Re: Suggested additional constructor for RSACryptoServiceProvider

From: Ivan Medvedev [MS] (ivanmed_at_online.microsoft.com)
Date: 06/17/03


Date: Mon, 16 Jun 2003 22:09:49 GMT


Michel -
we are working on making this easier in the next version. We may have
something that would allow one to load a certificate and grab a public key
directly off of it, all in just a couple of lines of code.
Thanks for your valuable suggestions and for helping us make our product
better.
--Ivan
This message is provided "AS IS" with no warranties, and confers no rights.

--------------------
>From: "Michel Gallant" <neutron@istar.ca>
>References: <#ZMvME2LDHA.1216@TK2MSFTNGP11.phx.gbl>
<O1uMKt7LDHA.2228@tk2msftngp13.phx.gbl>
>Subject: Re: Suggested additional constructor for RSACryptoServiceProvider
>Date: Tue, 10 Jun 2003 22:02:03 -0400
>Lines: 73
>X-Priority: 3
>X-MSMail-Priority: Normal
>X-Newsreader: Microsoft Outlook Express 6.00.2800.1158
>X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165
>Message-ID: <OpJQ517LDHA.704@tk2msftngp13.phx.gbl>
>Newsgroups: microsoft.public.dotnet.security
>NNTP-Posting-Host: hse-windsor-ppp252269.sympatico.ca 64.230.135.98
>Path: cpmsftngxa06.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
>Xref: cpmsftngxa06.phx.gbl microsoft.public.dotnet.security:1597
>X-Tomcat-NG: microsoft.public.dotnet.security
>
>No, not particularly (the publickeyfile exported by sn or secutil is in
fact
>just a CAPI public key blob, with 3 extra headers as seen in strongname.h).
>For discussion, the RSA signature verification example at:
>
>http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpguide/ht
ml/cpconverifyingsignatures.asp
>shows initializing the RSACryptoServiceProvider instance by setting
>modulus and exponent.
>I am just requesting that in next release, there be some
developer-convenience
>methods to make instantiating an RSACryptoServiceProvider object, for
>cases where only public parts are required like signature verification, a
bit easier. e.g.:
>
> RSACryptoServiceProvider(string exportedpublickeyfile)
>
>or perhaps even better, why not have
>RSACryptoServiceProvider(X509Certificate certinstance)
> or
>RSACryptoServiceProvider(string X509certificatefile)
>and have the constructors extract the modulus and exponent as a
convenience.
>
>Thanks,
> - Mitch
>
>"Steven Grayson [MSFT]" <sgrayson@online.microsoft.com> wrote in message
>news:O1uMKt7LDHA.2228@tk2msftngp13.phx.gbl...
>> Are you wanting to use a CAPI key blob as input to the constructor?
>>
>> --
>> This posting is provided "AS IS" with no warranties, and confers no
rights.
>> Use of included script samples are subject to the terms specified at
>> http://www.microsoft.com/info/cpyright.htm
>> "Michel Gallant" <neutron@istar.ca> wrote in message
>> news:%23ZMvME2LDHA.1216@TK2MSFTNGP11.phx.gbl...
>> > Currently with 1.0/1.1 .NET Framework classes,
RSACryptoServiceProvider
>> > constructors support initializing with existing RSA credentials using
the
>> CspParameters
>> > argument.
>> > I think it would be very useful to have a constructor supporting an
>> > exported public-key file argument. This would be very handy, for
example,
>> > in using signature verification where end-users currently need to
populate
>> > CspParameters explicitly with modulus and exponent properties.
>> >
>> > However, tools like sn.exe can export to a file the encapsulated RSA
>> > *public* key credentials (from either a keypair.snk or ANY CryptoAPI
key
>> container).
>> > The format of this public key file is a thin wrapper around the
CryptoAPI
>> publickeyblob
>> > format and is identical to that stored in SN'd assembly as the
publickey
>> part of
>> > assembly name.
>> > So why not have a "convenience" constructore like:
>> > RSACryptoServiceProvider(string publickeyfile) ?
>> >
>> > Of course one can simply serialize the public parts of CspParameters
to a
>> file:
>> > RSAParameters rsaParams = rsaCSP.ExportParameters(false) ;
>> > FileStream fs = new FileStream(rsapubparms, FileMode.CreateNew);
>> > BinaryFormatter formatter = new BinaryFormatter();
>> > formatter.Serialize(fs, rsaParams);
>> >
>> >
>> > and pass this to users (for signature verification), but I think the
new
>> constructor
>> > is a simpler approach.
>> >
>> > - Michel Gallant
>> > MVP Security
>> >
>> >
>> >
>>
>>
>
>
>