[Mono-bugs] [Bug 666155] New: RSA encryption of SHA512 hash not supported

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Fri Jan 21 08:14:48 EST 2011 

https://bugzilla.novell.com/show_bug.cgi?id=666155

https://bugzilla.novell.com/show_bug.cgi?id=666155#c0


           Summary: RSA encryption of SHA512 hash not supported
    Classification: Mono
           Product: Mono: Class Libraries
           Version: 2.6.x
          Platform: x86-64
        OS/Version: Ubuntu
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: System.Security
        AssignedTo: spouliot at novell.com
        ReportedBy: jeremy.poulter at oregan.net
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---
           Blocker: ---


Created an attachment (id=409532)
 --> (http://bugzilla.novell.com/attachment.cgi?id=409532)
Test case showing issue

User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US)
AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.237 Safari/534.10

When using the attached test case and exception is reported about unsupported
hash algorithm for RSA signing.

This is also likely to be the case with other SHA-2 (eg SHA 256) hashes, but I
have not explicitly tested.

Reproducible: Always

Steps to Reproduce:
1.mono ConsoleApplication1.exe

Actual Results:  
Unhandled Exception: System.NotSupportedException: 2.16.840.1.101.3.4.2.3 is an
unsupported hash algorithm for RSA signing
  at System.Security.Cryptography.RSACryptoServiceProvider.GetHashNameFromOID
(System.String oid) [0x00000] in <filename unknown>:0 
  at System.Security.Cryptography.RSACryptoServiceProvider.SignHash
(System.Byte[] rgbHash, System.String str) [0x00000] in <filename unknown>:0 
  at ConsoleApplication1.Program.Main (System.String[] args) [0x00000] in
<filename unknown>:0 


Expected Results:  
Generated 128 bytes for signature

Mail from Sebastien Pouliot on the Mono-list at lists.ximian.com mailing list;


Hello again,

>From source code:

        // LAMESPEC: str is not the hash name but an OID
        // NOTE: this method is LIMITED to SHA1 and MD5 like the MS framework
1.0 
        // and 1.1 because there's no method to get a hash algorithm from an
OID. 
        // However there's no such limit when using the [De]Formatter class.
        public byte[] SignHash (byte[] rgbHash, string str) 

So this is something that has changed after 1.x (likely 2.0 or 3.5).
I'll fix this soon in GIT (maybe in time for 2.10). In the mean time the
workaround will work on all Mono / .NET releases.

Sebastien

On Mon, 2011-01-10 at 07:53 -0500, Sebastien Pouliot wrote:
> > Hello Jeremy,
> > 
> > This was not supported in earlier version of Windows. Most of MS .NET
> > cryptography is not managed and redirected to CryptoAPI, which features
> > varies by Windows versions (which means your code won't work on all
> > Windows versions out there).
> > 
> > In any case Mono can support this (all managed and no dependency on the
> > OS). Please fill a bug report on bugzilla.novell.com with a
> > self-contained test case and I'll look at it asap.
> > 
> > Thanks
> > Sebastien
> > 
> > On Mon, 2011-01-10 at 01:50 -0800, jeremy.poulter wrote:
>> > > I have been developing an application that uses an SHA512 hash signed with a
>> > > RSA private key for a digital signature.
>> > > 
>> > > This is working fine on Windows under .Net but when I try this on Linux
>> > > under Mono I get the following exception;
>> > > 
>> > > System.NotSupportedException: 2.16.840.1.101.3.4.2.3 is an unsupported hash
>> > > algorithm for RSA signing
>> > >   at
>> > > System.Security.Cryptography.RSACryptoServiceProvider.GetHashNameFromOID
>> > > (System.String oid) [0x00000] in <filename unknown>:0 
>> > >   at System.Security.Cryptography.RSACryptoServiceProvider.SignHash
>> > > (System.Byte[] rgbHash, System.String str) [0x00000] in <filename unknown>:0 
>> > >   at Oregan.Utilities.DigitalSignature.DigitalSignature.Sign (HashType
>> > > hashType, System.IO.Stream stream) [0x00000] in <filename unknown>:0 
>> > >   at Oregan.FilePackBuilder.FilePack.Save (System.String sPath,
>> > > Oregan.Utilities.DigitalSignature.DigitalSignature digitalSignature, Boolean
>> > > bPreserveName) [0x00000] in <filename unknown>:0 
>> > >   at Oregan.FilePackBuilder.FilePackViewer.filepackToolStripMenuItem1_Click
>> > > (System.Object sender, System.EventArgs e) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.ToolStripItem.OnClick (System.EventArgs e)
>> > > [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.ToolStripMenuItem.OnClick (System.EventArgs e)
>> > > [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.ToolStripMenuItem.HandleClick (System.EventArgs e)
>> > > [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.ToolStripItem.FireEvent (System.EventArgs e,
>> > > ToolStripItemEventType met) [0x00000] in <filename unknown>:0 
>> > >   at (wrapper remoting-invoke-with-check)
>> > > System.Windows.Forms.ToolStripItem:FireEvent
>> > > (System.EventArgs,System.Windows.Forms.ToolStripItemEventType)
>> > >   at System.Windows.Forms.ToolStrip.OnMouseUp
>> > > (System.Windows.Forms.MouseEventArgs mea) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.ToolStripDropDown.OnMouseUp
>> > > (System.Windows.Forms.MouseEventArgs mea) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.Control.WmLButtonUp (System.Windows.Forms.Message&
>> > > m) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.Control.WndProc (System.Windows.Forms.Message& m)
>> > > [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.ScrollableControl.WndProc
>> > > (System.Windows.Forms.Message& m) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.ToolStrip.WndProc (System.Windows.Forms.Message&
>> > > m) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.ToolStripDropDown.WndProc
>> > > (System.Windows.Forms.Message& m) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.Control+ControlWindowTarget.OnMessage
>> > > (System.Windows.Forms.Message& m) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.Control+ControlNativeWindow.WndProc
>> > > (System.Windows.Forms.Message& m) [0x00000] in <filename unknown>:0 
>> > >   at System.Windows.Forms.NativeWindow.WndProc (IntPtr hWnd, Msg msg, IntPtr
>> > > wParam, IntPtr lParam) [0x00000] in <filename unknown>:0 
>> > > 
>> > > FYI the code I used is;
>> > > 
>> > >     public byte[] Sign(HashType hashType, Stream stream)
>> > >     {
>> > >       switch (hashType)
>> > >       {
>> > >         case HashType.MD5:
>> > >         {
>> > >           MD5 md5 = new MD5CryptoServiceProvider();
>> > >           byte[] hash = md5.ComputeHash(stream);
>> > > 
>> > >           return key.SignHash(hash, CryptoConfig.MapNameToOID("MD5"));
>> > >         }
>> > >         case HashType.SHA512:
>> > >         {
>> > >           SHA512 shaM = new SHA512Managed();
>> > >           byte[] hash = shaM.ComputeHash(stream);
>> > > 
>> > >           return key.SignHash(hash, CryptoConfig.MapNameToOID("SHA512"));
>> > >         }
>> > >       }
>> > > 
>> > >       return null;
>> > >     }
>> > > 
>> > > Any feedback is appreciated.
>> > > 
>> > > Cheers,
>> > > 
>> > > Jeremy
>> > > 
> > 
> > 
> > _______________________________________________
> > Mono-list maillist  -  Mono-list at lists.ximian.com
> > http://lists.ximian.com/mailman/listinfo/mono-list

-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the mono-bugs mailing list