Problem replacing KeyNumber.Signature type keys in the key store


I'm slightly perplexed at some behaviour of the
RSACryptoServiceProvider and how it stores keys in the key store. The
short version is that if I store a KeyNumber.Exchange type key in the
key store I can replace it. If I try the same with a
KeyNumber.Signature type key I can't. To demonstrate the problem
here's some code I wrote as the body of a Visual Studio unit test:

string testKeyStore = "MyTestKeyStore";
KeyNumber keyNum = KeyNumber.Signature;

CspParameters tmp_cp = new CspParameters();
tmp_cp.KeyNumber = (int)keyNum;
tmp_cp.Flags &= ~CspProviderFlags.UseMachineKeyStore;

RSACryptoServiceProvider tmp_rsa = new RSACryptoServiceProvider
string tmp_key = tmp_rsa.ToXmlString(true);

CspParameters cp = new CspParameters();
cp.KeyContainerName = testKeyStore;
cp.KeyNumber = (int)keyNum;
cp.Flags |= CspProviderFlags.UseMachineKeyStore;

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);
string key = rsa.ToXmlString(true);

Assert.AreNotEqual(tmp_key, key);

rsa = new RSACryptoServiceProvider(cp);

rsa = new RSACryptoServiceProvider(cp);
string key2 = rsa.ToXmlString(true);

string reason = null;
if (key == key2)
reason = "The original key is still there";
else if (tmp_key != key2)
reason = "There is a third key there, so the replacement key was
never saved";

Assert.IsNull(reason, reason);

You will notice that I generate a temporary key, open up the keystore
then pop the key in with a call to FromXmlString(). The appears to
work fine at first. Now I open up the store again and find that the
key I placed in there was never stored. The original pre-replacement
key is still there.

If you change the second line of code to

KeyNumber keyNum = KeyNumber.Exchange;

Then the test works just fine and all the methods behave exactly as
stated in the MSDN. Is there any reason why it doesn't work with
KeyNumber.Signature keys? Is this by design (and if so why?) or is it
a bug? In case anyone is wondering, I'm using Windows XP SP3 with
VS2008 and the .NET 3.5 framework.

I've spent hours trawling the web for answers and come up empty so any
help would be greatly appreciated.

Kind Regards

Anthony Smith

Relevant Pages

  • Re: [opensuse] using KGpg to encrypt a LibreOffice text document in .ODT format
    ... until now it had seemed reasonable to keep in text-file ... Do you have reason to think that *your* password s have been ... protecting the password store on *your* machine is of little ... for example that only allow 8 character passwords and ...
  • Re: Drawbacks of same user name logging in multiple times?
    ... The reason is that they have multiple eyecare stores and they currently log ... store number, such as "024-Exam01" and a common or similar password. ... Gregg Hill ...
  • Re: OT Dim Edwards goes to Wal Mart for his new toy!
    ... - my automotive opinions ... workers sullen. ... claims about their low prices aren't the reason. ... Fortunately I have a nice clean grocery store with mostly ...
  • Re: Hard-drive as storage for shows
    ... I may store some shns on CD but aside from ... They don't require any external power (it gets its juice from the USB ... there's no reason you can't simply unplug them and ...
  • Re: OT Dim Edwards goes to Wal Mart for his new toy!
    ... - my oil filter comparison ... claims about their low prices aren't the reason. ... Fortunately I have a nice clean grocery store with mostly ... Walmart, but when I do it is very busy and a clean store. ...