如何更改rsacryptoserviceprovider的csp参数

Question

我正在使用signedxml类进行RSA-SHA256 XML签名。但问题是我需要更改CSP来支持SHA256。

这是我选择证书的方式，

public X509Certificate2 GetCertificateFromStore()
        {
            X509Store st = new X509Store(StoreName.My, StoreLocation.CurrentUser);
            st.Open(OpenFlags.ReadOnly);
            X509Certificate2Collection col = st.Certificates.Find(X509FindType.FindByTimeValid, (object)DateTime.Now, false);

            X509Certificate2 x509Certificate =null;
            X509Certificate2Collection sel = X509Certificate2UI.SelectFromCollection(col, "Certificate", "Select single certificate to sign", X509SelectionFlag.SingleSelection);
            if (sel.Count > 0)
            {
                X509Certificate2Enumerator en = sel.GetEnumerator();
                en.MoveNext();
                x509Certificate = en.Current;
            }
            st.Close();
            //x509Certificate.s
            return x509Certificate;
        }

.

这是我尝试更改CSP参数的方式。

byte[] privateKeyBlob;
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
            rsa = cert.PrivateKey as RSACryptoServiceProvider;
            try
            {
                privateKeyBlob = rsa.ExportCspBlob(true);
            }
            catch
            {
                throw new ApplicationException("Private key fails to export");
            }
            // To use the RSA-SHA256 the CryptoAPI needs to select a special CSP: Microsoft Enhanced RSA and AES Cryptographic Provider
            // By reinstantiating a CSP of type 24 we ensure that we get the right CSP.
            CspParameters cp = new CspParameters(24);
            rsa = new RSACryptoServiceProvider(cp);
            rsa.ImportCspBlob(privateKeyBlob);


            signer.SigningKey = rsa;
            signer.KeyInfo = getKeyInfo(signer, cert);

.

问题是我使用USB设备令牌，我怀疑私钥无法出口。导出其抛出错误'键无效用于指定状态。'。

可以帮助如何做到这一点？

Answer 1

如果此处感兴趣的是我的解决方案，我最终使用了我的第三方CSP的另一个新版本。我使用的CSP版本是一个旧版本，我切换到新版本。现在签名正在工作。谢谢你的帮助。