Re: X.509 certificates and RSA encryption

From: Thorsten Kallweit (thorsten.kallweit_at_bms-software.de)
Date: 01/23/04

• Next message: solex: "Dot Net Installation Setting Default Security"
• Previous message: Johannes Resch: "Re: Certificates received from Windows CertStore: wrong public key (and incorrect modulus length)?"
• In reply to: Mikael Engdahl: "X.509 certificates and RSA encryption"
• Next in thread: Michel Gallant: "Re: X.509 certificates and RSA encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 23 Jan 2004 14:06:27 +0100

Hi,

> Now I want to use the public key from the certificate to do some RSA
> encrypting. I can get the key from the certificate as a byte array by
using
> the GetPublicKey method, but I can't find any way of supplying the key to
> the RSACryptoServiceProvider object. How do I do this?

I suggest you read the following MSDN-article.
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncapi/html/encryptdecrypt2a.asp

 there you'll find the code snipped how to extract the public key from a
x509 certificate into a RSAParameters object.

> The same as above, but another certificate (mine), and this time I want to
> use the private key (for signing). But I can't even find I way of getting
> the private key out of the cert (there is no GetPrivateKey method).
>
> Is the private key even in the certificate?

a certificate never contains any private informattion. private keys are held
in secure key databases related to a cryptographic service provider.
I suggest the following article:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncapi/html/netcryptoapi.asp

you better read this one first, it is part one of the earlier mentioned
article.

greets,
Thorsten

---

• Next message: solex: "Dot Net Installation Setting Default Security"
• Previous message: Johannes Resch: "Re: Certificates received from Windows CertStore: wrong public key (and incorrect modulus length)?"
• In reply to: Mikael Engdahl: "X.509 certificates and RSA encryption"
• Next in thread: Michel Gallant: "Re: X.509 certificates and RSA encryption"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages RE: SIMple SSL question ?? ... I believe your book is instructing you to keep the private key secure. ... you use the certificate request wizard in IIS to install the cert after it's ... the certificate that's just been installed. ... If an attacker retrievs the SSL certificate, ... (microsoft.public.dotnet.security) RE: SIMple SSL question ?? ... I believe your book is instructing you to keep the private key secure. ... you use the certificate request wizard in IIS to install the cert after it's ... the certificate that's just been installed. ... If an attacker retrievs the SSL certificate, ... (microsoft.public.dotnet.security) Re: Certificates, Keys, Mobile Users, Intended Usage ... Option that you think about uses self signed EFS certificates. ... Better then exporting user's private key as backup is to setup DRA (Data ... there is no EFS certificate and it will generate a new one. ... Mobile computer users benefit from encrypting sensitive ... (microsoft.public.win2000.security) Re: PFXExportCertStoreEx ... which contains the actual PFX and write that to the disk. ... methods to export certificate + private key from the IE store. ... (microsoft.public.platformsdk.security) Re: EFS On Drive Works With >1 Computer? ... >I just went to Help and Support Center to see if it says anything. ... > agent's private key and certificate, ... > certificate, decrypting the file or folder, and then deleting the imported ... Try to decrypt it on a computer that is not and has ... (microsoft.public.windowsxp.security_admin)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.security  > 2004-01