RE: [Mono-list] How to set parameters for RSACryptoServiceProvider

Tue, 04 Nov 2003 18:23:58 -0800

Title: Message
Goran,
 
Are you having this problem with Mono or the MS framework ?
 
I ask because right now my mono setup doesn't work :-( but I'm able to duplicate the bug on the MS framework (anyway your VB code can only work under Windows and IIRC the exception message "Bad Key" is only shown in Windows).
 
Anyway at first look it seems that MS requires the full parameters for importing a private key - with no (known) good reason. This isn't (supposed to be) the case for Mono - you can have a look at /mcs/class/corlib/Mono.Security/RSAManaged.cs. Please fill a bug into bugzilla if this doesn't work on Mono (http://bugzilla.ximian.com/enter_bug.cgi?product=Mono%2FClass%20Libraries).
 
As for solution for the MS framework:
 
a.    Report the bug to Microsoft (this is a long term solution but if you don't complain it won't get fixed);
b.    Keep all exported parameters for the private key (easy solution, faster decryption but requires extra space);
c.    Recalculate the other parameters (time consuming);
d.    Use Mono's RSAManaged implementation (on both Windows and Mono's)
 

Sebastien Pouliot
Security Architect, Motus Technologies, http://www.motus.com
work: [EMAIL PROTECTED]
home: [EMAIL PROTECTED]
blog: http://pages.infinit.net/ctech/poupou.html
 

-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]On Behalf Of Goran Milenkovic
Sent: 3 novembre 2003 08:56
To: '[EMAIL PROTECTED]'
Subject: [Mono-list] How to set parameters for RSACryptoServiceProvider

The following VB.NET example should generate the new key pair, store generated values localy, then encrypt the test string using public key and decrypt it using private key. However, it works only if all parameters (P,Q,DP,DQ,InverseQ & D) are given for the decryption, but not if only D is given. That means that for simple decryption private key is not enough, but also all of the other parameters ??

If you change boolean value OnlyD to True, assuming that only D should be enough for decryption, then it works. Otherwise, an exception occurs ("Bad Key"). Is there any solution for this ?

 

'-----------------------------

Dim OnlyD As Boolean = False

Dim TestResult1() As Byte

Dim TestResult2() As Byte

'---Generate the key pair and export all of it's parameters into the RSAParams1

Dim RSAParams1 As RSAParameters = New RSAParameters

Dim RSAObj1 As RSACryptoServiceProvider = New RSACryptoServiceProvider

RSAParams1 = RSAObj1.ExportParameters(True)

'---Get all parameters into local variables

Dim myModulus As Byte() = RSAParams1.Modulus

Dim myExponent As Byte() = RSAParams1.Exponent

Dim myPrivateKey As Byte() = RSAParams1.D

Dim myP As Byte() = RSAParams1.P

Dim myQ As Byte() = RSAParams1.Q

Dim myDP As Byte() = RSAParams1.DP

Dim myDQ As Byte() = RSAParams1.DQ

Dim myIQ As Byte() = RSAParams1.InverseQ

'---Create new RSACryproProvider

Dim RSAParams2 As RSAParameters = New RSAParameters

Dim RSAObj2 As RSACryptoServiceProvider = New RSACryptoServiceProvider

'---Set the public key

RSAParams2.Modulus = myModulus

RSAParams2.Exponent = myExponent

RSAObj2.ImportParameters(RSAParams2)

'---Encrypt with public key

TestResult1 = RSAObj2.Encrypt(Encoding.ASCII.GetBytes("TEST"), False)

MsgBox("Encrypted")

'---Now set the private key

RSAParams2.D = myPrivateKey

If (Not OnlyD) Then

    RSAParams2.P = myP

    RSAParams2.Q = myQ

    RSAParams2.DP = myDP

    RSAParams2.DQ = myDQ

    RSAParams2.InverseQ = myIQ

End If

RSAObj2.ImportParameters(RSAParams2)

'---Decrypt with private key

TestResult2 = RSAObj2.Decrypt(TestResult1, False)

MsgBox("Decrypted. Original string is: " & Encoding.ASCII.GetString(TestResult2))

'-----------------------------

 

Many Thanks,

Goran

[EMAIL PROTECTED]

 

This e-mail and any attachments are CONFIDENTIAL and intended solely for the use of the individual(s) to whom it is addressed. It can contain proprietary confidential information and/or be subject to legal privilege and/or subject to a non-disclosure Agreement. Unauthorized use, disclosure or copying is strictly prohibited. If you are not the/an addressee and are in possession of this e-mail, please notify us immediately.

 

 

Reply via email to