locked
System.Security.Cryptography.RSACryptoServiceProvider - Key not valid for use in specified state exception RRS feed

  • Question

  • Hello,

    i am using a RSA-Key for signing a XML-file.

    I have a private key which is only including to the tool for signing the XML-file.

    And i have a public key which is included in the code for verifying the sighnature of the XML-file.

    The use of the signature is to protect the XML from changes and make sure that the file is unchanged by somebody else.

    The code is similar to the example from MSDN and works "normally" very well.

    But on one Computer i get a "Key not valid for use in specified state".

    The Code part:

                    CspParameters cspParams = new CspParameters();
                    cspParams.KeyContainerName = "XML_DSIG_RSA_KEY";

                    // Create a new RSA signing key and save it in the container.
                    RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);

    The exception:

    e.Message:
    Schlüssel ist im angegebenen Status nicht gültig. = Key not valid for use in specified state

    e.Source:
    mscorlib

    e.StackTrace:
       bei System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
       bei System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
       bei System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
       bei System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
       bei System.Security.Cryptography.RSACryptoServiceProvider..ctor(CspParameters parameters)
       bei XXX.Verify(String aXMLFilename) in C:\...XXX...\SignXML.cs:Zeile 317.

    I dont know what can be the reason of this exception.

    The code works on other Computers and the same xml file can be verified on my machine.

    The user of the computer can access\read\write the ...\Microsoft\Crypto\RSA\Machinekeys\-folder.

    I hope that somebody can give me some input and some ideas for error causes.

    Thanks in forward for your help.

    Regards, Peter

    Monday, November 4, 2013 7:00 AM

Answers

  • Hi Peterd,

    It seems like a bug with that computer. I think there may be something wrong on that computer. Someone has reported a bug whose error message like this one, however, the scenario is different. See the page for more information. http://connect.microsoft.com/SQLServer/feedback/details/387319/key-not-valid-for-use-in-specified-state.

    I recommend you post a new thread on Microsoft Connect for more effective response.

    Best Regards,


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, November 7, 2013 1:58 AM

All replies

  • Hi Peterd,

    This issue shows that too many bytes were passed to the Encrtyp method. You could refer to this page to see the reason of throwing this issue. http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider.encrypt.aspx.

    http://social.msdn.microsoft.com/Forums/es-ES/4e3ada0a-bcaf-4c67-bdef-a6b15f5bfdce/key-not-valid-for-use-in-specified-statewhat-do-you-mean

    Best Regards,


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, November 5, 2013 4:01 AM
  • Hello,

    thank you for your answer.

    But i dont believe\understand how this can be the reason.

    The exactly same XML-file ( with the exactly same signature) works on many Computers ( with the same verification-code).

    And on one Computer i get this exception. So it cant be related to the size?

    Or do i have a error in reasoning?

    thank you for your help in advance.

    Regards, Peter

    Tuesday, November 5, 2013 10:11 AM
  • Hello,

    here is more of the signature-verification code which i am using:

                  // Create a new CspParameters object to specify
                   // a key container.
                    CspParameters cspParams = new CspParameters();
                    cspParams.KeyContainerName = "XML_DSIG_RSA_KEY";

                    // Create a new RSA signing key and save it in the container.
                    RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider(cspParams);

                    // Use the public-key for verification
                    rsaKey.FromXmlString(SignXML.MY_PUBLIC_KEY);
                  
                    // Create a new XML document.
                    XmlDocument xmlDoc = new XmlDocument();

                    // Load an XML file into the XmlDocument object.
                    xmlDoc.PreserveWhitespace = true;
                    xmlDoc.Load(aXMLFilename);            
                    SignedXml signedXml = new SignedXml(xmlDoc);

                    // Find the "Signature" node and create a new
                    // XmlNodeList object.
                    XmlNodeList nodeList = Doc.GetElementsByTagName("Signature");
                                 
                    // Load the first <signature> node. 
                    signedXml.LoadXml((XmlElement)nodeList[0]);

                    // Check the signature and return the result.
                  signedXml.CheckSignature(rsaKey))...

    As you can see at the method-stack the exceptions occurs at the beginning of the method. So there is the public-key and the XML-file not used yet.

    I dont know what the reason can be.



    • Edited by peterd86 Tuesday, November 5, 2013 1:09 PM
    Tuesday, November 5, 2013 10:28 AM
  • Hi Peterd,

    It seems like a bug with that computer. I think there may be something wrong on that computer. Someone has reported a bug whose error message like this one, however, the scenario is different. See the page for more information. http://connect.microsoft.com/SQLServer/feedback/details/387319/key-not-valid-for-use-in-specified-state.

    I recommend you post a new thread on Microsoft Connect for more effective response.

    Best Regards,


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Thursday, November 7, 2013 1:58 AM
  • thank you.

    I posted a bug on Microsoft connect.

    Best regards,

    Peter

    Thursday, November 7, 2013 9:19 AM
  • I have seen the same exact problem.  "Key not valid for use in specified state." thrown from the constructor.  

    var cp = new CspParameters();
    cp.KeyContainerName = "PinpadMac";
    var provider = new RSACryptoServiceProvider(cp);

    Exception: System.Security.Cryptography.CryptographicException: Key not valid for use in specified state.
                                             at System.Security.Cryptography.Utils.CreateProvHandle(CspParameters parameters, Boolean randomKeyContainer)
                                             at System.Security.Cryptography.Utils.GetKeyPairHelper(CspAlgorithmType keyType, CspParameters parameters, Boolean randomKeyContainer, Int32 dwKeySize, SafeProvHandle& safeProvHandle, SafeKeyHandle& safeKeyHandle)
                                             at System.Security.Cryptography.RSACryptoServiceProvider.GetKeyPair()
                                             at System.Security.Cryptography.RSACryptoServiceProvider..ctor(Int32 dwKeySize, CspParameters parameters, Boolean useDefaultKeySize)
                                             at System.Security.Cryptography.RSACryptoServiceProvider..ctor(CspParameters parameters)

    Monday, February 8, 2016 11:59 PM