发表新帖
发表新帖

Location of container for public and private keys in Windows?

后端 未结
关注
2 991
再見小時候
再見小時候 2021-02-05 22:06

I am trying to store my public and private keys in a container using following code:

CspParameters cp = new CspParameters();
cp.KeyContainerName = \"Test\";
RSAC
相关标签:
2条回答
  • Happy的楠姐
    2021-02-05 22:10

    I used Process Monitor and Sn.exe (Strong Name Tool) to learn the location of the folder on my Windows 7 machine that contains my key files and thereby confirm the information in Joe's answer.

    First, I ran Process Monitor and specified the following filter:

    Column    Relation    Value    Action
---------------------------------------
Path      contains    crypto   Include

    I then ran Strong Name Tool (sn.exe) to extract the public key from the key pair in my container VS_KEY_773685D47C32F8C7 and export it to public_key.snk:

    sn.exe -pc VS_KEY_773685D47C32F8C7 public_key.snk

    After doing so I noted that Process Monitor indicated that sn.exe made several access requests to the folder:

    C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys

    ...and the file that contains my public and private keys for my container named VS_KEY_773685D47C32F8C7:

    C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\74c2c10a37baa69f7969c7144db5805d_c55067c2-4a01-4792-9d70-d7a6e4799447

    sn.exe can be conveniently run via the Developer Command Prompt for Visual Studio.

    0 讨论(0)
  • 野的像风
    2021-02-05 22:20

    You'll find the key files in the following directory (*):

    Path.Combine(
    Environment.GetFolderPath(Environment.SpecialFolder.CommonApplicationData), 
    @"Microsoft\Crypto\RSA\MachineKeys")

    You can get the filename for a given key as follows:

    CspParameters cp = ...;
CspKeyContainerInfo info = new CspKeyContainerInfo(cp);
string fileName = info.UniqueKeyContainerName;

    I don't believe this information is documented, so if you use it you'll be relying on undocumented implementation details which may not work in future versions of Windows. Unfortunately, it's sometimes necessary to use it; for example as noted in this question, I don't think there's any other reliable way to view permissions for an RSA Key Container from a non-privileged account.

    (*) that's for machine keys. User-specific keys are presumably under Environment.SpecialFolder.LocalApplicationData

    0 讨论(0)
 看不清?
提交回复
热议问题