locked
Sign by RSA Private Key RRS feed

  • Question

  • Hi,

     

    Is there any samples that shows how to Sign something with RSA Private Key? Any method like RSA_private_encrypt() ?

     

    I found Windows.Security.Cryptography.Core.CryptographicEngine.sign(key, Data) from here. The sign method here takes CryptographicKey object and IBuffer object as Key and Data. 

     

    I assume IBuffer object Data can be created by Windows.Security.Cryptography.Core.AsymmetricKeyAlgorithmProvider.convertSStringToBinary(string, encoding).

    But how am I able to get a CryptographicKey object. 

     

    Unlike SymmetricAlgorightmProvider, which offers createSymmetricKey() mthod, AsymmetricAlgorithmProvider only offer importKeyPair() and importPublicKey() method.

     

    But when you use RSA_private_encrypt() in OpenSSL, it is not necessary for you to have a public key. 

     

    Even if I want to use a fake Public Key, how do I create a Key Pair? 

     

    Please help.

     

    Thanks,


    Louis
    • Edited by Louis_PiG Friday, February 3, 2012 6:45 PM
    Friday, February 3, 2012 6:16 PM

All replies

  • There is a sample for common Crypto operations available at http://code.msdn.microsoft.com/windowsapps/CryptoWinRT-54ff3d9f.  Scenario 8 contains samples for Signing.

     

    As for your specific questions, IBuffer objects can be created by using the CryptographicBuffer class (http://msdn.microsoft.com/en-us/library/windows/apps/windows.security.cryptography.cryptographicbuffer.aspx).  The class contains a convertStringToBinary method that I believe you were referencing above, but it is part of CryptographicBuffer and not AsymmetricKeyAlgorithmProvider.

     

    For generating asymmetric keys, you can use the AsymmetricKeyAlgorithmProvider class, which contains a generateKeyPair method (http://msdn.microsoft.com/en-us/library/windows/apps/windows.security.cryptography.core.asymmetrickeyalgorithmprovider.generatekeypair.aspx) which takes the key size as a parameter.

    Saturday, February 4, 2012 12:17 AM
  • Thanks, James.

     

    I am specifically interested in the case that use a Private Key only to sign a request. I don't need to generate Key pair. 

     

     


    Louis
    Saturday, February 4, 2012 6:03 PM
  • The CryptographicEngine.Sign method uses the private key of the key pair to generate a signature for the data that is passed into it.  I'm not sure that I understand why you would want to sign the data if you don't have a public key to go with the private key.  It seems like this would give you no way to actually verify the signature after signing the data.

     

    If you would like to give me more information about what, specifically, you are trying to do, I might be able to give you a better answer.

    Monday, February 6, 2012 5:46 PM
  • Thanks for the reply James,

     

    I get my private key from a service. So I just need to sign the subsequent request with the private key. 

     

    So I did something like this.

     

     

    var keyBuffer = Windows.Security.Cryptography.CryptographicBuffer.convertStringToBinary(keyString, Windows.Security.Cryptography.BinaryStringEncoding.utf8);
    // Open the algorithm provider for the algorithm specified on input.
    var algorithmProvider = Windows.Security.Cryptography.Core.AsymmetricKeyAlgorithmProvider.openAlgorithm("RSA_PKCS1");
    var keyObject = algorithmProvider.importKeyPair(keyBuffer);

     

     

    I was hoping this would work, but the importKeyPair would throw exception says:

     

     

    WinRTError: The system cannot find message text for message number 0x in the message file for .

     

    Hope this is clearer. Thanks.


    Louis

    • Edited by Louis_PiG Monday, February 6, 2012 11:20 PM
    Monday, February 6, 2012 11:19 PM
  • Depending on what format the key is given to you from the service, convertStringToBinary may not be the correct method to use.  If the service is giving you a hex string, you may want to try using decodeFromHexString instead.  The binary versions of the IBuffers generated by the two methods are quite different.

    Tuesday, February 7, 2012 11:37 PM
  • Hi James,

    My private key is of format "---START PRIV KEY---AE898 blah blah ----END PRIV KEY--". So this is a string I believe and I got "Bad Data" Exceptions when I use decodeFromHexString. 

    Any other suggestions?

    Thanks,


    Louis

    Wednesday, February 8, 2012 5:41 PM
  • Hi James Stimers, 

    I faced the same problem。

    my public key is of format "-----BEGIN RSA PUBLIC KEY-----MIGHAoGBAKm4hTkW3QvdWmbJrV3mh4wcLIIREuG41V4gxQzja02OyHHNAKVtjNyH...-----END RSA PUBLIC KEY-----"

    my code like this:

     

       string s = PUBLICKEY.Replace("-----BEGIN RSA PUBLIC KEY-----", "").Replace("-----END RSA PUBLIC KEY-----", "");

               IBuffer buffMsg = CryptographicBuffer.DecodeFromBase64String(s);

       AsymmetricKeyAlgorithmProvider objAlgProv = AsymmetricKeyAlgorithmProvider.OpenAlgorithm("RSA_PKCS1");

       CryptographicKey keyPair1 = Algorithm.ImportPublicKey(buffMsg );

    WinRTError: The system cannot find message text for message number 0x in the message file for .

       Did you solve this problem ?

        please help!

        thanks.

    Wednesday, May 9, 2012 7:34 AM
  • Hi

    I ran into the exact same problem as Louis_PiG.

    I have my key in the format "---START PRIV KEY---MIC898 blah blah ----END PRIV KEY--" .

    When I try to import it into my code using ImportKeyPair function , I get an exception that "there was a problem

    at time of encoding or decoding".

    I am getting my key using openSSL "rsagen" tool which I believe gives a pair of Private and Public key.

    Monday, July 16, 2012 11:06 PM
  • Hi

    I ran into the exact same problem as asked earlier by  Louis_PiG which was unresolved at that time.

    http://social.msdn.microsoft.com/Forums/en-US/winappswithhtml5/thread/d599ff36-75f2-4393-af10-60beb1842ece

    I have my key in the format "---START PRIV KEY---MIC898 blah blah ----END PRIV KEY--" .

    When I try to import it into my code using ImportKeyPair function , I get an exception that "there was a problem

    at time of encoding or decoding".

    I am getting my key using openSSL "rsagen" tool which I believe gives a pair of Private and Public key.

    Monday, July 16, 2012 11:07 PM