I just noticed that when I use DSACryptoServiceProvider class on IIS it triggers a CryptographicException saying it can't load a file. It doesn't specify the file.
After hours I found that this exception is not triggered when the IIS Application Pool Identity is set to Local System which is the most privileged account available. This means the IIS Worker Process runs with a very privileged user that can do more things the the default one and this way it works.
The problem is that the DSACryptoServiceProvider documentation doesn't say anything about the privileges a user must have in order to use this class. And I cannot leave my Application Pool running on such a privileged account.
What do I do?
PS: This is the code snippet that triggers the exception:
vDSA.ImportParameters(vKeys);
DSASignatureFormatter DSAFormatter = new DSASignatureFormatter(vDSA);
DSAFormatter.SetHashAlgorithm("SHA1");
// the crash goes here
return DSAFormatter.CreateSignature(vMessageHash);