Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

RSA Container in IIS returning "Object already exists"

When I deploy my working ASP.NET CORE 2.2 app to my local IIS 10 it gives me the exception

Internal.Cryptography.CryptoThrowHelper+WindowsCryptographicException: Object already exists
   at Internal.NativeCrypto.CapiHelper.CreateCSP(CspParameters parameters, Boolean randomKeyContainer, SafeProvHandle& safeProvHandle)
   at Internal.NativeCrypto.CapiHelper.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
   at System.Security.Cryptography.RSACryptoServiceProvider.get_SafeProvHandle()
   at System.Security.Cryptography.RSACryptoServiceProvider.get_SafeKeyHandle()
   at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 keySize, CspParameters parameters, Boolean useDefaultKeySize)
   at System.Security.Cryptography.RSACryptoServiceProvider..ctor(CspParameters parameters)
   at SamoletBot.Utilities.RSAHelper.GetRSAFromString(String pemstr) in D:\Projects\SamoletBot22\SamoletBot\SamoletBot.Utilities\RSAHelper.cs:line 23

Here is the relevant code:

   CspParameters cspParameters = new CspParameters();
   cspParameters.KeyContainerName = "TheContainer";
   cspParameters.Flags = CspProviderFlags.UseMachineKeyStore;

   RSACryptoServiceProvider rsaKey;
   rsaKey = new RSACryptoServiceProvider(cspParameters);

The exception is thrown on the last line

After reading I concluded that this happens because of RSA container permissions and I saw a couple of answers which use this in order to grant permissions to every user.

CryptoKeyAccessRule rule = new CryptoKeyAccessRule("everyone", CryptoKeyRights.FullControl, AccessControlType.Allow);

The problem is that CryptoKeyAccessRule could not be found. I have imported using System.Security.AccessControl. Looking at Microsoft docs I saw that this is only for .NET Framework.

What is the alternative way to create a "shared" RSA container in .NET Core 2.2?

like image 977
Reath Avatar asked Aug 22 '19 10:08

Reath


1 Answers

I am not sure this will fulfil your requirement. But above libs are not included in .net standard/core apis.

You may need to Switch to below and do a workaround

https://www.nuget.org/packages/System.IO.FileSystem.AccessControl/

System.IO.FileSystem.AccessControl
like image 72
cdev Avatar answered Sep 22 '22 11:09

cdev