[Mono-list] Question about RSACryptoServiceProvider...

Sebastien Pouliot spouliot@videotron.ca
Sat, 06 Sep 2003 09:30:13 -0400


Gius,

> If I've well understood, the following code generates the
> public/private key pair:
>
> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

Right this will generate a new keypair with the default key size (normally
1024 bits).

> Then, the following code retrieves the public key:
>
> RSAParamters publicKey = rsa.ExportParameters(false);

Yes. This will return the public key.

> and the following code retrieves the private key:
>
> RSAParametes privateKey = rsa.ExportParamters(true);

Not exactly. This returns the keypair - including the private key.

> Well, the question is: How does the Encrypt/Decrypt
> method know which key to use?

This is automatic (by design). Encrypt uses the public key. Decrypt requires
the private key.

> In my specific case, sometime I need to Encrypt with
> the private key and Decrypt with the public key, and
> sometime I need to Encrypt with the public key and
> Decrypt with the private key...

Encrypting with the private key isn't (by design) supported in the .NET
framework (nor by Mono or me!).
While this is technically possible you wont find much support on most crypto
librairies (there are very good reason for that).
Most time (98%) people comes up with such a idea when there is a flaw in
their (security) design and they are trying to fix it at the wrong end.

If you REALLY need this (2%) then I suggest that you look at the
RSAManaged.cs file (in /mcs/class/corlib/Mono.Security.Cryptography/) and
implement your own "InversedRSA" class using the BigInteger classes
(available in /mcs/class/corlib/Mono.Math/).

> Could somebody explain me this point one time for ever?
> I've give a look at the msdn documentation, but it is
> a little bit unclear, since it doesn't explain this
> issue.

MSDN isn't the best source to learn about cryptography. The article are (a)
very basic or (b) API that requires solid crypto knowledge (as there are not
much warning about potential pitfalls).

I suggest getting a good book on cryptography (like cryptography applied).
The RSA FAQ (http://www.rsasecurity.com/rsalabs/faq/index.html) is also a
good source of information.

Good luck,

Sebastien Pouliot
Security Architect, Motus Technologies, http://www.motus.com/
work: spouliot@motus.com
home: spouliot@videotron.ca


-----Original Message-----
From: mono-list-admin@lists.ximian.com
[mailto:mono-list-admin@lists.ximian.com]On Behalf Of Giuseppe Greco
Sent: 6 septembre 2003 02:05
To: Mono
Subject: [Mono-list] Question about RSACryptoServiceProvider...


Hi all,

I'm trying to understand how RSACryptoServiceProvider works.

If I've well understood, the following code generates the
public/private key pair:

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

Then, the following code retrieves the public key:

RSAParamters publicKey = rsa.ExportParameters(false);

and the following code retrieves the private key:

RSAParametes privateKey = rsa.ExportParamters(true);

Well, the question is: How does the Encrypt/Decrypt
method know which key to use?

In my specific case, sometime I need to Encrypt with
the private key and Decrypt with the public key, and
sometime I need to Encrypt with the public key and
Decrypt with the private key...

Could somebody explain me this point one time for ever?
I've give a look at the msdn documentation, but it is
a little bit unclear, since it doesn't explain this
issue.

Thanks a lot,
Gius_.

--
----------------------------------------
Giuseppe Greco

::agamura::

phone:  +41 (0)91 604 67 65
mobile: +41 (0)76 390 60 32
email:  giuseppe.greco@agamura.com
web:    www.agamura.com
----------------------------------------

_______________________________________________
Mono-list maillist  -  Mono-list@lists.ximian.com
http://lists.ximian.com/mailman/listinfo/mono-list