Re: Question about OffloadModExpo() Function

From: john (phenerse_at_hotmail.com)
Date: 10/31/05 

Date: Mon, 31 Oct 2005 02:33:23 -0800

Hi John

Thanks for your helpful advice.
I've checked the length values, I think they are ok.

Following your advice, I test the function with Signature operations.
This time I find that with or without my OffloadModExpo, They produce
 the same signature results for a certain text.
But when executing CryptVerifySignature, it still returns
ERROR_INVALID_PARAMETER error.

Debugging it, I find that the reason is one function refers an invalid
address.

So does the encrypt & decrypt program.

But I don't think this error is caused by my function. The output of this
function is
pbResult, I take much care of it. If the result is not correct(in fact it's
correct),
 this shouldn't cause the CSP API access invalid memory.

I'm really doubt with MS CSP(rsaenh.dll).

Could anyone tell me who have successfully implemented the OffloadModExpo
function?
I'll be very very grateful.

Thank you very much. 

-- 
John
"John Banes" wrote:
> It seems to me that you're interpreting the length values as the DWORD count 
> when in fact they are BYTE counts if I remember correctly. Perhaps this is 
> the problem?
> 
> It might be helpful if you were to create a private key whose structure you 
> are familiar with and attempt to sign something with it. You can export the 
> private key into a PRIVATEKEYBLOB and analyse its structure and compare that 
> with the parameters that get passed to the modexp function.
> 
> Signature operations always result in the same result (provided that PKCS1 
> is used) because the padding is fixed. This makes things more deterministic 
> and it should make it easier to spot any problems. You can switch to decrypt 
> operations once signing is working okay.
> 
> Regards,
> John
> 
> "john" <phenerse@hotmail.com> wrote in message 
> news:B39B20AE-27A4-4456-A80E-1E576F8DC518@microsoft.com...
> > Hi Laszlo,
> >
> > I'm sorry to disturb you again.Because I really have no idea about it.
> > So much time on this, but still little effect.
> >
> > I'm sure my implementation is right. The problem is in the INTERFACE.
> > But I cannot know when and how MS CAPI calls OffloadModExpo.Maybe the
> > description of OffloadModExpo in MSDN is not right, at least not clear.
> >
> > Would you please help me to have a look of my function?
> > It's quite short.
> >
> > ///////////////////////
> > _declspec (dllexport)
> > BOOL OffloadModExpo(
> >  BYTE *pbBase,    // in
> >  BYTE *pbExpo,    // in
> >  DWORD cbExpo,    // in
> >  BYTE *pbMod,     // in
> >  DWORD cbMod,     // in
> >  BYTE *pbResult,  // out
> >  void *pReserved, // reserved
> >  DWORD dwFlags    // in
> > )
> > {
> > DWORD dwModLen;
> > DWORD dwExpoLen;
> >
> > DWORD *result;
> > DWORD *base;
> > DWORD *expo;
> > DWORD *mod;
> >
> > dwModLen = ((cbMod - 1) >> 2) + 1;
> > dwExpoLen = ((cbExpo - 1) >> 2) + 1;
> >
> > result = (DWORD *) malloc(dwModLen * sizeof(DWORD));
> > base = (DWORD *) malloc(dwModLen * sizeof(DWORD));
> > expo = (DWORD *) malloc(dwExpoLen * sizeof(DWORD));
> > mod = (DWORD *) malloc(dwModLen * sizeof(DWORD));
> >
> > memset(result, 0, dwModLen * sizeof(DWORD));
> > memset(base, 0, dwModLen * sizeof(DWORD));
> > memset(expo, 0, dwExpoLen * sizeof(DWORD));
> > memset(mod, 0, dwModLen * sizeof(DWORD));
> >
> > memcpy(base, pbBase, cbMod);
> > memcpy(expo, pbExpo, cbExpo);
> > memcpy(mod, pbMod, cbMod);
> >
> > NN_ModExp(result, base, expo, dwExpoLen, mod, dwModLen);
> > memcpy(pbResult, result, cbMod);
> >
> > return TRUE;
> > }
> > ///////////////
> >
> > NN_ModExp() is from RSAREF
> > lib(http://www.mirrors.wiretapped.net/security/cryptography/libraries/math/rsaref/rsaref-2.0-1996.tar.gz)
> >
> > It's 'big number' params are DWORD array, while MS is BYTE array.
> > So I do a convert here. NN_ModExp computes: result = base ^ expo % mod.
> >
> >
> > Thanks you very much.
> >
> >
> > -- 
> > John
> >
> >
> > "lelteto" wrote:
> >
> > 
> 
> 
>

Relevant Pages

  • Re: Question about OffloadModExpo() Function
    ... I test the function with Signature operations. ... "John Banes" wrote: ... > It seems to me that you're interpreting the length values as the DWORD count ... >> memcpy(base, pbBase, cbMod); ...
    (microsoft.public.platformsdk.security)
  • Re: Question about OffloadModExpo() Function
    ... I test the function with Signature operations. ... "John Banes" wrote: ... > It seems to me that you're interpreting the length values as the DWORD count ... >> memcpy(base, pbBase, cbMod); ...
    (microsoft.public.platformsdk.security)
  • Re: Recipients list not visible
    ... The DWORD you mentioned is not present. ... >Is MS Outlook also installed? ... >you don't use it (can happen with the install of ... >John wrote: ...
    (microsoft.public.windows.inetexplorer.ie6_outlookexpress)
  • Re: Question about OffloadModExpo() Function
    ... It seems to me that you're interpreting the length values as the DWORD count ... It might be helpful if you were to create a private key whose structure you ... > memcpy(base, pbBase, cbMod); ... > It's 'big number' params are DWORD array, ...
    (microsoft.public.platformsdk.security)
  • Re: convert a double keeping msb ?
    ... > I cannot shift the bits, the compiler complaint with double, ... > well with DWORD. ... the compiler converting a double value to a DWORD value. ...
    (comp.lang.cpp)