Hi, I'm a newbie when it comes to RSA, the last time I learned it was in school over 7 years ago in one lecture. Maybe I'm missing something but I will try to explain my problem again.
A former co worker generated a public and private key for our group. (I think he used PGP but not sure). So I have the 2 .pem files he created. So far so good.. Now, he's using openssl rsautl to encrypt and decrypt strings for our group. So far so good.. He's calling openssl rsautl from a c# script to encrypt and decrypt these strings. So far so good.. Now here is what I want to do. I want to use c#'s built in rsa class to encrypt and decrypt these strings instead of having the c# script call openssl rsautl. So far so good.. On this link below there is an example of c# calling and ecrypting with a public key, you don't have to go to this link..just for reference. http://msdn.microsoft.com/en-us/library/system.security.cryptography.rsacryptoserviceprovider.encrypt.aspx Now in this script before the encrypt function is called there are two lines of code: byte[] Exponent = {1,0,1}; RSAKeyInfo.Exponent = Exponent; If I try to remove this it throws an error. So I am guessing that a exponent needs to be defined in order to encrypt a message????Yes, no, I'm missing something.. In your response to my first email, you said e and n are needed for encrypting. If there is no e being passed in as an argument to openssl rsautl, what is the default e? and what is the default n? On Sun, May 23, 2010 at 6:11 PM, Dave Thompson <dthomp...@prinpay.com>wrote: > > From: owner-openssl-us...@openssl.org On Behalf Of Pareto, Charles > > Sent: Friday, 21 May, 2010 17:14 > > > I'm trying to get the same result with the c# > RSACryptoServiceProvider class > > that 'openssl.exe rsautl ' gives me. > > > > The c# class wants more properties set before you can encrypt a > message. > > I can't help with C#, but this borders on an abstract crypto issue. > > > How can I obtain the parameters that 'openssl.exe rsautl' > implements. > > For example the exponent, q parameters, p parameters, dp, dq parameters, > etc. > > These are optional arguments for the c# class. > > Ex. Exponent = {1,0,1} > > d,p,q,dP,dQ,qInv are the components of an RSA private key that are not > in the public key. And except for the first, only in the CRT (Chinese > Remainder Theorem) form, which is used widely including by openssl. > If that 'exponent' is notated in bytes, it would be 65537 aka 'F4', > a commonly used value for the public exponent e. The private exponent > d must be much larger, and for usual e will appear random. > > > > openssl.exe rsautl -encrypt -inkey dir\\public.pem -pubin -in > filename -out encryptedfilename > > Aside: unless you're using a Unixoid shell glomped onto Windows, > like mingw, you usually don't need to specify .exe to find an > executable and don't need to double backslashes in pathnames. > > RSA encrypt, or verify, uses and should need only the public key, > which substantively consists only of e and n (where n = p * q). > The private key fields are needed, and generally should be used, > only for decrypt, or sign. That's the way public-key crypto works, > and provides certain (we hope useful!) security features. > You can see public.pem does not contain and this command can't use > private bits with openssl rsa -in public.pem -pubin -noout -text > (Note however that rsautl -decrypt does need the private key.) > > If some part of C# really demands a private key to RSA *encrypt*, > it is hopelessly broken and could never provide useful security. > Although M$ certainly makes mistakes from time to time, I would > be very surprised if they made such a basic and obvious one, so > I suspect your understanding is actually wrong. Perhaps you aren't > (correctly) doing something needed to tell it to be in encrypt mode, > or (more abstractly) to use a public rather than private RSA key. > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org >
