container is the same), but when CspProviderFlags.UseMachineKeyStore is specified for CspParameters.Flags the key read back from PublicKey is different.

為什么行為不同，我需要做些什么不同的事情來從機器級 RSA 密鑰容器中檢索公鑰?

Why is the behaviour different, and what do I need to do differently to retrieve the public key from a machine-level RSA key container?

var publicPrivateRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicPrivateKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    )
{
    PersistKeyInCsp = true,

};

var publicRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    )
{
    PersistKeyInCsp = true
};


//Export the key.
publicRsa.ImportParameters(publicPrivateRsa.ExportParameters(false));


Console.WriteLine(publicRsa.ToXmlString(false));
Console.WriteLine(publicPrivateRsa.ToXmlString(false));

//Dispose those two CSPs.
using (publicRsa)
{
    publicRsa.Clear();
}
using (publicPrivateRsa)
{
    publicRsa.Clear();
}

publicPrivateRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicPrivateKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    );


publicRsa = new RSACryptoServiceProvider(new CspParameters()
{
    KeyContainerName = "PublicKey",
    Flags = CspProviderFlags.UseMachineKeyStore
    //Flags = CspProviderFlags.UseDefaultKeyContainer
}
    );

Console.WriteLine(publicRsa.ToXmlString(false));
Console.WriteLine(publicPrivateRsa.ToXmlString(false));


using (publicRsa)
{
    publicRsa.Clear();
}
using (publicPrivateRsa)
{
    publicRsa.Clear();
}

推薦答案

似乎密鑰容器并非用于此目的(這在 .NET Framework 中的如何:在密鑰容器中存儲非對稱密鑰"中暗示了這一點開發人員指南，并由 a 確認MSDN 上的討論).

It seems that key containers are not intended for this purpose (this is implied by "How to: Store Asymmetric Keys in a Key Container" from the .NET Framework Developer's Guide, and confirmed by a disccusion on MSDN).

需要使用其他機制，例如將密鑰存儲在 XML 文件中來實現此目標.

Other mechanisms, such as storing the key in an XML file, need to be used to achieve this goal.

這篇關于如何將公鑰存儲在機器級 RSA 密鑰容器中的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！