I have only RSA public key, no private key.
Modulus is (128 bytes):
E3BFA04FB29DE84F614B4F4482BE5586F0DA8366DF492E25FA820B519CA020DB41B1 DD360243A26203B19FE6BAD7BAFCE6D6EABF91D22C94CC9BA591F4E1C45851035F16 48504C4DB32954DC3719791201C80D59C23284F1EF9A916E2CF000B3A97ABE2194E85598BE02E05A8A8D98DAD01AD1D6F464F4E7543A47B4F1B87F49
Exponent is 3
I create a PUBLICKEYBLOB structure (dnCALG_RSA_SIGN, magic is RSA1) from this:
0602000000240000525341310004000003000000 E3BFA04FB29DE84F614B4F4482BE5586F0DA8366DF492E25FA820B519CA020DB41B1DD360243A26203B19FE6BAD7BAFCE6D6EABF91D22C94CC9BA591F4E1C45851035F1648504C4DB32954DC3719791201C80D59C23284F1EF9A916E2CF000B3A97ABE2194E85598BE02E05A8A8D98DAD01AD1D6F464F4E7543A47B4F1B87F49
I pass this PUBLICKEYBLOB to Windows Crypto API CryptImportKey() and receive a valid key handle.
I pass received key handle to CryptDecrypt() and receive error from CryptDecrypt() API call:
error = 3 Bad key facility = 9 windows service programming interface severity = 2 warning
MSDN help about CryptDecrypt() wrote:
In Windows 2000, the Microsoft Enhanced RSA Provider supports direct encryption with RSA public keys and decryption with RSA private keys
But I want to DECRYPT signature using PUBLIC key. This decryption is required by EMV standard book 2 (www.emvco.com). So it seems that Windows CryptoAPI does not support this.
Any idea how to use Windows CryptoAPI for this ?
About using Crypto++ :
I discovered that Integer class a_exp_b_mod_c() method seems to be usable for this decrypting. I want to call this method from Microsoft FoxPro, not from C++ I discovered that entry point name in cryptopp.dll is "[EMAIL PROTECTED]@@[EMAIL PROTECTED]@[EMAIL PROTECTED]@Z" So I can use this entry point name.
I need to pass 3 Integer objects to a_exp_b_mod_c(). I discovered that I can use the following Integer class constructor to create the objects:
//! convert from big-endian byte array Integer(const byte *encodedInteger, unsigned int byteCount, Signedness s=UNSIGNED);
Unfortunately, I do'nt know this constructor entry point name in the cryptopp.dll
There are a lot of Integer constructors and I have no idea which is this constructor entry point name assigned by MSC.
How to determine this constructor name in dll ?
Is it possible to add a method to Integer class which implements this constructor and re-create the dll ?
Or is there a better solution ?
----- Original Message ----- From: "Vishal Rao" <[EMAIL PROTECTED]>
To: < >; <[EMAIL PROTECTED]>
Sent: Sunday, December 12, 2004 7:00 AM
Subject: Re: Large number arithmetics (Decrypting RSA signature)
Hi,
Lookup "PRIVATEKEYBLOB" on MSDN. Maybe you're not properly or completely filling up the structure... Use Crypto++ API's various RSA (InvertibleRSAFunction) methods to get the struct values in 'Integer' then use the Integer methods to get the encoded format and populate them (you will need to reverse the bytes for endianness). And dont forget to set the blob type and RSA magic value...
See http://cryptopp.sourceforge.net/docs/ref521/class_invertible_r_s_a_function.html for methods such as GetPrivateExponent(). and http://cryptopp.sourceforge.net/docs/ref521/class_integer.html
HTH, Vishal
From MSDN:
Private Key BLOBs
Private key BLOBs (type PRIVATEKEYBLOB) are used to store RSA public/private key pairs. They have the following format:
BLOBHEADER blobheader; RSAPUBKEY rsapubkey; BYTE modulus[rsapubkey.bitlen/8]; BYTE prime1[rsapubkey.bitlen/16]; BYTE prime2[rsapubkey.bitlen/16]; BYTE exponent1[rsapubkey.bitlen/16]; BYTE exponent2[rsapubkey.bitlen/16]; BYTE coefficient[rsapubkey.bitlen/16]; BYTE privateExponent[rsapubkey.bitlen/8];
If the key BLOB is encrypted, then everything but the BLOBHEADER portion of the BLOB is encrypted. Note that the encryption algorithm and encryption key parameters are not stored along with the private key BLOB. It is the responsibility of the application to manage this information.
The following table describes each private key BLOB component. Note that these fields largely correspond to the ones described in section 7.2 of PKCS #1: RSA Encryption Standard. Field Description blobheader A BLOBHEADER structure as described in a previous section. The bType field must always have a value of PRIVATEKEYBLOB. rsapubkey A RSAPUBKEY structure as described in Public Key BLOBs. The magic field must always have a value of 0x32415352 ("RSA2"). modulus The modulus. This has a value of "prime1 * prime2" and is often known as "n". prime1 Prime number 1, often known as "p". prime2 Prime number 2, often known as "q". exponent1 Exponent 1. This has a numeric value of "d mod (p - 1)". exponent2 Exponent 2. This has a numeric value of "d mod (q - 1)". coefficient Coefficient. This has a numeric value of "(inverse of q) mod p". privateExponent Private exponent, often known as "d".
On Sun, 12 Dec 2004 00:16:14 +0200, Andrus Moor <[EMAIL PROTECTED]> wrote:I have a RSA signature S (128 bytes binary data ) , modulus n (also 128 bytes binary data) and exponent e (which has value 3 or 2**16-1 only)
I need to calculate
( S**e ) MOD n
All I need is to perform exponent ( S**e ) and MOD operation on 128 byte integers.
Windows CryptoAPI CryptDecrypt() returns invalid key error message.
How to calculate this ? Any sample code ?
Andrus.
