[Mono-dev] [Mono-list] RSA with SHA512 hash

Sebastien Pouliot sebastien.pouliot at gmail.com
Tue Jan 11 09:25:10 EST 2011 

Hey,

Please always c.c. the mailing-list. Someone else may have the same
question/issue in the future and private replies won't help them when
googling.

On Tue, 2011-01-11 at 07:03 +0000, Jeremy Poulter wrote:
> Hi,
> 
> Thank you for this. Do you still want me to add a bug report?

That's up to you - but this is how you can be notified when (and how)
the issue is fixed inside mono. It's also (a low risk in this case) the
best way to ensure this cannot be forgotten (like email reports can
easily be).

> What is the work around?

// However there's no such limit when using the [De]Formatter class.

that means using: RSAPKCS1SignatureFormatter
http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsapkcs1signatureformatter.aspx

which IMO is a lot better (than using RSACryptoServiceProvider) since
the class can be used with (almost) any hash algorithm and (almost) any
RSA-derived type.

Sebastien

> Cheers,
> 
> Jeremy
> 
> 
> -----Original Message-----
> From: Sebastien Pouliot
> Sent:  10/01/2011 8:32:21 pm
> Subject:  Re: [Mono-list] RSA with SHA512 hash
> 
> Hello again,
> 
> >From source code:
> 
> 		// LAMESPEC: str is not the hash name but an OID
> 		// NOTE: this method is LIMITED to SHA1 and MD5 like the MS framework 1.0 
> 		// and 1.1 because there's no method to get a hash algorithm from an OID. 
> 		// However there's no such limit when using the [De]Formatter class.
> 		public byte[] SignHash (byte[] rgbHash, string str) 
> 
> So this is something that has changed after 1.x (likely 2.0 or 3.5).
> I'll fix this soon in GIT (maybe in time for 2.10). In the mean time the
> workaround will work on all Mono / .NET releases.
> 
> Sebastien
> 
> On Mon, 2011-01-10 at 07:53 -0500, Sebastien Pouliot wrote:
> > Hello Jeremy,
> > 
> > This was not supported in earlier version of Windows. Most of MS .NET
> > cryptography is not managed and redirected to CryptoAPI, which features
> > varies by Windows versions (which means your code won't work on all
> > Windows versions out there).
> > 
> > In any case Mono can support this (all managed and no dependency on the
> > OS). Please fill a bug report on bugzilla.novell.com with a
> > self-contained test case and I'll look at it asap.
> > 
> > Thanks
> > Sebastien
> > 
> > On Mon, 2011-01-10 at 01:50 -0800, jeremy.poulter wrote:
> > > I have been developing an application that uses an SHA512 hash signed with a
> > > RSA private key for a digital signature.
> > > 
> > > This is working fine on Windows under .Net but when I try this on Linux
> > > under Mono I get the following exception;
> > > 
> > > System.NotSupportedException: 2.16.840.1.101.3.4.2.3 is an unsupported hash
> > > algorithm for RSA signing
> > >   at
> > > System.Security.Cryptography.RSACryptoServiceProvider.GetHashNameFromOID
> > > (System.String oid) [0x00000] in <filename unknown>:0 
> > >   at System.Security.Cryptography.RSACryptoServiceProvider.SignHash
> > > (System.Byte[] rgbHash, System.String str) [0x00000] in <filename unknown>:0 
> > >   at Oregan.Utilities.DigitalSignature.DigitalSignature.Sign (HashType
> > > hashType, System.IO.Stream stream) [0x00000] in <filename unknown>:0 
> > >   at Oregan.FilePackBuilder.FilePack.Save (System.String sPath,
> > > Oregan.Utilities.DigitalSignature.DigitalSignature digitalSignature, Boolean
> > > bPreserveName) [0x00000] in <filename unknown>:0 
> > >   at Oregan.FilePackBuilder.FilePackViewer.filepackToolStripMenuItem1_Click
> > > (System.Object sender, System.EventArgs e) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.ToolStripItem.OnClick (System.EventArgs e)
> > > [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.ToolStripMenuItem.OnClick (System.EventArgs e)
> > > [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.ToolStripMenuItem.HandleClick (System.EventArgs e)
> > > [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.ToolStripItem.FireEvent (System.EventArgs e,
> > > ToolStripItemEventType met) [0x00000] in <filename unknown>:0 
> > >   at (wrapper remoting-invoke-with-check)
> > > System.Windows.Forms.ToolStripItem:FireEvent
> > > (System.EventArgs,System.Windows.Forms.ToolStripItemEventType)
> > >   at System.Windows.Forms.ToolStrip.OnMouseUp
> > > (System.Windows.Forms.MouseEventArgs mea) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.ToolStripDropDown.OnMouseUp
> > > (System.Windows.Forms.MouseEventArgs mea) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.Control.WmLButtonUp (System.Windows.Forms.Message&
> > > m) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.Control.WndProc (System.Windows.Forms.Message& m)
> > > [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.ScrollableControl.WndProc
> > > (System.Windows.Forms.Message& m) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.ToolStrip.WndProc (System.Windows.Forms.Message&
> > > m) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.ToolStripDropDown.WndProc
> > > (System.Windows.Forms.Message& m) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.Control+ControlWindowTarget.OnMessage
> > > (System.Windows.Forms.Message& m) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.Control+ControlNativeWindow.WndProc
> > > (System.Windows.Forms.Message& m) [0x00000] in <filename unknown>:0 
> > >   at System.Windows.Forms.NativeWindow.WndProc (IntPtr hWnd, Msg msg, IntPtr
> > > wParam, IntPtr lParam) [0x00000] in <filename unknown>:0 
> > > 
> > > FYI the code I used is;
> > > 
> > >     public byte[] Sign(HashType hashType, Stream stream)
> > >     {
> > >       switch (hashType)
> > >       {
> > >         case HashType.MD5:
> > >         {
> > >           MD5 md5 = new MD5CryptoServiceProvider();
> > >           byte[] hash = md5.ComputeHash(stream);
> > > 
> > >           return key.SignHash(hash, CryptoConfig.MapNameToOID("MD5"));
> > >         }
> > >         case HashType.SHA512:
> > >         {
> > >           SHA512 shaM = new SHA512Managed();
> > >           byte[] hash = shaM.ComputeHash(stream);
> > > 
> > >           return key.SignHash(hash, CryptoConfig.MapNameToOID("SHA512"));
> > >         }
> > >       }
> > > 
> > >       return null;
> > >     }
> > > 
> > > Any feedback is appreciated.
> > > 
> > > Cheers,
> > > 
> > > Jeremy
> > > 
> > 
> > 
> > _______________________________________________
> > Mono-list maillist  -  Mono-list at lists.ximian.com
> > http://lists.ximian.com/mailman/listinfo/mono-list
> 
>

More information about the Mono-devel-list mailing list