Re: Format of the Public/Private key BLOB
- From: S.Kumar <SKumar@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 5 Jun 2007 05:22:01 -0700
Hi All,
I've a similar problem. My application need to decrypt some encrypted data.
I have a PEM file with private key to decrypt it. How can I import this PEM
file to CSP to generate Private Key to decrypt the data. Might be a silly
question, but I couln't understand the concept after reading through the MSDN.
Thanks All in Advance
S.Kumar
"Mitch Gallant" wrote:
PEM certs are just b64 encoded binary DER certs with header and.
footer lines.
You can generate these programatically in capi using CryptBinaryToString()
(for XP + only) or just do some manual b64 encoding and manually adding
headers/footers.
- Mitch
"maryzhang" <maryzhang@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:88B1E34B-0754-4DBB-9BCF-C220DF2A6087@xxxxxxxxxxxxxxxx
Mitch,
Thank you very much!
I'm working on a project which needs exchange info between windows using
CryptAPI and Linux using Openssl.
And I need send root cert's serial number and issuer info from openssl to
Win CryptAPI:
I just found that the serial number from "openssl x509 -in cert -noout
-serial"
is in Hex and reversed order to that of CryptAPI. So I've to change the
order back, right?
Also how can I use Widnows CryptAPI to generate PEM format instead of
default DER format?
Thanks!
Mary
"Mitch Gallant" wrote:
probably not. Most cryptoapps use big-endian ordered key parts.
CryptoAPI keyblobs (as stated below) are special Microsoft formats
and have key parts in little-endian order.
If you stick standard X509 certs, Java or OpenSSL you will amost
certainly never have to worry about the endianness.
- Mitch Gallant
"maryzhang" <maryzhang@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:08942759-C70D-49ED-B839-5DA06DC44CFF@xxxxxxxxxxxxxxxx
Hi, Laszlo
If I send the certificate in b64 format to Linux using openssl, and then
extract the public key using "openssl x509", do I still need convert the
public key to big endian?
Thanks!
Mary
"lelteto" wrote:
One note: the values in the public / private key blob are in little endian
byte order. If you need to pass it into some other system (Cryptoki, OpenSSL,
etc) you would need to convert them to big endian.
Laszlo Elteto
SafeNet, Inc.
""Jeffrey Tan[MSFT]"" wrote:
Hi Shankar,
Thanks for your post.
The format of this BLOB varies depending on the BLOB type requested in the
dwBlobType parameter. For the format for PRIVATEKEYBLOBs, PUBLICKEYBLOBs,
and SIMPLEBLOBs, it is documented in the "Base Provider Key BLOBs" link
below:
"Base Provider Key BLOBs"
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/seccrypto/s
ecurity/base_provider_key_blobs.asp
Hope this helps
Best regards,
Jeffrey Tan
Microsoft Online Partner Support
Get Secure! - www.microsoft.com/security
This posting is provided "as is" with no warranties and confers no rights.
- Prev by Date: Re: PostMessage return Access denied
- Next by Date: How to change integrity level of osk.exe?
- Previous by thread: How does the RASPLAP accomplish this
- Next by thread: How to change integrity level of osk.exe?
- Index(es):
Relevant Pages
|
