Re: 512 bit encryption with RSACryptoServiceProvider results in "Bad Key"

From: Mike Mazar (mazar_at_mazsoft.com)
Date: 06/06/03 

Date: Thu, 5 Jun 2003 18:05:35 -0400

You are right. What I need to do is to verify a signature. But the problem
is that this signature is made of 2 hashes. Based on TLS protocol, this
signature is created by encrypting the 36 byte result of concatenating MD5
hash (16 bytes) and SHA1 hash (20 bytes) of the data to be signed. I believe
the RSAPKCS1SignatureDeformatter can only verify based on one hash. The only
thing I need to do is to decrypt 64 bytes of data using a public key.

"Michel Gallant" <neutron@istar.ca> wrote in message
news:OLrMHf6KDHA.2080@TK2MSFTNGP09.phx.gbl...
> I think your second example is STILL using the public key to encrypt.
> (Why do you think it is using the private key to encrypt?)
> No matter how you construct RSACryptoServiceProvider,
> oRSA.Encrypt will always encrypt data with the public key of that
instance.
> To use the private key for encryption (which is really digital signature
stuff),
> you need to use RSAPKCS1SignatureFormatter on a hash of data.
>
> Also, it is a bit simpler to get a cert context and pass to .NET thus:
>
> ICertContext iCertCntxt = (ICertContext) oCert;
> IntPtr hCertCntxt = new IntPtr(iCertCntxt.CertContext);
> X509Certificate foundcert = new X509Certificate(hCertCntxt);
>
> - Mitch
>
> "Mike Mazar" <mazar@mazsoft.com> wrote in message
news:u4dPoJ6KDHA.2008@TK2MSFTNGP10.phx.gbl...
> > Maybe I did not describe the problem correctly. Let me give you actual
code
> > fragments so you can do the test yourself. This code is a combination of
> > .net classes and CAPICOM and some code that I had to figure out by
myself.
> > If you know a better way to do this (without WSE) I appreciate if you
let me
> > know.
> > Both these tests will get a Machine Certificate and then Encrypt and
Decrypt
> > a short text. One of these uses "Public Key" to Encrypt and then
"Private
> > Key" to decrypt. This one works fine. But in second code, if I use the
> > "Private Key" to encrypt and "Public Key" to decrypt, it gives me the
"Bad
> > Key" error at the Decrypt method call.
> >
> > Here is the first code segment which runs correctly:
> >
> > '---------------- Get Server Certificate
> > Dim CAPI_Store As New CAPICOM.Store()
> >
CAPI_Store.Open(CAPICOM.CAPICOM_STORE_LOCATION.CAPICOM_LOCAL_MACHINE_STORE,
> > "MY")
> > Dim CAPI_Cert As CAPICOM.Certificate = CAPI_Store.Certificates.Item(1)
> > '---------------- Create RSA Using Public Key
> > Dim PublicKey As Byte() =
> >
Encoding.Unicode.GetBytes(CAPI_Cert.PublicKey.EncodedKey.Value(CAPICOM.CAPIC
> > OM_ENCODING_TYPE.CAPICOM_ENCODE_BINARY))
> > Dim Encryptor As New RSACryptoServiceProvider()
> > Encryptor.ImportParameters(RSAKeyInfo(PublicKey))
> > '---------------- Encrypt
> > Dim CAPI_Encrypted As Byte() =
> > Encryptor.Encrypt(Encoding.ASCII.GetBytes(txtOriginal.Text), False)
> > txtEncrypted.Text = Encoding.ASCII.GetString(CAPI_Encrypted)
> > '---------------- Create RSA Using Private Key
> > Dim CAPI_Params As New CspParameters(CAPI_Cert.PrivateKey.ProviderType,
_
> > CAPI_Cert.PrivateKey.ProviderName, _
> > CAPI_Cert.PrivateKey.ContainerName)
> > CAPI_Params.Flags = CspProviderFlags.UseMachineKeyStore
> > Dim Decryptor As New RSACryptoServiceProvider(CAPI_Params)
> > '---------------- Decrypt
> > Dim CAPI_Result As Byte() = Decryptor.Decrypt(CAPI_Encrypted, False)
> > txtDecrypted.Text = Encoding.ASCII.GetString(CAPI_Result)
> >
> >
> > And this one (second code) returns the "Bad Key" error:
> >
> >
> > '---------------- Get Client Certificate
> > Dim CAPI_Store As New CAPICOM.Store()
> >
CAPI_Store.Open(CAPICOM.CAPICOM_STORE_LOCATION.CAPICOM_LOCAL_MACHINE_STORE,
> > "MY")
> > Dim CAPI_Cert As CAPICOM.Certificate = CAPI_Store.Certificates.Item(1)
> > '---------------- Create RSA Using Private Key
> > Dim CAPI_Params As New CspParameters(CAPI_Cert.PrivateKey.ProviderType,
_
> > CAPI_Cert.PrivateKey.ProviderName, _
> > CAPI_Cert.PrivateKey.ContainerName)
> > CAPI_Params.Flags = CspProviderFlags.UseMachineKeyStore
> > Dim Encryptor As New RSACryptoServiceProvider(CAPI_Params)
> > '---------------- Encrypt
> > Dim CAPI_Encrypted As Byte() =
> > Encryptor.Encrypt(Encoding.ASCII.GetBytes(txtOriginal.Text), False)
> > txtEncrypted.Text = Encoding.ASCII.GetString(CAPI_Encrypted)
> > '---------------- Create RSA Using Public Key
> > Dim PublicKey As Byte() =
> >
Encoding.Unicode.GetBytes(CAPI_Cert.PublicKey.EncodedKey.Value(CAPICOM.CAPIC
> > OM_ENCODING_TYPE.CAPICOM_ENCODE_BINARY))
> > Dim Decryptor As New RSACryptoServiceProvider()
> > Decryptor.ImportParameters(RSAKeyInfo(PublicKey))
> > '---------------- Decrypt
> > Dim CAPI_Result As Byte() = Decryptor.Decrypt(CAPI_Encrypted, False)
> > txtDecrypted.Text = Encoding.ASCII.GetString(CAPI_Result)
> >
> >
> > To test these examples, you will need the following functions:
> >
> > Private Function RSAKeyInfo(ByVal PublicKey As Byte()) As RSAParameters
> > RSAKeyInfo.Modulus = GetASN1Value(GetASN1Value(PublicKey))
> > RSAKeyInfo.Modulus = ArrayPart(RSAKeyInfo.Modulus, 1,
> > RSAKeyInfo.Modulus.Length - 1)
> > Dim Exponent As Byte() = {1, 0, 1}
> > RSAKeyInfo.Exponent = Exponent
> > End Function
> >
> > Private Function GetASN1Value(ByVal ASN1 As Byte()) As Byte()
> > Dim temp, I, Len1 As Short
> > If ASN1(1) And 128 Then
> > temp = ASN1(1) Xor 128
> > For I = 1 To temp
> > Len1 += ASN1(1 + I) * 256 ^ (temp - I)
> > Next
> > Else
> > Len1 = ASN1(1)
> > End If
> > Return ArrayPart(ASN1, 2 + temp, Len1)
> > End Function
> >
> > Public Shared Function ArrayPart(ByVal ByteArray As Byte(), ByVal
StartIndex
> > As Integer, ByVal Length As Integer) As Byte()
> > Dim Temp(Length - 1) As Byte
> > Array.Copy(ByteArray, StartIndex, Temp, 0, Length)
> > Return Temp
> > End Function
> >
> >
> > "Michel Gallant" <neutron@istar.ca> wrote in message
> > news:u$UxcA4KDHA.2244@TK2MSFTNGP11.phx.gbl...
> > > Not too clear what you are doing:
> > > Are you encrypting the 64 bytes with a clients *public key* ?
> > > That is what the final paragraph seems to indicate, but the first
> > > paragraph says " ... with client's private key".
> > >
> > > In that case, you of course need the client's private key to decrypt,
> > > instantiating with the public key is not sufficient.
> > >
> > > By default, RSACryptoServiceProvider uses Current User keys.
> > >
> > > - Michel Gallant
> > > MVP Security
> > >
> > > "Mike Mazar" <mazar@mazsoft.com> wrote in message
> > news:uE1W6uwKDHA.2052@TK2MSFTNGP11.phx.gbl...
> > > > I have wasted a lot of time on this problem. I hope someone can help
me:
> > > >
> > > > My server application receives a client Certificate as a byte array
> > which I
> > > > can successfully load it in a X509Certificate object. This
certificate
> > has a
> > > > public key with a 512 bit modulus. I can extract the Modulus and
> > Exponent
> > > > from this public key and create a RSACryptoServiceProvider object
with
> > no
> > > > problem. When I try to Decrypt 64 bytes of data (encrypted with
> > client's
> > > > private key) using the Decryptor object, the "Bad Key" exception
> > happens.
> > > > Here is a part of my code:
> > > >
> > > > Dim Cert As New X509Certificates.X509Certificate(Certificate)
> > > > Dim Decryptor As New RSACryptoServiceProvider(512)
> > > > Decryptor.ImportParameters(RSAKeyInfo(Cert.GetPublicKey))
> > > >
> > > > I tested this logic with a Computer certificate which I read from
> > > > LOCAL_MACHINE_STORE. I can encrypt some data using public key and
then
> > > > decrypt it with private key with no problem. But if I use a
certificate
> > from
> > > > CURRENT_USER_STORE, "Bad Key" exception happens. Is there any
difference
> > > > between keys used in Computer certificates and User (client)
> > certificates?
> > > > These certificates are all being used by another application (which
I'm
> > > > trying to re-engineer) so there is no problem with the certificates.
> > > >
> > > >
> > >
> > >
> >
> >
>
>

Relevant Pages

  • Re: Soft signatures
    ... now, digital signature, typically just represents that you (in ... For some time there were arguments that if a certificate contained the ... certificate with your public key and the non-repudiation flag in it. ... for a number of different business purposes. ...
    (sci.crypt)
  • Re: Public Encryption Key
    ... encrypt the message with the recipient's public key (or ... the two can be combined by: first do a digital signature of the ... certificate, certifying the validity of the assertion (ex: ...
    (comp.security.misc)
  • Re: Public Encryption Key
    ... encrypt the message with the recipient's public key (or ... the two can be combined by: first do a digital signature of the ... certificate, certifying the validity of the assertion (ex: ...
    (sci.crypt)
  • Re: Entourage mail and PGP/GPG?
    ... You can digitally sign messages and encrypt them using CA. ... using a certificate for each recipient. ... certificate (public key) and the validation chain. ...
    (microsoft.public.mac.office.entourage)
  • Problem verifying a X509Certificates signature
    ... One of the methods I am implementing is the Verify method. ... X509CertificateEnhanced) is signed by the public key (of another ... certificate) passed as a parameter. ... certificate's signature, to be used in the "rgbSignature" parameter. ...
    (microsoft.public.dotnet.security)
Loading