K
khubieb
Simply I am trying to use RSACryptoServiceProvider to generate a key
pair, send the public key to a service that will retrieve me data,
encrypt it with my public key, send the encrypted data back for me to
decrypt the data and use it. below is a code sample that simulates my
task. It works just fine, however, when I turn impersonation to true in
my web.config file and after a random number of attempts to invoke my
page, an unhandled exception is fired somewhere in the Crypto Service
Provider causing the aspnet_wp process to restart. I've caught the
exception by registring an HTTP Module to listen to the
AppDomain.CurrentDomain.UnhandledException event and this is the
exception I get
type=System.Security.Cryptography.CryptographicException
message=Keyset does not exist
stack=
at
System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException(Int32
hr)
at System.Security.Cryptography.SafeProvHandle._FreeCSP(IntPtr
pProvCtx)
at System.Security.Cryptography.SafeProvHandle.ReleaseHandle()
at System.Runtime.InteropServices.SafeHandle.InternalFinalize()
at System.Runtime.InteropServices.SafeHandle.Dispose(Boolean
disposing)
at System.Runtime.InteropServices.SafeHandle.Finalize()
..
If I turn impersonation to false in web.config the exception doesn't
fire. I don't know where does this exception occure.
Also I've noticed that I missed to release the resources used by
RSACryptoServiceProvider by invoking the
RSACryptoServiceProvider.Clear() method. when calling this method the
exception seems to cease to occure.
I am just curious to know what is happening? what is the relation
between impersonation and RSACryptoServiceProvider? why isn't it caught
by the catch block? What is the thread that fires the exception? ...
here is the code of my web form
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Security.Cryptography;
using System.Text;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnRefresh_ServerClick(object sender, EventArgs e)
{
try
{
CspParameters cspParam = new CspParameters();
cspParam.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider pair = new
RSACryptoServiceProvider(cspParam);
string keyInfo = pair.ToXmlString(false);
string encryptedData = GetSecureData(keyInfo);
byte[] encrptedBytes =
Convert.FromBase64String(encryptedData);
byte[] decryptedBytes = pair.Decrypt(encrptedBytes, true);
string decrypedData =
Encoding.ASCII.GetString(decryptedBytes);
//pair.Clear();
txtEnctptedData.Value = encryptedData;
txtDecryptedData.Value = decrypedData;
}
catch (Exception ex)
{
txtDecryptedData.Value = ex.Message;
}
}
private string GetSecureData(string publicKey)
{
CspParameters cspParam = new CspParameters();
cspParam.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider pair = new
RSACryptoServiceProvider(cspParam);
pair.FromXmlString(publicKey);
byte[] dataBytes = Encoding.ASCII.GetBytes("Hello World!!");
dataBytes = pair.Encrypt(dataBytes, true);
return Convert.ToBase64String(dataBytes);
}
}
pair, send the public key to a service that will retrieve me data,
encrypt it with my public key, send the encrypted data back for me to
decrypt the data and use it. below is a code sample that simulates my
task. It works just fine, however, when I turn impersonation to true in
my web.config file and after a random number of attempts to invoke my
page, an unhandled exception is fired somewhere in the Crypto Service
Provider causing the aspnet_wp process to restart. I've caught the
exception by registring an HTTP Module to listen to the
AppDomain.CurrentDomain.UnhandledException event and this is the
exception I get
type=System.Security.Cryptography.CryptographicException
message=Keyset does not exist
stack=
at
System.Security.Cryptography.CryptographicException.ThrowCryptogaphicException(Int32
hr)
at System.Security.Cryptography.SafeProvHandle._FreeCSP(IntPtr
pProvCtx)
at System.Security.Cryptography.SafeProvHandle.ReleaseHandle()
at System.Runtime.InteropServices.SafeHandle.InternalFinalize()
at System.Runtime.InteropServices.SafeHandle.Dispose(Boolean
disposing)
at System.Runtime.InteropServices.SafeHandle.Finalize()
..
If I turn impersonation to false in web.config the exception doesn't
fire. I don't know where does this exception occure.
Also I've noticed that I missed to release the resources used by
RSACryptoServiceProvider by invoking the
RSACryptoServiceProvider.Clear() method. when calling this method the
exception seems to cease to occure.
I am just curious to know what is happening? what is the relation
between impersonation and RSACryptoServiceProvider? why isn't it caught
by the catch block? What is the thread that fires the exception? ...
here is the code of my web form
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Security.Cryptography;
using System.Text;
public partial class _Default : System.Web.UI.Page
{
protected void Page_Load(object sender, EventArgs e)
{
}
protected void btnRefresh_ServerClick(object sender, EventArgs e)
{
try
{
CspParameters cspParam = new CspParameters();
cspParam.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider pair = new
RSACryptoServiceProvider(cspParam);
string keyInfo = pair.ToXmlString(false);
string encryptedData = GetSecureData(keyInfo);
byte[] encrptedBytes =
Convert.FromBase64String(encryptedData);
byte[] decryptedBytes = pair.Decrypt(encrptedBytes, true);
string decrypedData =
Encoding.ASCII.GetString(decryptedBytes);
//pair.Clear();
txtEnctptedData.Value = encryptedData;
txtDecryptedData.Value = decrypedData;
}
catch (Exception ex)
{
txtDecryptedData.Value = ex.Message;
}
}
private string GetSecureData(string publicKey)
{
CspParameters cspParam = new CspParameters();
cspParam.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider pair = new
RSACryptoServiceProvider(cspParam);
pair.FromXmlString(publicKey);
byte[] dataBytes = Encoding.ASCII.GetBytes("Hello World!!");
dataBytes = pair.Encrypt(dataBytes, true);
return Convert.ToBase64String(dataBytes);
}
}