You are trying to contain the key using the System.Security.Cryptography.RSACryptServiceProvider class.I have to specify a container name, but what do you specify for this container name and how do you manage it?
If you know the name of the container and you can get the stored key, it seems to me that the name of the container is an important value equivalent to the key or password.
// Creating CspParameters Objects
CspParameters cp = new CspParameters();
// Specify key container name
// Can you get the key if you know this?
cp.KeyContainerName = "Key Container Name";
// Create RSACryptServiceProvider object
RSACryptServiceProvider rsa = new RSACryptServiceProvider(cp);
// Get the key
return rsa.ToXmlString(true);
I think that access control lists (CryptoKeySecurity), not container names, should prevent untrusted users from accessing.
Conversely, if you want to prevent users with legitimate application execution privileges from viewing the private key in an unauthorized way, you should manage the key not on your local machine, but in a web application or other place where you cannot directly access it.
352 rails db:create error: Could not find mysql2-0.5.4 in any of the sources
372 To find Python openpyxl value coordinates
360 I would like to know if I can retrieve data using pandas grouping.
363 Logging Out with the Application Load Balancer and Authentication Using Cognito
356 I want to change the format (date and time display) of the legend in chronological order.
© 2023 OneMinuteCode. All rights reserved.