> I think I put this in the wrong group (aspnet.security), reposting here.
>  Sorry:
>
> I've been looking at this off and on for a few days now and can't figure
> out how to simply move a keycontainer from one machine to another.  I've
> tried several things:
>
>    * creating a pfx file and importing it on the target machine - this
> gets a keycontainer created on the target machine, but it no longer has
> the name I need it to (for code to access it). Instead, it has a guid as
> the name.
>
>    * RSACryptoServiceProvider.ExportCspBlob and ImportCspBlob
>
>    * RSACryptoServiceProvider.ToXmlString(true) and FromXmlString()
>
>
> I haven't yet tried RSACryptoServiceProvider.ExportParameters and
> reimporting them on the target machine.
>
> Am I going about this completely wrong?
>
> Thanks,
> Eric

"Eric Johnson" <e*@ejinnovations.com> wrote in message
news:RGnIf.39820$c31.14910@fe08.news.easynews.com...
> Yeah, that's supposed to be titled "moving encryption KeyContainers".
>
> Eric Johnson wrote:
>> I think I put this in the wrong group (aspnet.security), reposting here. Sorry:
>>
>> I've been looking at this off and on for a few days now and can't figure out how to simply move a
>> keycontainer from one machine to another.  I've tried several things:
>>
>>    * creating a pfx file and importing it on the target machine - this gets a keycontainer
>> created on the target machine, but it no longer has the name I need it to (for code to access
>> it). Instead, it has a guid as the name.
>>
>>    * RSACryptoServiceProvider.ExportCspBlob and ImportCspBlob
>>
>>    * RSACryptoServiceProvider.ToXmlString(true) and FromXmlString()
>>
>>
>> I haven't yet tried RSACryptoServiceProvider.ExportParameters and reimporting them on the target
>> machine.
>>
>> Am I going about this completely wrong?
>>
>> Thanks,
>> Eric

> Hi Eric,
> You should be able to do what you want using .NET only (however, be
> WARNED that the export of the parameters leaves them (private key) in cleartext!
>
>   const int AT_KEYEXCHANGE = 1;
>   const int AT_SIGNATURE = 2;
>   .....
>
> // ----- Original platform -------
>  string ContainerName = "OriginalContainerName" ;
>  CspParameters cp0 = new CspParameters();
>  cp0.KeyContainerName = ContainerName;
>  cp0.KeyNumber = AT_KEYEXCHANGE;  //change if necessary
>  RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider(cp0);
>  RSAParameters rsaParams = rsaCSP.ExportParameters(true);
> // .. and serialize this rsaParams, or use XML export approach to a string
>
> // ----- Target platform ------
>   CspParameters cp = new CspParameters();
>   cp.KeyContainerName = "DesiredContainerName";
>   cp.KeyNumber = AT_KEYEXCHANGE;  // change if necessary
>   RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);
>   rsa.ImportParameters(rsaParams) ;
>
> - Mitch Gallant
>    MVP Security
>
> "Eric Johnson" <e*@ejinnovations.com> wrote in message
> news:RGnIf.39820$c31.14910@fe08.news.easynews.com...
>> Yeah, that's supposed to be titled "moving encryption KeyContainers".
>>
>> Eric Johnson wrote:
>>> I think I put this in the wrong group (aspnet.security), reposting here. Sorry:
>>>
>>> I've been looking at this off and on for a few days now and can't figure out how to simply move a
>>> keycontainer from one machine to another.  I've tried several things:
>>>
>>>    * creating a pfx file and importing it on the target machine - this gets a keycontainer
>>> created on the target machine, but it no longer has the name I need it to (for code to access
>>> it). Instead, it has a guid as the name.
>>>
>>>    * RSACryptoServiceProvider.ExportCspBlob and ImportCspBlob
>>>
>>>    * RSACryptoServiceProvider.ToXmlString(true) and FromXmlString()
>>>
>>>
>>> I haven't yet tried RSACryptoServiceProvider.ExportParameters and reimporting them on the target
>>> machine.
>>>
>>> Am I going about this completely wrong?
>>>
>>> Thanks,
>>> Eric
>
>

> Great, I wasn't far off.  I was using the default constructor on the
> target platform before doing the import.  I'll give this a shot, thanks!
>
> Eric
>
> Mitch Gallant wrote:
>> Hi Eric,
>> You should be able to do what you want using .NET only (however, be
>> WARNED that the export of the parameters leaves them (private key) in
>> cleartext!
>>
>>   const int AT_KEYEXCHANGE = 1;
>>   const int AT_SIGNATURE = 2;
>>   .....
>>
>> // ----- Original platform -------
>>  string ContainerName = "OriginalContainerName" ;
>>  CspParameters cp0 = new CspParameters();
>>  cp0.KeyContainerName = ContainerName;
>>  cp0.KeyNumber = AT_KEYEXCHANGE;  //change if necessary
>>  RSACryptoServiceProvider rsaCSP = new RSACryptoServiceProvider(cp0);
>>  RSAParameters rsaParams = rsaCSP.ExportParameters(true);
>> // .. and serialize this rsaParams, or use XML export approach to a
>> string
>>
>> // ----- Target platform ------
>>   CspParameters cp = new CspParameters();
>>   cp.KeyContainerName = "DesiredContainerName";
>>   cp.KeyNumber = AT_KEYEXCHANGE;  // change if necessary
>>   RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cp);
>>   rsa.ImportParameters(rsaParams) ;
>>
>> - Mitch Gallant
>>    MVP Security
>>
>> "Eric Johnson" <e*@ejinnovations.com> wrote in message
>> news:RGnIf.39820$c31.14910@fe08.news.easynews.com...
>>> Yeah, that's supposed to be titled "moving encryption KeyContainers".
>>>
>>> Eric Johnson wrote:
>>>> I think I put this in the wrong group (aspnet.security), reposting
>>>> here. Sorry:
>>>>
>>>> I've been looking at this off and on for a few days now and can't
>>>> figure out how to simply move a keycontainer from one machine to
>>>> another.  I've tried several things:
>>>>
>>>>    * creating a pfx file and importing it on the target machine -
>>>> this gets a keycontainer created on the target machine, but it no
>>>> longer has the name I need it to (for code to access it). Instead,
>>>> it has a guid as the name.
>>>>
>>>>    * RSACryptoServiceProvider.ExportCspBlob and ImportCspBlob
>>>>
>>>>    * RSACryptoServiceProvider.ToXmlString(true) and FromXmlString()
>>>>
>>>>
>>>> I haven't yet tried RSACryptoServiceProvider.ExportParameters and
>>>> reimporting them on the target machine.
>>>>
>>>> Am I going about this completely wrong?
>>>>
>>>> Thanks,
>>>> Eric
>>
>>