问题
From a legacy program:
bye[] rsaPrivateKeyExport = RSACryptoProvider.ExportCspBlob(true);
These keys are stored in a file.
As part of a legacy refresh, I need to use CNG RSA keys.
So something like reading the old blob and then converting:
CngKey cngPrv = CngKey.Import(rsaPrvKeyExport, CngKeyBlobFormat.GenericPrivateBlob);
But I cannot get this to work?
How do I convert the old blob type to the new one? Do I only use parts of the old blob?
The key length is 2048.
回答1:
GenericPrivateBlob is a CNG-specific format, it doesn't mean "try any private thing".
CNG is capable of opening CAPI key blobs, using the formats identified at https://docs.microsoft.com/en-us/windows/desktop/api/Bcrypt/nf-bcrypt-bcryptexportkey.
private static readonly CngKeyBlobFormat s_legacyRsaPrivateBlobFormat =
new CngKeyBlobFormat("CAPIPRIVATEBLOB");
...
byte[] exported;
using (RSACryptoServiceProvider a = new RSACryptoServiceProvider(2048))
{
exported = a.ExportCspBlob(true);
}
RSA b;
using (CngKey key = CngKey.Import(exported, s_legacyRsaPrivateBlob))
{
b = new RSACng(key);
}
// This using is broken out here just to show that the constructed object can safely outlive
// the CngKey object that it was created from.
using (b)
{
...
}
来源:https://stackoverflow.com/questions/51392846/import-a-private-rsacryptoserviceprovider-blob-into-cngkey-import