如何导出私钥ECDiffieHellmanCng [英] How to Export Private Key For ECDiffieHellmanCng

问题描述

我试图键从的 ECDiffieHellmanCng 的对象的新实例中导出这样我就可以使用相同的按键后创建它的一个实例。但是，我越来越想导出时出错。

I am trying to export the keys from a new instance of a ECDiffieHellmanCng object so I can create an instance of it later with the same keys. But I am getting an error when trying to export it.

//Create new ECDiffieHellmanCng which automatically creates new keys
var ecdh = new ECDiffieHellmanCng();
//Export the keys
var privateKey = ecdh.Key.Export(CngKeyBlobFormat.EccPrivateBlob);

我得到一个CryptographicException当我打电话的导出的方法与消息的请求的操作不支持。的把一些断点它看起来甚至在执行方法之前抛出异常的代码之后。纵观出口法的定义，它是装饰用的 SecuritySafeCriticalAttribute 的，所以我怀疑这个属性实际上是抛出异常。是什么原因造成这个异常？我怎么可以保存密钥，这样我可以在以后的时间创建相同ECDiffieHellmanCng对象的实例？

I am getting a CryptographicException when I call the Export method with the message "The requested operation is not supported." After putting some breakpoints in the code it looks like it is throwing the exception before even executing the method. Looking at the definition of the Export method it is adorned with a SecuritySafeCriticalAttribute so I am suspicious that this attribute is actually throwing the exception. What is causing this exception? How can I save the keys so I can create an instance of the same ECDiffieHellmanCng object at a later time?

推荐答案

默认情况下，键是不可导出 - 他们安全地存储在KSP。当创建密钥，它需要被标记允许用于出口。例如：

By default, keys aren't exportable - they are securely stored in the KSP. When creating the key, it needs to be marked allowed for export. Example:

var ecdh = new ECDiffieHellmanCng(CngKey.Create(CngAlgorithm.ECDiffieHellmanP256, null, new CngKeyCreationParameters {ExportPolicy = CngExportPolicies.AllowPlaintextExport}));
//Export the keys
var privateKey = ecdh.Key.Export(CngKeyBlobFormat.EccPrivateBlob);

为了简便，我们就可以从CngKey导出，而不是直接使用的算法，如果所有你要做的是创建一个新的密钥，导出私钥。

To make this simpler, we can just export it from the CngKey directly and not use the algorithm if all you want to do is create a new key and export the private key.

var cngKey = CngKey.Create(CngAlgorithm.ECDiffieHellmanP256, null, new CngKeyCreationParameters {ExportPolicy = CngExportPolicies.AllowPlaintextExport});
var privateKey = cngKey.Export(CngKeyBlobFormat.EccPrivateBlob);

您可以重新创建使用 CngKey从导出BLOB的CngKey。导入（yourBlob，CngKeyBlobFormat.EccPrivateBlob）和传球，为ECDiffieHellmanCng的构造函数。

You can re-create the CngKey from the exported blob by using CngKey.Import(yourBlob, CngKeyBlobFormat.EccPrivateBlob) and passing that to the constructor of ECDiffieHellmanCng.

SecuritySafeCriticalAttribute是 .NET安全透明模式的一部分。这不是你的错误的来源。

SecuritySafeCriticalAttribute is part of the .NET Security Transparency model. It is not the source of your errors.

这篇关于如何导出私钥ECDiffieHellmanCng的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！