Re: KeyIdentifier?

From: casey chesnut (casey_at_SPAM_SPAMbrains-N-brawn.com)
Date: 10/25/03

Next message: Michel Gallant: "Re: KeyIdentifier?"
Previous message: Eric Perlin [MS]: "Re: cxertificates on smart card"
In reply to: Sergio Dutra [MS]: "Re: KeyIdentifier?"
Next in thread: Michel Gallant: "Re: KeyIdentifier?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 24 Oct 2003 18:02:51 -0500

Didn't work for me.
I loaded the 'Server Public.cer' file into an X509Certificate class,
and then did the hash:

byte [] baPubKey = cert.GetPublicKey();
SHA1CryptoServiceProvider shaCsp = new SHA1CryptoServiceProvider();
byte [] baHash = shaCsp.ComputeHash(baPubKey);
string myKeyId = bNb.Sec.Format.GetB64(baHash);

... the result did not match. What am I doing wrong?

Thanks,
casey

"Sergio Dutra [MS]" <sergiod@online.microsoft.com> wrote in message
news:ORUBYBlmDHA.2528@TK2MSFTNGP10.phx.gbl...
> The key identifier is the SHA-1 hash of the certificate's public key.
>
> --
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Use of included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
> "casey chesnut" <casey@SPAM_SPAMbrains-N-brawn.com> wrote in message
> news:%23EuNE$imDHA.1004@TK2MSFTNGP09.phx.gbl...
> > Using the WSE, they have a concept of a KeyIdentifier for a Certificate.
> > I'm trying to figure out how to create a KeyIdentifier for a non .NET /
> WSE
> > client,
> > and how to work with KeyIdentifiers from a WSE web service to map it to
a
> > certificate.
> >
> > They look something like this:
> >
> > FileName: Client Private.pfx
> > SubjectName: CN=WSE2QuickStartClient
> > KeyIdentifier: gBfo0147lM6cKnTbbMSuMVvmFY4=
> > StoreLoc: Current User
> > PrivateKeyPassword: wse2qs
> >
> > I tried Base64'ing it and got 20 bytes of what looked like garbage to
me.
> > Tried mapping those bytes to parts of the raw certificate, but had no
> luck.
> > The WSE provides a tool (WseCertificate) for manually creating them,
> > but I need to be able to do this on the fly.
> >
> > Thank you
> > casey
> >
> >
>
>

Next message: Michel Gallant: "Re: KeyIdentifier?"
Previous message: Eric Perlin [MS]: "Re: cxertificates on smart card"
In reply to: Sergio Dutra [MS]: "Re: KeyIdentifier?"
Next in thread: Michel Gallant: "Re: KeyIdentifier?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Hashing, Signing and Encryption using an X509 Certificate from the Certificate Store
... stored in my local machine certificate store. ... bytehash; ... // We will use the public key to encrypt the SQL Connection string. ...
(microsoft.public.dotnet.framework.webservices.enhancements)
Re: Verifying Signed Files Downloaded via HTTP
... one of your xml elements for the file. ... verify the new hash run over the file bits match the hash from the server. ... > associated with the main application and will automatically download ... > Another thing to note is that I renewed my Digital Certificate on ...
(microsoft.public.dotnet.security)
Re: Collision in SHA-0
... The entity requesting the certificate can often ... >able to find collisions in the underlying hash function, ... There are collisions and then there are collisions. ... same length as a cert and the same hash. ...
(sci.crypt)
Re: windows onecare update
... Hash: SHA1 ... Microsoft and wants to install antivirus/antispyware updates. ... me the site's certificate was issued by an untrusted authority. ...
(microsoft.public.windowsxp.general)
Re: Finding Certificate by MD5 hash
... Craig, there may be a couple of easier ways to do this. ... first create a certificate context - it looks like ... Note, I believe that's the hash of the whole cert, ... Note, if you really want to hash just the public key, verify that you're ...
(microsoft.public.platformsdk.security)