Re: RSACryptoServiceProvider - Decrypting then Encrypting
From: Peter McEvoy (peter_mcevoy_at_excite.com)
Date: 07/01/03
- Next message: dave: "Page level forms Authentication"
- Previous message: Mike Kingscott: "HELP: MS PDF "Building Secure ASP.Net Applications" - Forms Auth. and Anonymous Access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 1 Jul 2003 10:33:06 -0700
Paul,
I read with interest your recent message to aspnet.security:
http://groups.google.ie/groups?hl=en&lr=&ie=UTF-8&oe=UTF-8&threadm=Owh3dOXODHA.1024%40TK2MSFTNGP12.phx.gbl&rnum=16&prev=/groups%3Fq%3D%2522Bad%2BData%2522%2BCryptographicException%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26start%3D10%26sa%3DN
I have been trawling the net for the last day looking for a way to
encrypt a message using the PRIVATE key and decrypt using the PUBLIC
key as well, and I was wondering if you had received any follow-ups on
your question?
My own reasons for doing this are because I want to be able to encrypt
a string that can only be decrypted using the public key that I
provide: I will be distributing the public key within my .Net
application - distributing the key pair is obviously not a runner...
I know this is mathematically (and crytographically) possible, and
have read numerous threads on sci.crypt that assure this. In fact,
crytograpic siging does this (Singing actually encrypts a _hash_ of
the data using the private key - verifying the sig means decrypting
the encrypted hash using the public key and comparing the decrypted
hash with a generated hash), so I know there is enough info in the
public key to decrypt a message encrypted with the private key)
Where I am right now is this:
- .Net pukes if you try to decrypt using a key that is public
- .Net will only decrypt using a key that contains key-pair
information
- .Net encrypts using the public key info of the key
- Public keys contain only Modulus (128 bit) and Exponent (3bit)
information
- Key pairs contain lots of other fields, but the only other field of
size 128bit is the "D" parameter
- When encrypting, I create a new RSA key pair, and assign the Modulus
param the "D" param value of my stored private key (the one I want to
keep secret in the office)
- When decrypting, I create a new RSA Key pair, and assign the "D"
param the value of the Modulus of the public key (the public key is an
embedded resource in the application)
To my mind, this "should" work, but I am also getting a "Bad data"
message...
(BTW, I was also getting a "Bad Data" message when I incorrectly
converted the byte[] to strings using ASCIIEncoding.ASCII.GetBytes,
when it converts correctly if I use Convert.ToBase64String (to convert
the byte[] to a string) and Convert.FromBase64String (to convert from
a string to a byte[]).
Have you had any sucess with this since you posted your message?
All the best,
Pete
- Next message: dave: "Page level forms Authentication"
- Previous message: Mike Kingscott: "HELP: MS PDF "Building Secure ASP.Net Applications" - Forms Auth. and Anonymous Access"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
