开发者

How to check if RSA key container exists in .NET

We have

    Dim cp As New CspParameters()
    cp.KeyContainerName = ContainerName
    cp.Flags = CspProviderFlags.UseMachineKeyStore
开发者_如何学运维

How do I make sure that new key is not created if the key with ContainerName does not exist?


Try this:

    public static bool DoesKeyExists(string containerName)
    {
        var cspParams = new CspParameters
        {
            Flags = CspProviderFlags.UseExistingKey,
            KeyContainerName = containerName
        };

        try
        {
            var provider = new RSACryptoServiceProvider(cspParams);
        }
        catch (Exception e)
        {
            return false;
        }
        return true;
    }


Here's a powershell script we use to test for a given container name:

# Test if an rsa key container exists on this system.
function Test-RsaKeyContainerName(
    [Parameter(Mandatory=$true)][string] $ContainerName,
    [Parameter(Mandatory=$false)][switch] $UserContainer = $false
) {
    $csp = New-Object -TypeName "System.Security.Cryptography.CspParameters";
    $csp.KeyContainerName = $ContainerName;
    if (!($UserContainer)) {
        $csp.Flags = [System.Security.Cryptography.CspProviderFlags]::UseMachineKeyStore;
    }
    $csp.Flags = $csp.Flags -bor [System.Security.Cryptography.CspProviderFlags]::UseExistingKey;
    try {
        $rsa = New-Object -TypeName "System.Security.Cryptography.RSACryptoServiceProvider" -ArgumentList ($csp);
    } catch [System.Management.Automation.MethodInvocationException] {
        if ($error[0].Exception.InnerException -ne $null -and
            $error[0].Exception.InnerException.GetType() -eq [System.Security.Cryptography.CryptographicException] -and
            $error[0].Exception.InnerException.Message.StartsWith("Keyset does not exist")) {           
            return $false;
        } else {
            throw;
        }       
    }
    return $true;
}

If you actually need to enumerate the keys installed on the system, you can borrow the code from KeyPal at http://www.jensign.com/dotnet/keypal/source/KeyPal.txt


You can use

.PersistKeyInCsp = false

on your crypto provider which will ensure that the key doesn't get left over in the container. Is this what you mean?

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜