CryptoAPI can take out the key if it knows the container name, but how should I select and store the container name?

Asked 2 years ago, Updated 2 years ago, 106 views

You are trying to contain the key using the System.Security.Cryptography.RSACryptServiceProvider class.I have to specify a container name, but what do you specify for this container name and how do you manage it?

If you know the name of the container and you can get the stored key, it seems to me that the name of the container is an important value equivalent to the key or password.

// Creating CspParameters Objects
CspParameters cp = new CspParameters();

// Specify key container name
// Can you get the key if you know this?
cp.KeyContainerName = "Key Container Name";

// Create RSACryptServiceProvider object
RSACryptServiceProvider rsa = new RSACryptServiceProvider(cp);

// Get the key
return rsa.ToXmlString(true);

c# .net security

2022-09-30 11:33

1 Answers

I think that access control lists (CryptoKeySecurity), not container names, should prevent untrusted users from accessing.
Conversely, if you want to prevent users with legitimate application execution privileges from viewing the private key in an unauthorized way, you should manage the key not on your local machine, but in a web application or other place where you cannot directly access it.


2022-09-30 11:33

If you have any answers or tips


© 2024 OneMinuteCode. All rights reserved.