Macine key store locks up

From: Dag Øystein Johansen (djn@concept.fr)
Date: 01/16/03 

From: Dag Øystein Johansen <djn@concept.fr>
Date: Thu, 16 Jan 2003 02:50:55 -0800

I use RSA digital signatures in a web application context.
The web app in fact only needs to verify that some data (a
license in fact) have not been tampered with, and for this
purpose uses a hard-coded public key imported into an
instance of RSACryptoServiceProvider, the managed wrapper
object for the CryptoAPI implementation.

Since I only perform verification (using the public key) I
have no use for key containers. But the CryptoAPI objects
*require* one to instantiate the object.

My code to obtain an instance is like this (no key
imported here):

RSACryptoServiceProvider createCSP()
{
        CspParameters cspParams = new CspParameters();
        cspParams.KeyContainerName = "MyContainer";
        cspParams.Flags =
CspProviderFlags.UseMachineKeyStore;

        RSACryptoServiceProvider result = new
RSACryptoServiceProvider(cspParams);
        result.PersistKeyInCsp = false;
        return result;
}

This works fine most of the time. But for an unknown
reason I sometimes just get a CryptographicException
saying something like "cryptoAPI services could not be
obtained for this implementation".

A little investigation leads me to believe the problem is
with the file in
"\Documents and Settings\All Users\Application
Data\Microsoft\Crypto\RSA\MachineKeys"
which seems to be locked. I can't rename or delete it.
Restarting IIS doesn't help, so I figure it's not IIS that
is locking the file.

Rebooting the server, deleting the key file and then
running again seems to work around the problem. But it is
of course not acceptable having to reboot a web server now
and then because of this problem! Neither is it to leave
the license data unprotected.

Anyone?