Re: Sign with RsaCryptoService Provider Verify with win32 Crypto A

---

• From: lelteto <lelteto@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Mon, 16 Jul 2007 08:52:04 -0700

---

Try removing the CRYPT_HASHNOID flag. Normally the signature should contain
the hash algorithm identifier (to prevent replacing it with a much weaker
hash), so I think the .Net version of the code always put the hash id into
the signature. The difference (hash id present or not) will result in
verification failure.

Laszlo Elteto
SafeNet, Inc.

"Leslie" wrote:

In response to your questions:
1. Do you use the same hash algo? (eg. SHA-1)
I am specifying CALG_SHA1 in my call to CryptCreateHash and
SHA1CryptoServiceProvider() in my c# call to SignData.
2. What flags are you using in CryptSignHash and CryptVerifySignature
I specify CRYPT_NOHASHOID in CryptSignHash and CryptVerifySignature
I did not find a place for a corresponding specification in c#.
3. Is you data binary? text string? Do you specify the exact LENGTH for both
C++ and C#?
The data is a unicode text string converted to a byte array. For length
in C++ I
compute the length as: DWORD dwBufferLen = wcslen(pstrDataBuffer) * 2;
In C# I did not find a place to specify length, I just pass the byte
array in the
call to SignData.

Currently some of my C++ calls are as follows:
// Get the handle to Microsoft Enhanced provider and key container.
if(CryptAcquireContext(hCryptProv, CONTAINER_NAME, MS_ENHANCED_PROV,
PROV_RSA_FULL, CRYPT_NEWKEYSET))

CryptSignHash(hHash, AT_SIGNATURE, NULL, CRYPT_NOHASHOID, pbSignature,
&dwSigLen)


Some of my C# calls are as follows:
cspParams.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0";
cspParams.ProviderType = 1; // 1 = PROV_RSA_FULL
cspParams.KeyContainerName = "Signer";
cspParams.KeyNumber = (int)KeyNumber.Signature;
cspParams.Flags = CspProviderFlags.NoFlags;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(cspParams);

byte[] baData = Encoding.Unicode.GetBytes(strData);
byte[] baDataSignature;
baDataSignature = RSASigner.SignData(baData, new SHA1CryptoServiceProvider());

"lelteto" wrote:

1. Do you use the same hash algo? (eg. SHA-1)
2. What flags are you using in CryptSignHash and CryptVerifySignature (in
your C++ code)? do you set CRYPT_NOHASHOID?
3. Is you data binary? text string? Do you specify the exact LENGTH for both
C++ and C#?

Laszlo Elteto
SafeNet, Inc.

"Leslie" wrote:

Great. The problem I have encountered is as follows.

I setup a test program in C++ which signs some data using CryptSignHash and
then verifies the signature of the data using CryptVerifySignature. All of
this is done using the Win32 Crypto API and works just fine.

Next, I attempt to sign the same data using the RsaCryptoServiceProvider.
The call to RSACryptoServiceProvider.SignData returns the signature byte
array but the bytes returned do not match the signature bytes returned from
the call to CryptSignHash in the crypto API. As a result, the call to
CryptVerifySignature using the bytes from RSACryptoServiceProvider.SignData
fails.

Is there something I should be doing differently?

Thanks,

Leslie

Do

"Dominick Baier" wrote:

RSACryptoServiceProvider is just a thin wrapper arounf the native Crypto
API. so yes.

-----
Dominick Baier (http://www.leastprivilege.com)

Developing More Secure Microsoft ASP.NET 2.0 Applications (http://www.microsoft.com/mspress/books/9989.asp)

I have a web application written in C# that needs to Sign some data
with private key that can be verified on a c++ client using win32
crypto api. Can this be done?

I would like to avoid using mixed mode on either platform if possible.

Thanks,

Leslie

.

---

• References:
  • Re: Sign with RsaCryptoService Provider Verify with win32 Crypto API
    • From: Dominick Baier
  • Re: Sign with RsaCryptoService Provider Verify with win32 Crypto A
    • From: Leslie

• Prev by Date: Re: Sign with RsaCryptoService Provider Verify with win32 Crypto A
• Next by Date: Re: Sign with RsaCryptoService Provider Verify with win32 Crypto A
• Previous by thread: Re: Sign with RsaCryptoService Provider Verify with win32 Crypto A
• Next by thread: Re: Sign with RsaCryptoService Provider Verify with win32 Crypto A
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: rsa implementation question ... > There is a notion of blocks in many public-key ciphers, ... It's not about decrypting to sign, encrypting to ... as it would mean that you'd have to find hash collisions. ... I generate a signature for a string "some string" with SHA. ... (comp.lang.python) how to verify signature with DSACryptoServiceProvider ... computer) and DSACryptoServideProvider for signature of the hash (my ... signed hash to the end of the encrypted file. ... int securedSaltLength = bReader.ReadInt32; ... (microsoft.public.dotnet.languages.csharp) Crypto API and Windows 98 SE ... I have written a DLL in VB6 that performs key pair decrypt operations ... followed by a key pair signature verification. ... Dim lngReturnValue As Long ... Dim hHash As Long 'the handle to the hash object ... (microsoft.public.platformsdk.security) Re: Can you use ECC to produce digital signatures? It doesnt see so. ... Hash: SHA1 ... it doesn't appear to me that you can use ECC ... | key on a SHA-1 hash of the message to produce a digital signature. ... You have a private key k which is just an integer and a public ... (sci.crypt) Re: PGP clearsign question ... > outlined that would make cracking that key easier? ... You are anyway using the hash of the message and not the message ... > appears to be signed by the private key, ... to be unique for every signature - for example when using DSA or ElGamal ... (sci.crypt)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)