[Mono-devel-list] Serialization of RSAParameters
Sebastien Pouliot
spouliot at videotron.ca
Tue Oct 21 17:18:14 EDT 2003
Christian,
This is why it wont work:
[Serializable]
public struct RSAParameters {
[NonSerialized]
public byte[] P;
[NonSerialized]
public byte[] Q;
[NonSerialized]
public byte[] D;
[NonSerialized]
public byte[] DP;
[NonSerialized]
public byte[] DQ;
[NonSerialized]
public byte[] InverseQ;
public byte[] Modulus;
public byte[] Exponent;
}
The private key is never serialized because it would introduce many security
issues. This means that both signature and decryption are impossible using a
serialized keypair.
This is also the case for MS framework
(http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html
/frlrfsystemsecuritycryptographyrsaparametersclassdtopic.asp) so your sample
shouldn't work under Windows.
The best way to get the full keypair is to use RSA.ToXmlString(true). This
will give you an XML string containing the full keypair. You can then
serialize with, of course, the proper security the resulting string.
Sebastien Pouliot
Security Architect, Motus Technologies, http://www.motus.com
work: spouliot at motus.com
home: spouliot at videotron.ca
blog: http://pages.infinit.net/ctech/poupou.html
-----Original Message-----
From: mono-devel-list-admin at lists.ximian.com
[mailto:mono-devel-list-admin at lists.ximian.com]On Behalf Of Christian
Rudh
Sent: 21 octobre 2003 10:12
To: mono-devel-list at lists.ximian.com
Subject: [Mono-devel-list] Serialization of RSAParameters
Hi
I am trying to serialize the RSA-keys into a bytestream so I can write
them to disk (and a few other things). I'm able now to serialize them
and then use it in encryption, but it doesn't work in decryption. I
export to RSAParameters using the true-flag so I get everything, but
when I deserialize it seems as if I only get the parts of the public key
back? That's why encryption works fine, but not decryption.
I have compiled the following sources from various places and with my
own code. It crashes when (in the end) it uses RSA2.decrypt. But if you
comment out where it gets the RSAParameters from the deserialization
(----2----) and instead import from the original RSA (-----1----) it
works fine.
So are there any problems with serialization of RSAParameters or am I
missing something?
Regards,
Christian Rudh
//Create a UnicodeEncoder to convert between byte array and string.
UnicodeEncoding ByteConverter = new UnicodeEncoding();
//Create byte arrays to hold original, encrypted, and decrypted data.
byte[] dataToEncrypt = ByteConverter.GetBytes("Text to Encrypt");
byte[] encryptedData;
byte[] decryptedData;
//Create a new pair of keys
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(1024);
//Export the public key
RSAParameters RSAP = RSA.ExportParameters(true);
//Serialize the public key
MemoryStream ms = new MemoryStream();
BinaryFormatter b = new BinaryFormatter();
b.Serialize(ms, RSAP);
byte[] keyHolder = ms.ToArray();
ms.Close();
//Deserialize the public key and store it in newRSAP
MemoryStream ms2 = new MemoryStream(keyHolder);
BinaryFormatter b2 = new BinaryFormatter();
RSAParameters newRSAP = (RSAParameters)b2.Deserialize(ms2);
ms2.Close();
//Encrypt the data using newRSAP which holds the RSAParameters
RSACryptoServiceProvider RSA1 = new RSACryptoServiceProvider();
RSA1.ImportParameters(newRSAP);
encryptedData = RSA1.Encrypt(dataToEncrypt, false);
//Decrypt the data using newRSAP which holds the RSAParameters
RSACryptoServiceProvider RSA2 = new RSACryptoServiceProvider();
//-------------1-------------
//RSA2.ImportParameters(RSA.ExportParameters(true));
//-------------2-------------
RSA2.ImportParameters(newRSAP);
decryptedData = RSA2.Decrypt(encryptedData, false);
//Display the decrypted plaintext to the console.
Console.WriteLine("Decrypted plaintext: {0}",
ByteConverter.GetString(decryptedData));
_______________________________________________
Mono-devel-list mailing list
Mono-devel-list at lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-devel-list
More information about the Mono-devel-list
mailing list