tags:

views:

24

answers:

1
Q: 

RSACryptoProvider generates same key repeatedly for same CspParameter ContainerName

I'm new to the .NET CryptoProvider space, and am a little concerned by what I have seen regarding the repeated creation of the same key by the RSACryptoProvider. I am using a container because I am storing the key off to file on the server, like so (I export the CspBlob subsequent to this creation and reimport it later)...

_cp = new CspParameters { KeyContainerName = ContainerName };

In this case the ContainerName has a hardcoded value that I reference the container by. What's bothering me is that when I create the RSACryptoProvider, and by exentsion the key pair, the generated key values are always the same!

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(RSAKeySize, _cp);

If I change the name of the container, the key changes. There must be SOME other source of randomness than the container name when you create an RSACryptoProvider, right? Otherwise that makes the name of the container a password, which is not my intention.

+1  A: 

It's the name of a container, not of a generator.

If you want different keys each time, just create a new CryptoServiceProvider w/o referencing a container( == stored key-pair).

Henk Holterman  2010-07-15 13:35:48
Right. So if I know the name of the container, I can recreate the same keypair anywhere?!That's awful security. That makes the name of the container a password.
Bob  2010-07-15 14:02:37
@Bob. Er... no. The container by that name is stored in the computer's profile Application Data directory. If you open that container by name on the same computer, it will show you the key(s) inside. If you try to open it on another computer, there's nothing to fetch. The computer automagically generated the key the first time you used the container, and is keeping it safe for you for next time you need it. As @Henk suggested, there are other ways to get a *new* key.
ewall  2010-07-15 14:24:18
Good, got it. That's all I needed. The key's randomness is attached to my profile and the container name. That works for me. Thank you.
Bob  2010-07-15 14:46:02

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?