. Net (C #): Use cspparameters to provide local key storage for RSA (or DSA)

Both the rsacryptoserviceprovider and dsacryptoserviceprovider constructors can specify a cspparameters struct. Using this cspparameters struct, We can customize the CSP local storage name (that is, the key container: keycontainer) of the asymmetric encryption algorithm. This container is saved in the Windows user configuration file by default.

If you want to store the key within the computer range (rather than the user range), you can use the usemachinekeystore static attribute of rsacryptoserviceprovider (or dsacryptoserviceprovider). If it is true, the key is stored in the computer.

Cspparameters is RSA by default, that is, the providertype of cspparameters is 1 by default, and that of DSA is 13. Please take a look at msdn (http://msdn.microsoft.com/zh-cn/library/1dh4wac4.aspx)

 

Finally, if you use cspparameters to initialize rsacryptoserviceprovider (or dsacryptoserviceprovider), persistkeyincsp becomes true. If you manually set persistkeyincsp to false, but rsacryptoserviceprovider (or dsacryptoserviceprovider) after being destroyed (the dispose or clear method is called), the secret container in which it is located will be deleted.

Let's look at the Code:

// + Using system. Security. Cryptography

// Create cspparameters

VaR csppas = new cspparameters ();

// Custom key container

Csppas. keycontainername = "mgen_key ";

// Used to store CSP key information

Byte [] cspblog;

 

// Create an RSA key and store it in the key container

Using (var rsa = new rsacryptoserviceprovider (csppas ))

{

Cspblog = RSA. exportcspblob (true );

}

// Create another RSA instance to read the key information in cspparameters

Using (var rsa = new rsacryptoserviceprovider (csppas ))

{

// Compare CSP information: Output True

Console. writeline ("Key equality: {0}", cspblog. sequenceequal (RSA. exportcspblob (true )));

}

// Delete the key container stored in the system

Using (var rsa = new rsacryptoserviceprovider (csppas ))

{

// You can also call the clear () method here. Of course, the RSA dispose method works the same way.

RSA. persistkeyincsp = false;

}

// Create an RSA instance from now on and determine that the key is equal

Using (var rsa = new rsacryptoserviceprovider (csppas ))

{

// The previous key is deleted, so it does not wait (in this case, another new key is actually written to the mgen_key key container!

Console. writeline ("Key equality: {0}", cspblog. sequenceequal (RSA. exportcspblob (true )));

}

 

The program outputs a ture and a false value. Because the second RSA instance actually reads the key created by the first RSA instance, the CSP information of the two RSA instances is the same and the output is true. The third RSA instance deletes the key. Therefore, the key of the fourth RSA instance is different from the previous one, so false. In fact, after the execution of the fourth RSA instance ends, another new RSA key is saved in the key container "mgen_key. So maybe you should run this code again to delete the key store:

// Create cspparameters

VaR csppas = new cspparameters ();

// Custom key container

Csppas. keycontainername = "mgen_key ";

 

// Delete the key container stored in the system

Using (var rsa = new rsacryptoserviceprovider (csppas ))

{

// You can also call the clear () method here. Of course, the RSA dispose method works the same way.

RSA. persistkeyincsp = false;

}