问题
I want to protect my RSA private key with a password (who wouldn't) but the following C# fails:
SecureString pw = new SecureString();
pw.AppendChar('x');
CspParameters prms = new CspParameters();
prms.KeyPassword = pw;
RSACryptoServiceProvider crypto = new RSACryptoServiceProvider(prms);
byte[] encrypted = crypto.Encrypt(Encoding.ASCII.GetBytes("encryptme"), true);
...with the CryptographicException: "Invalid type specified". If I take the KeyPassword assignment out it works fine.
What am I, or Microsoft, doing wrong?
回答1:
Setting CspParameters.KeyPassword is equivalent to calling CryptSetProvParam with PP_KEYEXCHANGE_PIN (or PP_SIGNATURE_PIN). This flag is not supported by the default Microsoft crypto-service-provider (it is intended for use with smartcard-based CSPs).
You might want to try setting
prms.Flags = CspProviderFlags.UseUserProtectedKey;
or alternatively generating a non-persistent key-pair, exporting it and encrypting it with a key derived from a password yourself.
来源:https://stackoverflow.com/questions/1915797/simple-use-of-rsacryptoserviceprovider-keypassword-fails