Re: Using private keys to sign hash
From: Erick Daniel Tinajero (etinajero_at_quimera.org)
Date: 11/25/04
- Previous message: charismatic_evangelist_at_yahoo.com: "Reverse usage public/private RSA encryption keys licensing ... X509?"
- In reply to: Nicole Calinoiu: "Re: Using private keys to sign hash"
- Next in thread: Erick Daniel Tinajero: "Re: Using private keys to sign hash"
- Reply: Erick Daniel Tinajero: "Re: Using private keys to sign hash"
- Reply: Nicole Calinoiu: "Re: Using private keys to sign hash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 25 Nov 2004 15:46:21 -0600
Thanks for the answer, Nicole:
I need to do a PKCS#1 RSA sign to a MD5 hash. That's all. To accomplish it,
I have a certificate and private key generated by a tool that I didn't
develop, using OpenSSL functions. I was told that a private key without the
CRYPT_EXPORTABLE property cannot be used for such procedure in .NET, but I
didn't make it work with a private key generated with that property (made by
me) either.
I already figured it out that I need to assign the private key to the
RSACryptoServiceProvider without "extracting" it, because then the exception
is raised. But I don't know how to accomplish it. This is my scenario:
.PFX File --> Certificate Store -- > X509CertificateStore -->
X509Certificate
--> RSA --> RSACryptoServiceProvider.Sign
Either from the file or from the Certificate Store, I need to retrieve the
private key and then do the sign. I don't find it very complicated but I
don't know how to make it work in the code. Any ideas would be greatly
appreciated.
"Nicole Calinoiu" <calinoiu REMOVETHIS AT gmail DOT com> escribió en el
mensaje news:eCOC99x0EHA.2824@TK2MSFTNGP09.phx.gbl...
> Erick,
>
> The
> Microsoft.Web.Services2.Security.Cryptography.RSACryptoServiceProvider.ExportParameters()
> method does not allow export of the private key, regardless of what the
> documentation and the presence of the includePrivateParameters argument
> might lead you to believe. You'll need to some other approach to use the
> certificate private information to generate the desired signature.
> Someone may be able to help with this if you provide more complete details
> concerning your signing scenario.
>
> HTH,
> Nicole
>
>
>
> "Erick Daniel Tinajero" <etinajero@quimera.org> wrote in message
> news:OKZs$sP0EHA.392@TK2MSFTNGP12.phx.gbl...
>>
>> Hi there:
>>
>> I am trying to export (use) a private key from the certificate store to
>> sign a
>> hash. But I am getting the error:
>> Export of private parameters is not supported
>>
>> I have this:
>>
>> Dim store =
>> Microsoft.Web.Services2.Security.X509.X509CertificateStore.LocalMachineStore(Microsoft.Web.Services2.Security.X509.X509CertificateStore.MyStore)
>> store.OpenRead
>> Dim cert as Microsoft.Web.Services2.Security.X509.X509Certificate =
>> store.Certificates(0)
>> Dim RSA as RSA = Cert.Key
>> Dim RSAParams as RSAParameters = Cert.Key.ExportParameters(True)
>>
>> The exception happens when the last line executes. I guess its a
>> permission
>> problem, but I can't figure it out the solution. Can anyone help me?
>> Thanks.
>>
>>
>>
>>
>
>
- Previous message: charismatic_evangelist_at_yahoo.com: "Reverse usage public/private RSA encryption keys licensing ... X509?"
- In reply to: Nicole Calinoiu: "Re: Using private keys to sign hash"
- Next in thread: Erick Daniel Tinajero: "Re: Using private keys to sign hash"
- Reply: Erick Daniel Tinajero: "Re: Using private keys to sign hash"
- Reply: Nicole Calinoiu: "Re: Using private keys to sign hash"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
