Re: Need the equivalent of CryptGenKey for PUBLIC/PRIVATE pairs

From: Roy Chastain (roy_at_kmsys.com)
Date: 03/24/05

  • Next message: Alessandro Zucchi: "Protect file with different extension from .aspx" 
    Date: Thu, 24 Mar 2005 08:19:11 -0500

    Luke,
    Thanks for the pointer to the article. I had not found that one. It has cleared up some issues, but it has left others even more
    confused.

    1) - Am I to understand that EVERY 'new RSACryptoServiceProvider()' call creates a NEW key. Is this true even if a key container
    is specified and there is already a key in it?

    2) - You indicate that ExportParameters actually exports a key along with the parameters used to create the key. Is that really
    true? I don't see any reference to the key in the RSAParameters documentation.

    3) - Speaking of documentation, the CspProviderFlags enum has a UseExistingKey flag that is not even mentioned in the
    documentation. Is it really valid and operational? If so, I would assume that its use would really prevent the creation of a new
    key when new RSACryptoServiceProvider() is called.

    4) - The routines in the article GenKey_SaveInContainer and GetKeyFromContainer are identical with the exception of the text of
    the WriteLine. This would make be believe that a key being generated each time.

    5) - The flag PersistKeyInCsp?
    5a) - Does that really mean "keep the key in the key store (machine or user as specified"?
    5b) - If I create a key (call new RSACryptoServiceProvider()) and set PersistKeyInCsp, is the key stored right then?
    5c) - If I open an existing key (assuming that can be done with UseExistingKey in the CspParameters in the call to new
    RSACryptoServiceProvider(csp_parameters)), and then clear PersistKeyInCsp, is the key removed form the store right then or does it
    get removed when the RSACryptoServiceProvider object is destroyed?

    6) - Exporting a key. What the heck happened to the concept of opaque key blobs. Exporting to XML hardly makes it opaque
    anymore?

    Thanks

    On Thu, 24 Mar 2005 02:27:41 GMT, lukezhan@online.microsoft.com ([MSFT]) wrote:

    >Hello Roy,
    >
    >A public/private key pair is generated whenever a new instance of an
    >asymmetric algorithm class is created. Once a new instance of the class is
    >created, the key information can be extracted using one of two methods:
    >
    >1. The ToXMLString method, which returns an XML representation of the key
    >information.
    >2. The ExportParameters method, which returns an RSAParameters enumeration
    >to hold the key information.
    >
    >For more information on this, you may refer to this article:
    >
    >Generating Keys for Encryption and Decryption
    >http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/htm
    >l/cpcongeneratingkeysforencryptiondecryption.asp
    >
    >Hope this help,
    >
    >Luke

    -------------------------------------------
    Roy Chastain
    KMSystems, Inc.

  • Next message: Alessandro Zucchi: "Protect file with different extension from .aspx"