We Keep Coding

C# bouncycastle AsymmetricCipherKeyPair to byte array ECDSA - c#

I generate key pair like this.
ECKeyPairGenerator gen = new ECKeyPairGenerator("ECDSA");
SecureRandom secureRandom = new SecureRandom();
Org.BouncyCastle.Asn1.X9.X9ECParameters ecp = Org.BouncyCastle.Asn1.Nist.NistNamedCurves.GetByName("P-256");
ECDomainParameters ecSpec = new ECDomainParameters(ecp.Curve, ecp.G, ecp.N, ecp.H, ecp.GetSeed());
ECKeyGenerationParameters ecgp = new ECKeyGenerationParameters(ecSpec, secureRandom);
gen.Init(ecgp);
AsymmetricCipherKeyPair eckp = gen.GenerateKeyPair();
and I want to convert AsymmetricCipherKeyPair to byte array.
so I add code.
ECPublicKeyParameters ecPub = (ECPublicKeyParameters)eckp.Public;
ECPrivateKeyParameters ecPri = (ECPrivateKeyParameters)eckp.Private;
But I know there were two ways for convert AsymmetricCipherKeyPair to byte array.
first,
byte[] pubs = ecPub.Q.GetEncoded();
Second,
byte[] pubX = ecPub.Q.XCoord.ToBigInteger().ToByteArray();
byte[] pubY = ecPub.Q.YCoord.ToBigInteger().ToByteArray();
The results of both methods are slightly different.
first way, pubs[0] is always 0x04, and it make array length to 65 bytes.
like this
04 F0 9E 70 EB ED 52 4B 56 E8 64 9C 9A D9 1C 97 6F F1 92 86 BA 87 FC F5 AB E4 CC 72 C6 EA 77 FA 0D 30 4C 39 0F 38 BE E3 C7 3E 8B 4D 2F 05 C3 55 3F 78 DB 8E DD 77 DF 24 D4 3B 56 88 33 D7 CB 0B 9E
seconde way, pubX[0] is sometimes 0x00, and it make array length to 65 bytes.
like this
pubX = 00 F0 9E 70 EB ED 52 4B 56 E8 64 9C 9A D9 1C 97 6F F1 92 86 BA 87 FC F5 AB E4 CC 72 C6 EA 77 FA 0D
pubY = 30 4C 39 0F 38 BE E3 C7 3E 8B 4D 2F 05 C3 55 3F 78 DB 8E DD 77 DF 24 D4 3B 56 88 33 D7 CB 0B 9E
Except for the value of index 0, the rest are the same.
Why does this difference occur?
What value do I actually use?
p.s.
I convert private key like this
byte[] pri = ecPri.D.ToByteArray();
Is this the right way?
And private key also has 0x00 on index 0. Why?

Related

I am a beginner at this thread thing and I have been hitting my head against the wall for two days. I read everywhere the Parallel.ForeEach will wait until the threads are finished before it comes out of the ForEach. I am here to tell you that is a bunch of you know what. This will just set up a bunch of tasks as scheduled and drop out of the ForEach.
So my questions are, how do I make the tasks go from scheduled to run? How do I keep in the program until completing all of the threads? This example I have below, it will just schedule the tasks and drop out of the program.
BTW, I stole the encryption part from another StackOverflow post just to give an example of a task that would take some time.
Edit - it was suggested I include a reference to the encryption code I pasted in and it is a good idea. I believe it is originally from Microsoft, but their answer is here (https://stackoverflow.com/a/273499/1352794).
Edit v2 - I have been playing around with this a bunch and using the help here (thank you) I have come up with:
Parallel.ForEach(tasks, new ParallelOptions { MaxDegreeOfParallelism = 4 }, task =>
{
task.Start();
task.Wait();
Console.WriteLine(task.Status);
});
It looks like the "Start" and "Wait" are VERY important to this. With those two commands, it is now working. I am trying to make it so this runs on a maximum of 4 threads, and I am having a hard time making sure that is the case. Any suggestions? I also hope this is the correct way to take a bunch of tasks and push them on to multiple threads.
class Program
{
static void Main(string[] args)
{
List<Task> tasks = new List<Task>();
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
tasks.Add(new System.Threading.Tasks.Task(() => DoEncryption()));
bool testbool = Parallel.ForEach(tasks, new ParallelOptions { MaxDegreeOfParallelism = 4 }, myTest =>
{
System.Threading.Tasks.Task.Run(() => myTest);
Console.WriteLine(myTest.Status);
}).IsCompleted;
Console.WriteLine("The parallel status is " + testbool);
string mymessage = System.Diagnostics.Process.GetCurrentProcess().Threads.Count.ToString();
}
private static void DoEncryption()
{
try
{
string original = "Here is some data to encrypt!";
// Create a new instance of the RijndaelManaged
// class. This generates a new key and initialization
// vector (IV).
using (RijndaelManaged myRijndael = new RijndaelManaged())
{
myRijndael.GenerateKey();
myRijndael.GenerateIV();
// Encrypt the string to an array of bytes.
byte[] encrypted = EncryptStringToBytes(original, myRijndael.Key, myRijndael.IV);
//Display the original data and the decrypted data.
Console.WriteLine("Original: {0}", original);
}
}
catch (Exception e)
{
Console.WriteLine("Error: {0}", e.Message);
}
}
static byte[] EncryptStringToBytes(string plainText, byte[] Key, byte[] IV)
{
// Check arguments.
if (plainText == null || plainText.Length <= 0)
throw new ArgumentNullException("plainText");
if (Key == null || Key.Length <= 0)
throw new ArgumentNullException("Key");
if (IV == null || IV.Length <= 0)
throw new ArgumentNullException("IV");
byte[] encrypted;
// Create an RijndaelManaged object
// with the specified key and IV.
using (RijndaelManaged rijAlg = new RijndaelManaged())
{
rijAlg.Key = Key;
rijAlg.IV = IV;
// Create a decryptor to perform the stream transform.
ICryptoTransform encryptor = rijAlg.CreateEncryptor(rijAlg.Key, rijAlg.IV);
// Create the streams used for encryption.
using (MemoryStream msEncrypt = new MemoryStream())
{
using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
{
using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
{
//Write all data to the stream.
swEncrypt.Write(plainText);
}
encrypted = msEncrypt.ToArray();
}
}
}
// Return the encrypted bytes from the memory stream.
return encrypted;
}
}

You are over thinking it.
You can either do this with tasks
var tasks = new List<Task>();
tasks.Add(new Task(DoEncryption));
tasks.Add(new Task(DoEncryption));
tasks.Add(new Task(DoEncryption));
tasks.Add(new Task(DoEncryption));
tasks.Add(new Task(DoEncryption));
Task.WhenAll(tasks);
Or Parallel.For
var options = new ParallelOptions
{
MaxDegreeOfParallelism = 4
};
Parallel.For(0, 10, options, i => DoEncryption());
Or if you change your DoEncryption slightly, you can use Parallel.ForEach
private static void DoEncryption2(string original)
{
try
{
using (var myRijndael = new RijndaelManaged())
{
myRijndael.GenerateKey();
myRijndael.GenerateIV();
// Encrypt the string to an array of bytes.
var encrypted = EncryptStringToBytes(original, myRijndael.Key, myRijndael.IV);
//Display the original data and the decrypted data.
Console.WriteLine("Original: {0}, Encrypted {1}", original, string.Join("", encrypted.Select(b => b.ToString("X2"))));
}
}
catch (Exception e)
{
Console.WriteLine("Error: {0}", e.Message);
}
}
Usage
var list = new List<string>
{
"Here is some hjdata to encrypt!",
"Here is sghjome data to encrypt!",
"Here is somfghe data to encrypt!",
"Here is somfghe data to encrypt!",
"Here is sohjkme data to encrypt!",
"Here is somghje data to encrypt!",
"Here is somfgheh data to encrypt!",
"Here is somefgh data to encrypt!",
"Here is sfghfgome data to encrypt!",
"Here is somefghfgh data to encrypt!",
"Here is shome data to encrypt!",
"Here is some data to encrypt!",
"Here is sfghfghfghome data to encrypt!",
"Here is some data to encrypt!",
"Here is somfghe data to encrypt!"
};
Parallel.ForEach(list, options, DoEncryption2);
Output
Original: Here is somfgheh data to encrypt!
Encrypted 2A 9F 25 EA 4E D2 0E BB 0D 46 43 04 F5 B6 63 7F 08 E6 62 A3 64 C3 97 D4 4A D6 F0 1F DA E3 26 54 E0 E7 1B EF EB C1 68 8F 3C DB 52 58 1F F9 A9 20
Original: Here is somfghe data to encrypt!
Encrypted CD 04 A7 8F BB 1D AB E1 D4 91 2D 09 D3 91 62 7A 2F 55 E7 06 52 C6 44 18 06 D1 5F 4F 59 56 66 65 33 E4 2E 15 55 CF 36 75 80 B0 52 F4 85 81 F0 A9
Original: Here is somefghfgh data to encrypt!
Encrypted 5A E6 37 A5 F4 D4 92 5B 75 F2 22 3F 46 F9 C5 8B 5C 56 ED 78 1C B2 2E AE 16 5B F8 22 6E 40 55 A2 D7 FD FD 8C 34 65 22 06 9A C5 73 30 BC AF CB A2
Original: Here is sohjkme data to encrypt!
Encrypted D3 77 FA D1 31 18 DF 4C CD B1 9D 17 56 EF 68 F8 FB 02 D5 AD F6 47 80 27 8C 77 78 A0 AF 6C E4 42 19 39 C3 F6 4C 5D 19 CB CB 8E B9 A8 C1 B6 AA 71
Original: Here is somefgh data to encrypt!
Encrypted BD E4 C4 33 D9 65 EF 47 BF 8D 93 EE EB EB 45 BF 6F BE A8 7B B0 CB AA 74 CD 4B 4A FD A5 26 06 DD 4D 52 E7 BC 4F B0 4F 99 94 BE 64 38 6F E5 04 35
Original: Here is shome data to encrypt!
Encrypted 18 40 3C 30 FD 1D D5 C7 A2 29 2D 3F 3A 54 0A 06 97 70 97 F6 86 9B 7B 1F 64 C2 83 1E 13 71 92 CB
Original: Here is somghje data to encrypt!
Encrypted 84 FA EB 84 46 D7 E2 1A 8F FB 3C 48 94 3C A7 4E 03 3D B8 C1 28 F5 AE 8B FD 64 4F 7E 12 2D D8 DE 12 3F 08 AD 10 50 C8 51 88 04 A1 FF 10 58 B6 D5
Original: Here is sfghfgome data to encrypt!
Encrypted 92 47 76 2A 3C C1 77 EE 03 CB 91 E2 B1 42 1D 21 C9 EE A2 57 CB A4 A9 31 60 21 C7 A4 CD F1 9C 5F 6B 8C 44 23 5F 1A 1F 44 74 D9 EA 3B DF 15 8A 9A
Original: Here is some data to encrypt!
Encrypted 6D 50 00 68 04 F4 FD EC 08 21 76 27 7D 66 DA 33 B2 7B DD CC B5 7D 24 8B 44 B7 AC 2D E7 DB B6 40
Original: Here is sfghfghfghome data to encrypt!
Encrypted F2 FA 09 62 94 F5 78 A1 07 5E D1 DF 9D 09 B2 B4 DD 67 B8 A6 15 A5 21 7C 06 59 1A CD 9A 2E 94 5C 73 5E 9C F2 13 FE 88 36 74 B1 64 B7 57 F9 FC 70
Original: Here is sghjome data to encrypt!
Encrypted 57 D5 3C E2 CC F0 E9 02 E3 40 AC 43 F4 22 E5 44 A9 B2 A1 37 5D 42 17 6B 11 B6 1D 70 C9 CE 64 6B 85 36 56 9E 3C CF 6D 94 71 F9 28 15 7D 78 F9 5C
Original: Here is some data to encrypt!
Encrypted 7E BD BC 34 23 42 27 82 6A 52 D7 4B 4C AD 1C FC 55 7A 7E AF A1 34 24 25 B7 F7 C2 F1 9F 25 49 D1
Original: Here is somfghe data to encrypt!
Encrypted C3 6A A7 CD 43 76 FD CB 4C 6E 29 A6 96 C4 AA E0 94 7C 4F D1 99 9F 86 AF ED A8 5C C7 DC 15 BD BA C2 21 F9 C2 09 1C 64 BB 3D 4C 0E 41 E6 C9 2E F3
Original: Here is somfghe data to encrypt!
Encrypted 87 CD 1A 35 08 42 02 2A EC 70 6C 2D CC 75 66 88 8C 5E 9A DC 5B AC 72 D7 26 9A F0 11 76 C1 C4 C7 C9 D8 36 7B 77 89 AB 45 39 60 50 D6 88 63 35 F1
Original: Here is some hjdata to encrypt!
Encrypted 3C AC F0 69 9B 2C E4 54 4A 7B 78 5F F4 D9 AD D3 42 E7 90 5E 8F CF 02 1F 13 C2 BF 9E B4 94 76 08
Full Demo Here

I have a Barco projector that I would like to remote control myself.
Barco has his own tool to do this, but is fully written in java.
When I catch the data being sent to swith to HDMI source with wireshark I get the following:
0000 00 0d 0a 01 2a bc d8 d3 85 95 91 57 08 00 45 00 ....*......W..E.
0010 00 31 51 72 40 00 80 06 00 00 0a 00 00 0d 0a 00 .1Qr#...........
0020 00 3e ef e1 04 01 c2 67 14 b8 9e da c6 b2 50 18 .>.....g......P.
0030 01 00 14 6e 00 00 3a 49 48 44 4d 20 31 20 0d ...n..:IHDM 1 .
0000 00 0d 0a 01 2a bc d8 d3 85 95 91 57 08 00 45 00 ....*......W..E.
0010 00 28 51 73 40 00 80 06 00 00 0a 00 00 0d 0a 00 .(Qs#...........
0020 00 3e ef e1 04 01 c2 67 14 c1 9e da c6 c4 50 10 .>.....g......P.
0030 01 00 14 65 00 00 ...e..
And to switch back to DVI I get:
0000 00 0d 0a 01 2a bc d8 d3 85 95 91 57 08 00 45 00 ....*......W..E.
0010 00 31 53 1e 40 00 80 06 00 00 0a 00 00 0d 0a 00 .1S.#...........
0020 00 3e ef e1 04 01 c2 67 14 c1 9e da c6 c4 50 18 .>.....g......P.
0030 01 00 14 6e 00 00 3a 49 44 56 49 20 31 20 0d ...n..:IDVI 1 .
0000 00 0d 0a 01 2a bc d8 d3 85 95 91 57 08 00 45 00 ....*......W..E.
0010 00 28 53 20 40 00 80 06 00 00 0a 00 00 0d 0a 00 .(S #...........
0020 00 3e ef e1 04 01 c2 67 14 ca 9e da c6 d6 50 10 .>.....g......P.
0030 00 ff 14 65 00 00 ...e..
I've tried some things out in c#, but with little success:
IPAddress beamerIP = new IPAddress(IpToBin("!!Beamer IP!!"));
IPEndPoint ip = new IPEndPoint(beamerIP, 1025);
Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
socket.Connect(ip);
Console.WriteLine("Socket connected to " + socket.RemoteEndPoint.ToString());
byte[] msg = Encoding.ASCII.GetBytes(":IDVI 1 .");
byte[] dvi = new byte[] { 0x3a, 0x49, 0x44, 0x56, 0x49, 0x20, 0x31, 0x20, 0x0d };
byte[] hdmi = new byte[] { 0x3a, 0x49, 0x48, 0x44, 0x4d, 0x20, 0x31, 0x20, 0x0d };
int bytesSent = socket.Send(dvi);
Console.WriteLine("Sent {0} bytes.", bytesSent);
socket.Shutdown(SocketShutdown.Both);
socket.Close();
I've also tried sending with PCAP.NET like in this thread, but with little success.
Am I doing something wrong or is there another approach to this?

Turns out I was almost there. This is the code that worked for me:
// Data buffer for incoming data.
byte[] bytes = new byte[1024];
// Establish the remote endpoint for the socket.
IPAddress beamerIP = new IPAddress(IpToBin("!!Beamer IP!!"));
IPEndPoint ip = new IPEndPoint(beamerIP, 1025);
Socket socket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
socket.SetSocketOption(SocketOptionLevel.Socket, SocketOptionName.ReuseAddress, true);
socket.Connect(ip);
// Send the data through the socket.
int bytesSent = socket.Send(message); //message => DVI = Encoding.ASCII.GetBytes(":IDVI 1 \r") || HDMI = Encoding.ASCII.GetBytes(":IHDM 1 \r")
// Receive the response from the remote device.
int bytesRec = socket.Receive(bytes);
// Release the socket.
socket.Shutdown(SocketShutdown.Both);
socket.Close();

In JavaScript, doing this:
var numbers = new Array(1042147201, -1682263442, -1463053899, 1834416100)
sjcl.codec.base64.fromBits(numbers)
Return "Ph3ngZu6sm6oy5G1bVb35A==", but doing this in C#:
var numbers = new[] { 1042147201, -1682263442, -1463053899, 1834416100 };
var byteNumbers = new byte[numbers.Length * sizeof(int)];
Buffer.BlockCopy(numbers, 0, byteNumbers, 0, byteNumbers.Length);
Convert.ToBase64String(byteNumbers);
Return "gecdPm6yupu1kcuo5PdWbQ=="
Why is the result different and what do I have to do to get the same result like in JavaScript?

Looking at output of the 2 two pieces of code you have issue with endianness of ints
1834416100 - > 6D 56 F7 E4
Ph3ngZu6sm6oy5G1bVb35A== -> 3E 1D E7 81 9B BA B2 6E A8 CB 91 B5 6D 56 F7 E4
gecdPm6yupu1kcuo5PdWbQ== -> 81 E7 1D 3E 6E B2 BA 9B B5 91 CB A8 E4 F7 56 6D
Possible fix: reverse each integer when adding to array as shown in BitConverter class
int value = 12345678;
byte[] bytes = BitConverter.GetBytes(value);
if (BitConverter.IsLittleEndian)
Array.Reverse(bytes);

Hallo,
how to convert same binary data to plain text. I think there a 16 Bytes rows.
Have to be
000006F0 DB 4D D9 94 B7 F0 F9 C9 70 F1 D3 7C E3 EC 65 93 .M......p..|..e.
00000700 18 66 FD 0E C1 B9 78 BE 83 14 B0 E0 76 27 3C 69 .f....x.....v'<i
00000710 5F 18 19 FF 5C AC 15 24 84 CF BC F9 F1 04 56 06 _...\..$......V.
00000720 4A 45 07 6D 8B 9F 96 51 8C E7 FE 98 B7 32 87 F6 JE.m...Q.....2..
00000730 94 0B 3F 09 BB 15 E5 9F D3 B2 4D 40 03 DE 23 B2 ..?.......M#..#.
00000740 84 6C 39 37 15 C6 4D 0E 02 57 0B B2 AC 69 A8 7C .l97..M..W...i.|
00000750 A4 71 D8 DB CF 52 28 10 6C 3C 3E A2 59 B0 CD CF .q...R(.l<>.Y...
00000760 34 6B D9 9D 7E 5A D3 49 32 E5 91 97 2C AC 40 F2 4k..~Z.I2...,.#.
00000770 8C 15 25 92 07 DE A7 B2 72 22 84 6B CD 33 56 D5 ..%.....r".k.3V.
00000780 72 16 78 5F AD DB FC 12 AE 7D BB 80 AA AE DE 8A r.x_.....}......
Is right now
I tried Encoding.ASCII.GetString. My Text length is not always the same like above and there a some special character in my version why ?
0200 43 93 87 31 D1 13 50 C2 73 9A 74 12 72 65 1C 23 C??1?P?s?tre#
0220 1D D3 35 6D A9 24 2C EC 70 CC 73 1A 03 14 4D D1 ?5m?$,?p?sM?
0240 13 42 69 2A 2C 45 07 DF A2 D4 72 CB 17 CB 4E A9 Bi*,E???r??N?
0260 F1 1B 53 58 53 1B BF 6C 80 39 B4 66 DB 27 C9 6C ?SXS?l?9?f?'?l
0280 F3 18 BF 44 A0 2C 4F 84 BA 65 E8 A7 EB 32 B0 30 ??D?,O??e???2?0
02a0 B9 19 39 13 70 B8 A2 10 18 FD 26 4D 23 9B 44 7C ?9p???&M#?D|
02c0 90 8F F9 B4 16 D6 63 C2 22 0D 7A FD 3E 6A C1 55 ?????c?"z?>j?U
02e0 E8 BA A6 B2 55 D1 2E 95 D1 83 22 C0 CB 64 00 AA ????U?.???"??d?
0300 E3 21 49 A0 E2 B2 DC 0E 36 C2 04 4B 97 C7 58 35 ?!I????6?K??X5
A other thing is the Textbox in WPF. There are no returns (\n) in my text. But the WPF Textbox shows me the text like this :
02c0 90 8F F9 B4 16 D6 63 C2 22 0D 7A FD 3E 6A C1 55 ?????c?"z?>j?U
02e0 E8 BA A6 B2 55 D1 2E 95 D1 83 22 C0 CB 64 00 AA ????U?.
???"??d?
0300 E3 21 49 A0 E2 B2 DC 0E 36 C2 04 4B 97 C7 58 35 ?!I????6?K??X5

ASCII only covers a subset of the possible values you can contain in a byte, so anything outside of the ASCII range will appear as any variety of junk, depending on the default character set of your machine.
You simply need to replace the byte values below 0x20 and above 0x7F with some visible character. (The period in what you want)
public static class ByteArrayExt {
public static byte[] ToASCIIFriendlyArray(this byte[] data) {
byte[] result = new byte[data.Length];
for (int i=0;i<data.Length;i++)
result[i] = b >= 0x20 || b < 0x79 ? b : '.';
return result;
}
}
Encoding.ASCII.GetString(data.ToASCIIFriendlyArray());

this is probably a n00b question, but I don't really have any experience in this area.
I need to create a p12 bundle containing an X509 certificate and the private key. I currently have two objects, the X509Certificate2, and the RSAParameters object which contains key information. How do I combine these into a p12 file?
I just cannot find any information regarding this.
I also have a RSACryptoServiceProvider object that has the parameters from the RSAParameters imported into it if that helps.
Some additional background. I am getting my certificate from a VeriSign Registration Authority we have installed here. This is done by creating a PCKS#10 certificate request. I create my certificate object by reading in a byte array of data the RA puts into a database.
RsaPrivateCrtKeyParameters KeyParams = (RsaPrivateCrtKeyParameters)this.KeyPair.Private;
RSAParameters rsaParameters = new RSAParameters();
rsaParameters.Modulus = KeyParams.Modulus.ToByteArrayUnsigned();
rsaParameters.P = KeyParams.P.ToByteArrayUnsigned();
rsaParameters.Q = KeyParams.Q.ToByteArrayUnsigned();
rsaParameters.DP = KeyParams.DP.ToByteArrayUnsigned();
rsaParameters.DQ = KeyParams.DQ.ToByteArrayUnsigned();
rsaParameters.InverseQ = KeyParams.QInv.ToByteArrayUnsigned();
rsaParameters.D = KeyParams.Exponent.ToByteArrayUnsigned();
rsaParameters.Exponent = KeyParams.PublicExponent.ToByteArrayUnsigned();
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider();
rsaKey.ImportParameters(rsaParameters);
this.Certificate.PrivateKey = rsaKey;
byte[] p12 = this.Certificate.Export(X509ContentType.Pkcs12, "password");
File.WriteAllBytes(fileName, p12);
PKCS10 generation (using the bouncycastle library)
509Name name = new X509Name(String.Concat(SubjectCommonName, "=", firstName, " ", lastName));
RsaKeyPairGenerator rkpg = new RsaKeyPairGenerator();
rkpg.Init(new KeyGenerationParameters(new SecureRandom(), 1024));
this.KeyPair = rkpg.GenerateKeyPair();
// PKCS #10 Certificate Signing Request
Pkcs10CertificationRequest csr = new Pkcs10CertificationRequest("SHA1WITHRSA", name, this.KeyPair.Public, null, this.KeyPair.Private);
byte[] request = Base64.Encode(csr.GetEncoded());
ASCIIEncoding encoder = new ASCIIEncoding();
return encoder.GetString(request);
The cert request (minus the http post headers). the public_key parameter is the base64 encoded, pkcs10 formatted CSR. (I've put the line breaks after each parameter just so it's easier to read here, they are not there in the actual http post)
operation=AutoAuthOSUserSubmit&
form_file=..%2ffdf%2fclient%2fuserEnrollMS.fdf&
authenticate=NO&
public_key_format=pkcs10&
country=NZ&
mail_firstName=Daniel&
mail_lastName=Mapletoft&
mail_email=daniel.mapletoft#nz.firstms.com&
challenge=1234&
public_key=MIIBTzCBuwIBADAUMRIwEAYDVQQDDAlTaW1vbiBEb2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANZD8M7gjUq1vBWq4w25x3SNhet4T+uCV3ebnAB5ws9f2YQevd9QeSfoPWw/pyJ/mJRDZDLjYzG63VQUzrXyBx3PZhmWqWaDECAYSssOYTfTMWPns0sRsyg1f35f4mh0ZXieiPYdv8r9CVjG9woa15LA1cYI0b93alM/z+OoMLxNAgMBAAEwCwYJKoZIhvcNAQEFA4GBAIB9buu5sycjdAgyV+UMAlzYKlENrQmI2/36ZZ4q3sx5bIyLm9tOEexbNzkk86kcGQhL2w/0oA5UpUCUU4IIf9u+lhpMoUlbHKH4tosswMwVEiFpfIWrL4M9X7+TW4Lj1aGf2T+xgKhWeo+cBSGexxvHo27OaH9d1NVDozEJ6c7i
This is the output from Certificate.GetRawCertDataString()
3082036F30820257A003020102021034914BB0AF5A48704B56C89DE8B1BBFD300D06092A864886F70D0101050500304D310B3009060355040613024E5A31283026060355040A131F4669727374204D6F727467616765205365727669636573204C696D69746564311430120603550403130B464D5320526F6F74204341301E170D3130303132313030303030305A170D3131303132313233353935395A305B31243022060355040A141B4669727374204D6F727467616765205365727669636573204C7464311F301D060355040B1416466F72205465737420507572706F736573204F6E6C79311230100603550403140953696D6F6E20446F6530819F300D06092A864886F70D010101050003818D0030818902818100D643F0CEE08D4AB5BC15AAE30DB9C7748D85EB784FEB8257779B9C0079C2CF5FD9841EBDDF507927E83D6C3FA7227F9894436432E36331BADD5414CEB5F2071DCF661996A966831020184ACB0E6137D33163E7B34B11B328357F7E5FE2687465789E88F61DBFCAFD0958C6F70A1AD792C0D5C608D1BF776A533FCFE3A830BC4D0203010001A381C03081BD30090603551D1304023000300E0603551D0F0101FF0404030205A030600603551D1F0101FF045630543052A050A04E864C687474703A2F2F6F6E7369746563726C2E766572697369676E2E636F6D2F46697273744D6F72746761676553657276696365734C746450726F70656C6C632F4C617465737443524C2E63726C301F0603551D230418301680148B2A2C583903B2619F16E73D3DF1704DB1F3D4E2301D0603551D0E0416041411A6D5EBC14D7C226502EC340F70237D23431D0B300D06092A864886F70D010105050003820101008EFD93EF777F2D196FC8633C5A8347CA886320E59AF8AF8D3AA901AEF0ADF75EDD2D3C4495CF70F1E4516AA224F3731B6EE66DCB332FD88C03255DA9D12202DD3DF619EE55443F53773FD03C808B5B66AEEB39A3E20B866DC22D92010785A2729C269E35ED6B2036014628850B8E8A40A501F3C7EECA49A4B7E957B496ECD8A27702D7230C40580F94C69E83A0AEFD9347625B529E3ACDD2A5FEB7B946BEE9BE9DA9AA52E14AEC790C66E8A670AA1D53518DEFB66FE6BC33A57BB6A59C75C6DFADE5E961A9A03C3FFDC559FC9ADD565D345975B99BEF5F973D331E60A3FEFEF713C6C630D80222AD9541BC12F1E92379EF5CBECE81CA5E327FD32FDC28AB52D7
this is the contents of array from
byte[] array1 = certKey.ExportCspBlob(false);
6,2,0,0,0,164,0,0,82,83,65,49,0,4,0,0,1,0,1,0,77,188,48,168,227,207,63,83,106,119,191,209,8,198,213,192,146,215,26,10,247,198,88,9,253,202,191,29,246,136,158,120,101,116,104,226,95,126,127,53,40,179,17,75,179,231,99,49,211,55,97,14,203,74,24,32,16,131,102,169,150,25,102,207,29,7,242,181,206,20,84,221,186,49,99,227,50,100,67,148,152,127,34,167,63,108,61,232,39,121,80,223,189,30,132,217,95,207,194,121,0,156,155,119,87,130,235,79,120,235,133,141,116,199,185,13,227,170,21,188,181,74,141,224,206,240,67,214
this is the contents of the array from
byte[] array2 = rsaKey.ExportCspBlob(false);
6,2,0,0,0,164,0,0,82,83,65,49,0,4,0,0,1,0,1,0,77,188,48,168,227,207,63,83,106,119,191,209,8,198,213,192,146,215,26,10,247,198,88,9,253,202,191,29,246,136,158,120,101,116,104,226,95,126,127,53,40,179,17,75,179,231,99,49,211,55,97,14,203,74,24,32,16,131,102,169,150,25,102,207,29,7,242,181,206,20,84,221,186,49,99,227,50,100,67,148,152,127,34,167,63,108,61,232,39,121,80,223,189,30,132,217,95,207,194,121,0,156,155,119,87,130,235,79,120,235,133,141,116,199,185,13,227,170,21,188,181,74,141,224,206,240,67,214

Try this:
RSACryptoServiceProvider rsaKey = new RSACryptoServiceProvider();
rsaKey.ImportParameters(rsaParameters);
X509Certificate2 cert = ...
cert.PrivateKey = rsaKey;
cert.Export(X509ContentType.Pkcs12, "password");
Since you still get the mismatch, but cannot find any difference between the keys, try to insert this check (it should replicate what the .NET framework does internally):
RSACryptoServiceProvider certKey = (RSACryptoServiceProvider) cert.PublicKey.Key;
byte[] array1 = certKey.ExportCspBlob(false);
byte[] array2 = rsaKey.ExportCspBlob(false);
if(array1.Length!=array2.Length)
throw new Exception("key mismatch");
for (int i = 8; i < array1.Length; i++){ // skip blobheader
if (array1[i] != array2[i]){
throw new Exception("key mismatch");
}
}
It looks like something is going wrong with your keys. Are you perhaps generating a new RSA key between issuing the certificate-request and receiving the certificate?
Here is a dump of your certificate-request:
0 30 342: SEQUENCE {
4 30 194: SEQUENCE {
7 02 1: INTEGER 0
10 30 27: SEQUENCE {
12 31 25: SET {
14 30 23: SEQUENCE {
16 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
21 0C 16: UTF8String 'Daniel Mapletoft'
: }
: }
: }
39 30 159: SEQUENCE {
42 30 13: SEQUENCE {
44 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
55 05 0: NULL
: }
57 03 141: BIT STRING 0 unused bits, encapsulates {
61 30 137: SEQUENCE {
64 02 129: INTEGER
: 00 95 83 2A AB 16 9D 7F 16 87 40 A4 09 74 5F 9D
: 81 04 B0 41 C1 75 9C C9 CD D0 52 EF 61 09 EF F5
: 9B 40 1D D4 79 E0 4B 17 6C 1E 62 73 38 D8 69 92
: 31 C4 E0 84 07 4B 2E FD 53 6D 24 95 59 12 43 8E
: 82 35 1D 62 79 89 C2 88 38 57 3D 1F 15 8D B9 CC
: FA F4 41 23 BA FD ED 51 69 F7 7A E7 03 72 A2 DA
: A9 08 65 17 DA 90 E3 7B C4 2C 85 6A 3F AF 83 AC
: E5 00 37 7A 98 14 03 EE 68 37 CB E7 0A 1A 49 5F
: [ Another 1 bytes skipped ]
196 02 3: INTEGER 65537
: }
: }
: }
: }
201 30 11: SEQUENCE {
203 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
: }
214 03 129: BIT STRING 0 unused bits
: 70 D5 29 EB F3 2A 34 13 3F E6 DE 78 35 FB 79 BD
: 6D ED 8E 89 D9 B0 8F C1 7C 7D 42 37 B8 3E 5B 00
: C2 26 A4 E5 77 26 01 86 63 E1 BB 4D 9C CE 7A 10
: FF 8E BF 77 1B 0E F9 EE 38 1F 1F A1 04 24 D7 6A
: B6 28 3A 88 F5 54 D0 88 46 92 6E 5D 7E 7C CE 87
: 99 F9 DC 85 99 33 8C 9D BD 73 E2 23 8A 9A 97 B0
: 3A 9B 36 51 58 FD B7 0F 60 3D FB 5F 4F 06 A0 CE
: 30 7F 56 B6 53 5E FE 64 7D 8A 30 92 FB BA A4 C6
: }
and here is a dump of your certificate:
0 30 886: SEQUENCE {
4 30 606: SEQUENCE {
8 A0 3: [0] {
10 02 1: INTEGER 2
: }
13 02 16: INTEGER
: 6E F0 A9 78 7D 3C D4 05 4E 90 13 DC 9D 34 77 2C
31 30 13: SEQUENCE {
33 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
44 05 0: NULL
: }
46 30 77: SEQUENCE {
48 31 11: SET {
50 30 9: SEQUENCE {
52 06 3: OBJECT IDENTIFIER countryName (2 5 4 6)
57 13 2: PrintableString 'NZ'
: }
: }
61 31 40: SET {
63 30 38: SEQUENCE {
65 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10)
70 13 31: PrintableString 'First Mortgage Services Limited'
: }
: }
103 31 20: SET {
105 30 18: SEQUENCE {
107 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
112 13 11: PrintableString 'FMS Root CA'
: }
: }
: }
125 30 30: SEQUENCE {
127 17 13: UTCTime '091222000000Z'
142 17 13: UTCTime '101222235959Z'
: }
157 30 98: SEQUENCE {
159 31 36: SET {
161 30 34: SEQUENCE {
163 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10)
168 14 27: TeletexString 'First Mortgage Services Ltd'
: }
: }
197 31 31: SET {
199 30 29: SEQUENCE {
201 06 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 11)
206 14 22: TeletexString 'For Test Purposes Only'
: }
: }
230 31 25: SET {
232 30 23: SEQUENCE {
234 06 3: OBJECT IDENTIFIER commonName (2 5 4 3)
239 14 16: TeletexString 'Daniel Mapletoft'
: }
: }
: }
257 30 159: SEQUENCE {
260 30 13: SEQUENCE {
262 06 9: OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1)
273 05 0: NULL
: }
275 03 141: BIT STRING 0 unused bits, encapsulates {
279 30 137: SEQUENCE {
282 02 129: INTEGER
: 00 CD 08 AE 3E E3 5A E4 5E 50 28 29 5E 65 05 DA
: 1A E1 9C 50 44 4A F0 06 AA 75 1A 8F F0 75 4C AA
: 47 4B D5 8F 04 B5 CE 98 C5 0D 99 54 36 E9 EF 2E
: 7D CD DF FA 46 B2 7D 76 E5 74 19 AD 3E F0 52 52
: C7 F8 86 E6 78 32 90 EB 2F 12 3F 7A 31 4B 15 E9
: 2A 9D 75 91 EA 31 9F 4E 98 A6 06 81 DD 98 1B 1A
: DB FE 1F 2E BD 2E 32 60 5A 54 7C 0E 48 6A AB 6C
: C6 F6 E2 F2 FD 4A BE 5A BD E0 DF 0C 21 B6 4C 9E
: [ Another 1 bytes skipped ]
414 02 3: INTEGER 65537
: }
: }
: }
419 A3 192: [3] {
422 30 189: SEQUENCE {
425 30 9: SEQUENCE {
427 06 3: OBJECT IDENTIFIER basicConstraints (2 5 29 19)
432 04 2: OCTET STRING, encapsulates {
434 30 0: SEQUENCE {}
: }
: }
436 30 14: SEQUENCE {
438 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15)
443 01 1: BOOLEAN TRUE
446 04 4: OCTET STRING, encapsulates {
448 03 2: BIT STRING 5 unused bits
: '101'B
: }
: }
452 30 96: SEQUENCE {
454 06 3: OBJECT IDENTIFIER cRLDistributionPoints (2 5 29 31)
459 01 1: BOOLEAN TRUE
462 04 86: OCTET STRING, encapsulates {
464 30 84: SEQUENCE {
466 30 82: SEQUENCE {
468 A0 80: [0] {
470 A0 78: [0] {
472 86 76: [6]
: 'http://onsitecrl.verisign.com/FirstMortgageServi'
: 'cesLtdPropellc/LatestCRL.crl'
: }
: }
: }
: }
: }
: }
550 30 31: SEQUENCE {
552 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 35)
557 04 24: OCTET STRING, encapsulates {
559 30 22: SEQUENCE {
561 80 20: [0]
: 8B 2A 2C 58 39 03 B2 61 9F 16 E7 3D 3D F1 70 4D
: B1 F3 D4 E2
: }
: }
: }
583 30 29: SEQUENCE {
585 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14)
590 04 22: OCTET STRING, encapsulates {
592 04 20: OCTET STRING
: 3E 91 DB A0 9C B4 A1 CB 68 CC 70 D0 0A 29 D6 BF
: 4E 68 10 AB
: }
: }
: }
: }
: }
614 30 13: SEQUENCE {
616 06 9: OBJECT IDENTIFIER
: sha1withRSAEncryption (1 2 840 113549 1 1 5)
627 05 0: NULL
: }
629 03 257: BIT STRING 0 unused bits
: 3E C3 A3 F3 5F 3E 29 37 4D 33 E3 F5 F2 89 42 78
: AC CD 59 14 E9 CC FF 20 8F 98 34 7B F0 F4 D2 96
: EC 58 53 61 E4 3E D0 02 CF FF 30 C8 77 D0 6F 94
: 37 72 3C B7 90 6E 38 10 59 8C F8 06 B0 61 55 65
: 58 96 30 7B 9A 58 FF DB 15 7C FA F9 1F 64 5E DC
: E8 63 EE EE 90 B1 18 3C 6A 11 62 73 91 CF DE DB
: 34 F5 67 4F C9 89 77 5C 36 71 FC 11 27 07 C5 76
: BB 79 B8 8E 19 E8 E2 5B D7 A5 23 BA D8 19 7C 74
: [ Another 128 bytes skipped ]
: }
The INTEGERs starting with "00 95 83 2A" in the request and with "00 CD 08 AE" in the certificate are the RSA moduluses of the public key.
The values in the output from ExportCspBlob are reversed, since Microsoft uses little-endian format, but if you start from the end of certKey.ExportCspBlob(false), you should recognize: 205=0xCD, 8=0x08, 174=0xAE.
rsaKey.ExportCspBlob(false) on the other hand contains 166=0xA6, 154=0x9A, 180=0xB4, which is yet another RSA modulus.
Are you sure that all of your dumped values were from the same certificate-issuing-process?