Re: Use my your own HashAlgorithm Class

From: Shawn Farkas (
Date: 03/23/04

Date: Tue, 23 Mar 2004 20:47:23 GMT

I see what you're trying to do. Rather than use the EncryptValue / DecryptValue methods (which RSACryptoServiceProvider doesn't support), use
the Encrypt and Decrypt methods.

For instance:

byte[] data = new byte[] { 0, 1, 2, 3, 4, 5 };
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
byte[] encrypted = rsa.Encrypt(data, false);

byte[] decrypted = rsa.Decrypt(encrypted, false);


This posting is provided "AS IS" with no warranties, and confers no rights.
Note:  For the benefit of the community-at-large, all responses to this message are best directed to the newsgroup/thread from which they 
>Date: Tue, 23 Mar 2004 16:46:13 +0100
>From: meno abels <>
>User-Agent: Mozilla Thunderbird 0.5 (Windows/20040207)
>X-Accept-Language: en-us, en
>MIME-Version: 1.0
>Subject: Re: Use my your own HashAlgorithm Class
>References: <OvJn7Y$DEHA.3412@TK2MSFTNGP10.phx.gbl> <dZzONeHEEHA.756@cpmsftngxa06.phx.gbl>
>In-Reply-To: <dZzONeHEEHA.756@cpmsftngxa06.phx.gbl>
>Content-Type: text/plain; charset=us-ascii; format=flowed
>Content-Transfer-Encoding: 7bit
>Message-ID: <umOd23OEEHA.2640@TK2MSFTNGP09.phx.gbl>
>Lines: 1         
>Path: cpmsftngxa06.phx.gbl!TK2MSFTNGXS01.phx.gbl!TK2MSFTNGXA05.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP09.phx.gbl
>Xref: cpmsftngxa06.phx.gbl
>Hi Shawn,
>thanks for your answer it sounds like a hard way to reach the target. My idea to
>provide an very simple HashAlogrithm was that i want use the private key to encrypt
>a small amount of data which i can only decrypt with the publickey. Implicit this
>is done by SignHash, but I can't control the data which is encrypt by signhash it
>is every time a hash value but i want to put something different in it. With openssl
>there is no problem to encrypt any small data with the private key.
>I tried first to provide the private key to EncryptData and use the public key for
>DecryptData but this didn't worked. Is there an other possiblity to get any small data
>encrypted with the private key?
>> Hi Meno,
>> 	Since you've gotten as far as the OID exception, I assume you already figured out how to setup machine.config so that the Crypto APIs 
>> recognize your algorithm.  You may have even figured out how to map new OIDs in machine.config.  However, the problem is a little deeper 
>> that.  The RSACryptoServiceProvider class provides a thin wrapper around the RSA implementation provided by the crypto service provider 
>> (CSP) built into Windows.  Almost every method call you make to RSACryptoServiceProvider will translate into a call into Windows crypto API 
>> (CAPI), which results in a call into the CSP to do the actual work.
>> 	SignHash is one of those wrappers.  It doesn't actually do the work, CAPI does.  Since machine.config only affects .NET crypto, CAPI 
>> doesn't know about your new algorithm.  Assuming that you set up the OID mapping for your algorithm properly, RSACryptoServiceProvider 
>> as far as mapping your algorithm name into whichever OID you specify.  But CAPI doesn't work with OIDs directly, instead it works with algorithm 
>> identifiers.  Since CAPI will be doing the actual signing, RSACryptoServiceProvider goes ahead and asks CAPI for the algorithm identifier for 
>> OID it got for your algorithm.  CAPI has no idea what this algorithm is, so it returns an error code, resulting in the exception you just mentioned.
>> 	CAPI does provide a way for you to extend its built in algorithms however.  You can call CryptRegisterOIDInfo (and CryptUnregisterOIDInfo 
>> to get rid of the mapping), to register an OID with CAPI.  Once you accomplish this, you're going to have to provide an algorithm id for this OID to 
>> map to.  Providing a new algorithm ID involves writing a custom CSP and plugging it into CAPI.
>> 	All in all there's quite a bit of work to get a custom hash algorithm to work with the CryptoServiceProvider classes.  If you're still interested in 
>> trying this all out, I'd start by looking up information on writing a custom CSP on MSDN.
>> -Shawn