HOW TO:將對稱金鑰儲存在金鑰容器中
非對稱私密金鑰絕對不應一字不漏或以純文字格式儲存在本機電腦中。 如果您需要儲存私密金鑰,您應該使用金鑰容器。 如需金鑰容器的詳細資訊,請參閱認識電腦層級和使用者層級的 RSA 金鑰容器。
若要建立非對稱金鑰並將它儲存在金鑰容器中
建立 CspParameters 類別新的執行個體,並將您為金鑰容器命名的名稱傳送至 CspParameters.KeyContainerName 欄位。
建立衍生自 AsymmetricAlgorithm 類別之類別的新執行個體 (通常是 RSACryptoServiceProvider 或 DSACryptoServiceProvider),並將先前建立的 CspParameters 物件傳遞到它的建構函式中。
若要從金鑰容器刪除金鑰
建立 CspParameters 類別的新執行個體,並將想要呼叫的金鑰容器名稱傳遞到 CspParameters.KeyContainerName 欄位。
建立衍生自 AsymmetricAlgorithm 類別之類別的新執行個體 (通常是 RSACryptoServiceProvider 或 DSACryptoServiceProvider),並將先前建立的 CspParameters 物件傳遞到它的建構函式中。
將 AsymmetricAlgorithm 衍生之類別的 PersistKeyInCSP 屬性設定為 false (Visual Basic 中為 False)。
呼叫衍生自 AsymmetricAlgorithm 之類別的 Clear 方法。 這個方法會釋放該類別的所有資源,並清除金鑰容器。
範例
以下範例示範如何建立非對稱金鑰、將它儲存到金鑰容器中,再於稍後擷取金鑰,以及從容器中刪除金鑰。
請注意,GenKey_SaveInContainer 方法和 GetKeyFromContainer 方法中的程式碼很類似。 當您指定 CspParameters 物件的金鑰容器名稱,並在 PersistKeyInCsp 屬性或 PersistKeyInCsp 屬性設為 true 的情況下將它傳遞給 AsymmetricAlgorithm 物件時,便會發生下列情形。 如果指定名稱的金鑰容器不存在,便會建立此容器並保存金鑰。 如果指定名稱的金鑰容器存在,容器中的金鑰便會自動載入目前的 AsymmetricAlgorithm 物件中。 因此,GenKey_SaveInContainer 方法中的程式碼會保存此金鑰,因為它會先執行,而 GetKeyFromContainer 方法中的程式碼則會載入此金鑰,因為它後執行。
Imports System
Imports System.IO
Imports System.Security.Cryptography
_
Public Class StoreKey
Public Shared Sub Main()
Try
' Create a key and save it in a container.
GenKey_SaveInContainer("MyKeyContainer")
' Retrieve the key from the container.
GetKeyFromContainer("MyKeyContainer")
' Delete the key from the container.
DeleteKeyFromContainer("MyKeyContainer")
' Create a key and save it in a container.
GenKey_SaveInContainer("MyKeyContainer")
' Delete the key from the container.
DeleteKeyFromContainer("MyKeyContainer")
Catch e As CryptographicException
Console.WriteLine(e.Message)
End Try
End Sub
Public Shared Sub GenKey_SaveInContainer(ByVal ContainerName As String)
' Create the CspParameters object and set the key container
' name used to store the RSA key pair.
Dim cp As New CspParameters()
cp.KeyContainerName = ContainerName
' Create a new instance of RSACryptoServiceProvider that accesses
' the key container MyKeyContainerName.
Dim rsa As New RSACryptoServiceProvider(cp)
' Display the key information to the console.
Console.WriteLine("Key added to container: {0}", rsa.ToXmlString(True))
End Sub
Public Shared Sub GetKeyFromContainer(ByVal ContainerName As String)
' Create the CspParameters object and set the key container
' name used to store the RSA key pair.
Dim cp As New CspParameters()
cp.KeyContainerName = ContainerName
' Create a new instance of RSACryptoServiceProvider that accesses
' the key container MyKeyContainerName.
Dim rsa As New RSACryptoServiceProvider(cp)
' Display the key information to the console.
Console.WriteLine("Key retrieved from container : {0}", rsa.ToXmlString(True))
End Sub
Public Shared Sub DeleteKeyFromContainer(ByVal ContainerName As String)
' Create the CspParameters object and set the key container
' name used to store the RSA key pair.
Dim cp As New CspParameters()
cp.KeyContainerName = ContainerName
' Create a new instance of RSACryptoServiceProvider that accesses
' the key container.
Dim rsa As New RSACryptoServiceProvider(cp)
' Delete the key entry in the container.
rsa.PersistKeyInCsp = False
' Call Clear to release resources and delete the key from the container.
rsa.Clear()
Console.WriteLine("Key deleted.")
End Sub
End Class
using System;
using System.IO;
using System.Security.Cryptography;
public class StoreKey
{
public static void Main()
{
try
{
// Create a key and save it in a container.
GenKey_SaveInContainer("MyKeyContainer");
// Retrieve the key from the container.
GetKeyFromContainer("MyKeyContainer");
// Delete the key from the container.
DeleteKeyFromContainer("MyKeyContainer");
// Create a key and save it in a container.
GenKey_SaveInContainer("MyKeyContainer");
// Delete the key from the container.
DeleteKeyFromContainer("MyKeyContainer");
}
catch(CryptographicException e)
{
Console.WriteLine(e.Message);
}
}
public static void GenKey_SaveInContainer(string ContainerName)
{
// Create the CspParameters object and set the key container
// name used to store the RSA key pair.
CspParameters cp = new CspParameters();
cp.KeyContainerName = ContainerName;
// Create a new instance of RSACryptoServiceProvider that accesses
// the key container MyKeyContainerName.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);
// Display the key information to the console.
Console.WriteLine("Key added to container: \n {0}", rsa.ToXmlString(true));
}
public static void GetKeyFromContainer(string ContainerName)
{
// Create the CspParameters object and set the key container
// name used to store the RSA key pair.
CspParameters cp = new CspParameters();
cp.KeyContainerName = ContainerName;
// Create a new instance of RSACryptoServiceProvider that accesses
// the key container MyKeyContainerName.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);
// Display the key information to the console.
Console.WriteLine("Key retrieved from container : \n {0}", rsa.ToXmlString(true));
}
public static void DeleteKeyFromContainer(string ContainerName)
{
// Create the CspParameters object and set the key container
// name used to store the RSA key pair.
CspParameters cp = new CspParameters();
cp.KeyContainerName = ContainerName;
// Create a new instance of RSACryptoServiceProvider that accesses
// the key container.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);
// Delete the key entry in the container.
rsa.PersistKeyInCsp = false;
// Call Clear to release resources and delete the key from the container.
rsa.Clear();
Console.WriteLine("Key deleted.");
}
}