 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / Security / June 2004Is RSAPKCS1SignatureDeformatter supported?
Hello, I am trying to use RSAPKCS1SignatureDeformatter.VerifySignature() but am getting a System.NotSupportedException, Additional information: EncryptValue. I know that RSA.EncryptValue() isn't supported but is the downstream effect that AsymmetricSignatureDeformatter isn't either? That seems a bit odd as there are examples of its use around so it must work for someone? Can anyone explain how to get round this or paste some code that IS working please? -- RSAPKCS1SignatureDeformatter asd = new RSAPKCS1SignatureDeformatter(rsaKey); asd.SetHashAlgorithm("MD5"); asd.VerifySignature(hash, signature); -- > I am trying to use RSAPKCS1SignatureDeformatter.VerifySignature() but am > getting a System.NotSupportedException, Additional information: > EncryptValue. I know that RSA.EncryptValue() isn't supported but is the > downstream effect that AsymmetricSignatureDeformatter isn't either? That > seems a bit odd as there are examples of its use around so it must work for > someone? The RSAPKCS1SignatureDeformatter is certainly supported by the .NET framework; in fact, I often use code like yours and never had any problems with it. However, the exception you're getting is a bit odd if you're using an RSACryptoServiceProvider as the key. The RSAPKCS1SignatureDeformatter makes a difference between an RSACryptoServiceProvider and other descendants of the RSA class. If the key you passed to it is from the RSACryptoServiceProvider type, it calls the RSACryptoServiceProvider.SignData. If it's not an RSACryptoServiceProvider, it calls the RSA.Encrypt method. Since the error message you're getting says something about an exception in the EncryptValue method, I assume the 'rsaKey' variable does not contain an RSACryptoServiceProvider. Is this correct? Could you tell us something more about the type of object in that variable? If you manually call rsaKey.EncryptValue, does that work? Regards, Pieter Philippaerts Ahhh good point, thanks - if I view locals at the time of the exception it is actually a Microsoft.Web.Services2.Security.Cryptography.RSACryptoServiceProvider. I thought these were all the same thing but obviously not! I obtained this (in another class somewhere) by retrieving a Microsoft.Web.Services2.Security.X509.X509Certificate from the Windows certificate store and the PublicKey property. Can I convert this to a System.Security.Cryptography.RSA<something> or should I do something else? Casting didn't seem to work :( > > I am trying to use RSAPKCS1SignatureDeformatter.VerifySignature() but > am [quoted text clipped - 23 lines] > Regards, > Pieter Philippaerts "Mark Shasby" <mark@shasby.com> wrote in message > Ahhh good point, thanks - if I view locals at the time of the exception it > is actually a [quoted text clipped - 5 lines] > System.Security.Cryptography.RSA<something> or should I do something else? > Casting didn't seem to work :( (for clarity I've abbreviated Microsoft.Web.Services2.Security.Cryptography.RSACryptoServiceProvider to RSACryptoServiceProvider2 and System.Security.Cryptography.RSACryptoServiceProvider to RSACryptoServiceProvider) Here are your options: 1] use the RSACryptoServiceProvider2.ExportParameters(true) method to export the private key to an RSAParameters structure and then use RSACryptoServiceProvider.ImportParameters to import it in a 'normal' RSACryptoServiceProvider instance. There are two problems with this approach. Firstly, it's unlikely that the call to ExportParameters(true) will succeed since private keys may be unexportable (for security reasons, it may be on a smartcard, ...). Secondly, you'll have to create an instance of the RSACryptoServiceProvider before calling the ImportParameters method. Unfortunately, the constructor of the RSACryptoServiceProvider will automatically generate an RSA key for you (which is then thrown away after calling ImportParameters) and this may degrade performance significantly. 2] cast the RSA instance to an RSACryptoServiceProvider2 and call the SignHash method directly. In case you're wondering what the value of the oidHash parameter should be, it's "1.2.840.113549.2.5" for MD5 and "1.3.14.3.2.26" for SHA1. 3] perhaps there's a class in WSE2 that does PKCS#1 signature formatting. If there is one, it's preferable to use this class of course, but I wasn't able to find one. Regards, Pieter Philippaerts Thanks, I'm sure I'll get something to work now. :) > "Mark Shasby" <mark@shasby.com> wrote in message > > Ahhh good point, thanks - if I view locals at the time of the exception it [quoted text clipped - 38 lines] > Regards, > Pieter Philippaerts Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.