Import RSACryptoServiceProvider without persistence

Question

According to this answer - every time an RSACryptoServiceProvider is created it is persisted unless explicitly told not to.

What about ImportCspBlob? I have a private key as a byte[], So I use:

using (var rsa = new RSACryptoServiceProvider())
{
    rsa.ImportCspBlob(keyBlob);
    //rsa.PersistKeyInCsp = false; //Should I add this? Perhaps before the CSP import?
    //Use rsa ...
}

Do I need the PersistKeyInCsp = false;? Will it be too late because it was already persisted? But using it before the import - won't it affect whatever was the previous blob?

PersistKeyInCsp = false will only disable saving the key in Windows Memeory. — Nayef, Jan 29 '15 at 13:05

score 0 · Answer 1 · answered Oct 24 '14 at 16:30

Setting PersistKeyInCsp to false will even remove an existing persisted key, so it does exactly what you're hoping, although as long as your CspParameters don't specify a container name (in this case, you're using the parameterless constructor, so you have not specified a container name), I don't believe it will persist regardless of the value of PersistKeyInCsp.

Import RSACryptoServiceProvider without persistence

1 Answers1