J
Johannes Resch
Hello,
I'm currently writing an application in C# to support message
integrity checks with signatures.
For this, I need to use X.509-Certificates from files (CER encoded) as
well as from the windows local machine certificate store.
I modified the CryptoAPI P/Invoke-Examples from MSDN
(http://msdn.microsoft.com/library/d.../encryptdecrypt2a.asp?frame=true&hidetoc=true)
to access the windows local machine certificate store from C#.
This works, I can access both public and private keys of a chosen
certificate.
For getting RSA-PK-Parameters from a C# X509Certificate, I used the
way described in http://groups.google.at/groups?hl=d...-8&[email protected].
(getting the Modulus and Exponent from raw data returned from
GetPublicKey(); see code below).
However, if I take a closer look at the public key I get from the
Windows Certificate store, there are two problems:
1.) the modulus length is always 128 Byte, no matter if I use PKs with
keylengths greater than 1024 Bit.
2.) the modulus-parameter of two public keys (one extracted from
CER-File via X509Certificate and GetPublicKey(), the other one
received from the same certificate in Windows CertStore) don't match
at all (they one from windows certstore is not just truncated, it
seems to be completely different).
If I open MMC and take a look at the certificates public key in the
windows certificate-management applet, I can see the correct public
key (correct length, same modulus as the one being extracted from
CER-File).
As I'm not a CryptoAPI-insider: could it be possible, that I forgot to
modify some parts of the CryptoAPI-MSDN examples, that could lead to
this behaviour?
Any other ideas?
Best Regards,
Johannes Resch
Code for getting RSA-Exponent and Modulus from raw Public-Key-Data:
byte[] pk = cert.GetPublicKey();
byte[] exp = new byte[3];
byte[] modulus = new byte[keyLen/8];
Array.Copy(pk, pk.Length - exp.Length, exp, 0, exp.Length);
Array.Copy(pk, pk.Length - exp.Length - 2 - modulus.Length, modulus,
0, modulus.Length);
RSAParameters rsaParams = new RSAParameters();
rsaParams.Modulus = modulus;
rsaParams.Exponent = exp;
I'm currently writing an application in C# to support message
integrity checks with signatures.
For this, I need to use X.509-Certificates from files (CER encoded) as
well as from the windows local machine certificate store.
I modified the CryptoAPI P/Invoke-Examples from MSDN
(http://msdn.microsoft.com/library/d.../encryptdecrypt2a.asp?frame=true&hidetoc=true)
to access the windows local machine certificate store from C#.
This works, I can access both public and private keys of a chosen
certificate.
For getting RSA-PK-Parameters from a C# X509Certificate, I used the
way described in http://groups.google.at/groups?hl=d...-8&[email protected].
(getting the Modulus and Exponent from raw data returned from
GetPublicKey(); see code below).
However, if I take a closer look at the public key I get from the
Windows Certificate store, there are two problems:
1.) the modulus length is always 128 Byte, no matter if I use PKs with
keylengths greater than 1024 Bit.
2.) the modulus-parameter of two public keys (one extracted from
CER-File via X509Certificate and GetPublicKey(), the other one
received from the same certificate in Windows CertStore) don't match
at all (they one from windows certstore is not just truncated, it
seems to be completely different).
If I open MMC and take a look at the certificates public key in the
windows certificate-management applet, I can see the correct public
key (correct length, same modulus as the one being extracted from
CER-File).
As I'm not a CryptoAPI-insider: could it be possible, that I forgot to
modify some parts of the CryptoAPI-MSDN examples, that could lead to
this behaviour?
Any other ideas?
Best Regards,
Johannes Resch
Code for getting RSA-Exponent and Modulus from raw Public-Key-Data:
byte[] pk = cert.GetPublicKey();
byte[] exp = new byte[3];
byte[] modulus = new byte[keyLen/8];
Array.Copy(pk, pk.Length - exp.Length, exp, 0, exp.Length);
Array.Copy(pk, pk.Length - exp.Length - 2 - modulus.Length, modulus,
0, modulus.Length);
RSAParameters rsaParams = new RSAParameters();
rsaParams.Modulus = modulus;
rsaParams.Exponent = exp;