Arkady Frenkel

07-09-2005, 10:51 PM

Hi!

My question is do hash of public key is hash of it's Modulus or somehow

Exponent involved too

TIA

Arkady

My question is do hash of public key is hash of it's Modulus or somehow

Exponent involved too

TIA

Arkady

Arkady Frenkel

07-09-2005, 10:51 PM

Hi!

My question is do hash of public key is hash of it's Modulus or somehow

Exponent involved too

TIA

Arkady

My question is do hash of public key is hash of it's Modulus or somehow

Exponent involved too

TIA

Arkady

Arkady Frenkel

07-09-2005, 10:51 PM

In other words how I can receive BYTE[] PublicKey

from Modulus and Exponent ?

TIA

Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

> Hi!

> My question is do hash of public key is hash of it's Modulus or somehow

> Exponent involved too

> TIA

> Arkady

>

from Modulus and Exponent ?

TIA

Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

> Hi!

> My question is do hash of public key is hash of it's Modulus or somehow

> Exponent involved too

> TIA

> Arkady

>

Arkady Frenkel

07-09-2005, 10:51 PM

Tnx , no need.

Example from

http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

show that PublicKey is Modulus only

Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

> In other words how I can receive BYTE[] PublicKey

> from Modulus and Exponent ?

> TIA

> Arkady

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>> Hi!

>> My question is do hash of public key is hash of it's Modulus or somehow

>> Exponent involved too

>> TIA

>> Arkady

>>

>

>

Example from

http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

show that PublicKey is Modulus only

Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

> In other words how I can receive BYTE[] PublicKey

> from Modulus and Exponent ?

> TIA

> Arkady

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>> Hi!

>> My question is do hash of public key is hash of it's Modulus or somehow

>> Exponent involved too

>> TIA

>> Arkady

>>

>

>

Valery Pryamikov

07-09-2005, 10:51 PM

RSA public key consists of both modulus and exponent. That is btw. shown in

sample that you refer (exponent = {1,0,1} is standard recommended public

exponent - 0x1001 = 2^16+1).

If you are asking about public key token - the hash is calculated over

ASN1.DER sequence containing modulus and exponent both in big endian format

(ie. the form that is specified in PKCS#1).

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

> Tnx , no need.

> Example from

> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

> show that PublicKey is Modulus only

> Arkady

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>> In other words how I can receive BYTE[] PublicKey

>> from Modulus and Exponent ?

>> TIA

>> Arkady

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>> Hi!

>>> My question is do hash of public key is hash of it's Modulus or somehow

>>> Exponent involved too

>>> TIA

>>> Arkady

>>>

>>

>>

>

>

sample that you refer (exponent = {1,0,1} is standard recommended public

exponent - 0x1001 = 2^16+1).

If you are asking about public key token - the hash is calculated over

ASN1.DER sequence containing modulus and exponent both in big endian format

(ie. the form that is specified in PKCS#1).

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

> Tnx , no need.

> Example from

> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

> show that PublicKey is Modulus only

> Arkady

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>> In other words how I can receive BYTE[] PublicKey

>> from Modulus and Exponent ?

>> TIA

>> Arkady

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>> Hi!

>>> My question is do hash of public key is hash of it's Modulus or somehow

>>> Exponent involved too

>>> TIA

>>> Arkady

>>>

>>

>>

>

>

Arkady Frenkel

07-09-2005, 10:51 PM

Tnx for answer , I don't need public key token because it's 8 last bytes of

hash but hash itself and my question was if in calculation of such hash used

exponent and how. I see that number of bytes for hash calculation input is

128 exactly only modulus without exponent. If I need exponent to be used how

I set for byte array for hash function ?

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

> RSA public key consists of both modulus and exponent. That is btw. shown

> in sample that you refer (exponent = {1,0,1} is standard recommended

> public exponent - 0x1001 = 2^16+1).

> If you are asking about public key token - the hash is calculated over

> ASN1.DER sequence containing modulus and exponent both in big endian

> format (ie. the form that is specified in PKCS#1).

>

> -Valery.

> http://www.harper.no/valery

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>> Tnx , no need.

>> Example from

>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>> show that PublicKey is Modulus only

>> Arkady

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>> In other words how I can receive BYTE[] PublicKey

>>> from Modulus and Exponent ?

>>> TIA

>>> Arkady

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>> Hi!

>>>> My question is do hash of public key is hash of it's Modulus or somehow

>>>> Exponent involved too

>>>> TIA

>>>> Arkady

>>>>

>>>

>>>

>>

>>

>

hash but hash itself and my question was if in calculation of such hash used

exponent and how. I see that number of bytes for hash calculation input is

128 exactly only modulus without exponent. If I need exponent to be used how

I set for byte array for hash function ?

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

> RSA public key consists of both modulus and exponent. That is btw. shown

> in sample that you refer (exponent = {1,0,1} is standard recommended

> public exponent - 0x1001 = 2^16+1).

> If you are asking about public key token - the hash is calculated over

> ASN1.DER sequence containing modulus and exponent both in big endian

> format (ie. the form that is specified in PKCS#1).

>

> -Valery.

> http://www.harper.no/valery

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>> Tnx , no need.

>> Example from

>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>> show that PublicKey is Modulus only

>> Arkady

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>> In other words how I can receive BYTE[] PublicKey

>>> from Modulus and Exponent ?

>>> TIA

>>> Arkady

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>> Hi!

>>>> My question is do hash of public key is hash of it's Modulus or somehow

>>>> Exponent involved too

>>>> TIA

>>>> Arkady

>>>>

>>>

>>>

>>

>>

>

Valery Pryamikov

07-09-2005, 10:51 PM

It's not quite clear what you want to do with that hash ... and I'm sure

that you are aware that can calculate hash over whatever data you need

(whether it modulus or not) and the way you want...

but if I were you, I'd calculate the hash of valid publickey ASN1 DER

presentation (as per PKCS#1) which contain both modulus and public

exponent - gives unambiguous specification of hash source data format -

easier to interop ++.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

> Tnx for answer , I don't need public key token because it's 8 last bytes

> of hash but hash itself and my question was if in calculation of such hash

> used exponent and how. I see that number of bytes for hash calculation

> input is 128 exactly only modulus without exponent. If I need exponent to

> be used how I set for byte array for hash function ?

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>> RSA public key consists of both modulus and exponent. That is btw. shown

>> in sample that you refer (exponent = {1,0,1} is standard recommended

>> public exponent - 0x1001 = 2^16+1).

>> If you are asking about public key token - the hash is calculated over

>> ASN1.DER sequence containing modulus and exponent both in big endian

>> format (ie. the form that is specified in PKCS#1).

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>> Tnx , no need.

>>> Example from

>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>> show that PublicKey is Modulus only

>>> Arkady

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>> In other words how I can receive BYTE[] PublicKey

>>>> from Modulus and Exponent ?

>>>> TIA

>>>> Arkady

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>> Hi!

>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>> somehow Exponent involved too

>>>>> TIA

>>>>> Arkady

>>>>>

>>>>

>>>>

>>>

>>>

>>

>

>

that you are aware that can calculate hash over whatever data you need

(whether it modulus or not) and the way you want...

but if I were you, I'd calculate the hash of valid publickey ASN1 DER

presentation (as per PKCS#1) which contain both modulus and public

exponent - gives unambiguous specification of hash source data format -

easier to interop ++.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

> Tnx for answer , I don't need public key token because it's 8 last bytes

> of hash but hash itself and my question was if in calculation of such hash

> used exponent and how. I see that number of bytes for hash calculation

> input is 128 exactly only modulus without exponent. If I need exponent to

> be used how I set for byte array for hash function ?

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>> RSA public key consists of both modulus and exponent. That is btw. shown

>> in sample that you refer (exponent = {1,0,1} is standard recommended

>> public exponent - 0x1001 = 2^16+1).

>> If you are asking about public key token - the hash is calculated over

>> ASN1.DER sequence containing modulus and exponent both in big endian

>> format (ie. the form that is specified in PKCS#1).

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>> Tnx , no need.

>>> Example from

>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>> show that PublicKey is Modulus only

>>> Arkady

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>> In other words how I can receive BYTE[] PublicKey

>>>> from Modulus and Exponent ?

>>>> TIA

>>>> Arkady

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>> Hi!

>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>> somehow Exponent involved too

>>>>> TIA

>>>>> Arkady

>>>>>

>>>>

>>>>

>>>

>>>

>>

>

>

Arkady Frenkel

07-09-2005, 10:51 PM

So , how can I calculate hash with hush function which demand byte buffer of

128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's my

question

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...

> It's not quite clear what you want to do with that hash ... and I'm sure

> that you are aware that can calculate hash over whatever data you need

> (whether it modulus or not) and the way you want...

> but if I were you, I'd calculate the hash of valid publickey ASN1 DER

> presentation (as per PKCS#1) which contain both modulus and public

> exponent - gives unambiguous specification of hash source data format -

> easier to interop ++.

>

> -Valery.

> http://www.harper.no/valery

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

>> Tnx for answer , I don't need public key token because it's 8 last bytes

>> of hash but hash itself and my question was if in calculation of such

>> hash used exponent and how. I see that number of bytes for hash

>> calculation input is 128 exactly only modulus without exponent. If I need

>> exponent to be used how I set for byte array for hash function ?

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>>> RSA public key consists of both modulus and exponent. That is btw. shown

>>> in sample that you refer (exponent = {1,0,1} is standard recommended

>>> public exponent - 0x1001 = 2^16+1).

>>> If you are asking about public key token - the hash is calculated over

>>> ASN1.DER sequence containing modulus and exponent both in big endian

>>> format (ie. the form that is specified in PKCS#1).

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>>> Tnx , no need.

>>>> Example from

>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>>> show that PublicKey is Modulus only

>>>> Arkady

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>>> In other words how I can receive BYTE[] PublicKey

>>>>> from Modulus and Exponent ?

>>>>> TIA

>>>>> Arkady

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>>> Hi!

>>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>>> somehow Exponent involved too

>>>>>> TIA

>>>>>> Arkady

>>>>>>

>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>

128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's my

question

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...

> It's not quite clear what you want to do with that hash ... and I'm sure

> that you are aware that can calculate hash over whatever data you need

> (whether it modulus or not) and the way you want...

> but if I were you, I'd calculate the hash of valid publickey ASN1 DER

> presentation (as per PKCS#1) which contain both modulus and public

> exponent - gives unambiguous specification of hash source data format -

> easier to interop ++.

>

> -Valery.

> http://www.harper.no/valery

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

>> Tnx for answer , I don't need public key token because it's 8 last bytes

>> of hash but hash itself and my question was if in calculation of such

>> hash used exponent and how. I see that number of bytes for hash

>> calculation input is 128 exactly only modulus without exponent. If I need

>> exponent to be used how I set for byte array for hash function ?

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>>> RSA public key consists of both modulus and exponent. That is btw. shown

>>> in sample that you refer (exponent = {1,0,1} is standard recommended

>>> public exponent - 0x1001 = 2^16+1).

>>> If you are asking about public key token - the hash is calculated over

>>> ASN1.DER sequence containing modulus and exponent both in big endian

>>> format (ie. the form that is specified in PKCS#1).

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>>> Tnx , no need.

>>>> Example from

>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>>> show that PublicKey is Modulus only

>>>> Arkady

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>>> In other words how I can receive BYTE[] PublicKey

>>>>> from Modulus and Exponent ?

>>>>> TIA

>>>>> Arkady

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>>> Hi!

>>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>>> somehow Exponent involved too

>>>>>> TIA

>>>>>> Arkady

>>>>>>

>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>

Valery Pryamikov

07-09-2005, 10:51 PM

Which hash function demands byte buffer of size 128 bytes on input? I don't

know any such hash functions. The sole reason of existence of hash functions

is that they can get data of arbitrary length and return a fixed number.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...

> So , how can I calculate hash with hush function which demand byte buffer

> of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's my

> question

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...

>> It's not quite clear what you want to do with that hash ... and I'm sure

>> that you are aware that can calculate hash over whatever data you need

>> (whether it modulus or not) and the way you want...

>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER

>> presentation (as per PKCS#1) which contain both modulus and public

>> exponent - gives unambiguous specification of hash source data format -

>> easier to interop ++.

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

>>> Tnx for answer , I don't need public key token because it's 8 last bytes

>>> of hash but hash itself and my question was if in calculation of such

>>> hash used exponent and how. I see that number of bytes for hash

>>> calculation input is 128 exactly only modulus without exponent. If I

>>> need exponent to be used how I set for byte array for hash function ?

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>>>> RSA public key consists of both modulus and exponent. That is btw.

>>>> shown in sample that you refer (exponent = {1,0,1} is standard

>>>> recommended public exponent - 0x1001 = 2^16+1).

>>>> If you are asking about public key token - the hash is calculated over

>>>> ASN1.DER sequence containing modulus and exponent both in big endian

>>>> format (ie. the form that is specified in PKCS#1).

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>>>> Tnx , no need.

>>>>> Example from

>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>>>> show that PublicKey is Modulus only

>>>>> Arkady

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>>>> In other words how I can receive BYTE[] PublicKey

>>>>>> from Modulus and Exponent ?

>>>>>> TIA

>>>>>> Arkady

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>>>> Hi!

>>>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>>>> somehow Exponent involved too

>>>>>>> TIA

>>>>>>> Arkady

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>

>

know any such hash functions. The sole reason of existence of hash functions

is that they can get data of arbitrary length and return a fixed number.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...

> So , how can I calculate hash with hush function which demand byte buffer

> of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's my

> question

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...

>> It's not quite clear what you want to do with that hash ... and I'm sure

>> that you are aware that can calculate hash over whatever data you need

>> (whether it modulus or not) and the way you want...

>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER

>> presentation (as per PKCS#1) which contain both modulus and public

>> exponent - gives unambiguous specification of hash source data format -

>> easier to interop ++.

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

>>> Tnx for answer , I don't need public key token because it's 8 last bytes

>>> of hash but hash itself and my question was if in calculation of such

>>> hash used exponent and how. I see that number of bytes for hash

>>> calculation input is 128 exactly only modulus without exponent. If I

>>> need exponent to be used how I set for byte array for hash function ?

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>>>> RSA public key consists of both modulus and exponent. That is btw.

>>>> shown in sample that you refer (exponent = {1,0,1} is standard

>>>> recommended public exponent - 0x1001 = 2^16+1).

>>>> If you are asking about public key token - the hash is calculated over

>>>> ASN1.DER sequence containing modulus and exponent both in big endian

>>>> format (ie. the form that is specified in PKCS#1).

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>>>> Tnx , no need.

>>>>> Example from

>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>>>> show that PublicKey is Modulus only

>>>>> Arkady

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>>>> In other words how I can receive BYTE[] PublicKey

>>>>>> from Modulus and Exponent ?

>>>>>> TIA

>>>>>> Arkady

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>>>> Hi!

>>>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>>>> somehow Exponent involved too

>>>>>>> TIA

>>>>>>> Arkady

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>

>

Arkady Frenkel

07-09-2005, 10:51 PM

Sure hash function don't demand that ( my fault in description ) , I mean in

examples public key data of size 128 send to hash. And as examples show that

only modulus.

But I can't find if it enough or I need to do some calculation of modulus

and exponent to receive 128 bytes for hash

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:%23yL0Yt6WFHA.628@tk2msftngp13.phx.gbl...

> Which hash function demands byte buffer of size 128 bytes on input? I

> don't know any such hash functions. The sole reason of existence of hash

> functions is that they can get data of arbitrary length and return a fixed

> number.

>

> -Valery.

> http://www.harper.no/valery

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...

>> So , how can I calculate hash with hush function which demand byte buffer

>> of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's

>> my question

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...

>>> It's not quite clear what you want to do with that hash ... and I'm sure

>>> that you are aware that can calculate hash over whatever data you need

>>> (whether it modulus or not) and the way you want...

>>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER

>>> presentation (as per PKCS#1) which contain both modulus and public

>>> exponent - gives unambiguous specification of hash source data format -

>>> easier to interop ++.

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

>>>> Tnx for answer , I don't need public key token because it's 8 last

>>>> bytes of hash but hash itself and my question was if in calculation of

>>>> such hash used exponent and how. I see that number of bytes for hash

>>>> calculation input is 128 exactly only modulus without exponent. If I

>>>> need exponent to be used how I set for byte array for hash function ?

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>>>>> RSA public key consists of both modulus and exponent. That is btw.

>>>>> shown in sample that you refer (exponent = {1,0,1} is standard

>>>>> recommended public exponent - 0x1001 = 2^16+1).

>>>>> If you are asking about public key token - the hash is calculated over

>>>>> ASN1.DER sequence containing modulus and exponent both in big endian

>>>>> format (ie. the form that is specified in PKCS#1).

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>>>>> Tnx , no need.

>>>>>> Example from

>>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>>>>> show that PublicKey is Modulus only

>>>>>> Arkady

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>>>>> In other words how I can receive BYTE[] PublicKey

>>>>>>> from Modulus and Exponent ?

>>>>>>> TIA

>>>>>>> Arkady

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>>>>> Hi!

>>>>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>>>>> somehow Exponent involved too

>>>>>>>> TIA

>>>>>>>> Arkady

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>

examples public key data of size 128 send to hash. And as examples show that

only modulus.

But I can't find if it enough or I need to do some calculation of modulus

and exponent to receive 128 bytes for hash

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:%23yL0Yt6WFHA.628@tk2msftngp13.phx.gbl...

> Which hash function demands byte buffer of size 128 bytes on input? I

> don't know any such hash functions. The sole reason of existence of hash

> functions is that they can get data of arbitrary length and return a fixed

> number.

>

> -Valery.

> http://www.harper.no/valery

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...

>> So , how can I calculate hash with hush function which demand byte buffer

>> of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's

>> my question

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...

>>> It's not quite clear what you want to do with that hash ... and I'm sure

>>> that you are aware that can calculate hash over whatever data you need

>>> (whether it modulus or not) and the way you want...

>>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER

>>> presentation (as per PKCS#1) which contain both modulus and public

>>> exponent - gives unambiguous specification of hash source data format -

>>> easier to interop ++.

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

>>>> Tnx for answer , I don't need public key token because it's 8 last

>>>> bytes of hash but hash itself and my question was if in calculation of

>>>> such hash used exponent and how. I see that number of bytes for hash

>>>> calculation input is 128 exactly only modulus without exponent. If I

>>>> need exponent to be used how I set for byte array for hash function ?

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>>>>> RSA public key consists of both modulus and exponent. That is btw.

>>>>> shown in sample that you refer (exponent = {1,0,1} is standard

>>>>> recommended public exponent - 0x1001 = 2^16+1).

>>>>> If you are asking about public key token - the hash is calculated over

>>>>> ASN1.DER sequence containing modulus and exponent both in big endian

>>>>> format (ie. the form that is specified in PKCS#1).

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>>>>> Tnx , no need.

>>>>>> Example from

>>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>>>>> show that PublicKey is Modulus only

>>>>>> Arkady

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>>>>> In other words how I can receive BYTE[] PublicKey

>>>>>>> from Modulus and Exponent ?

>>>>>>> TIA

>>>>>>> Arkady

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>>>>> Hi!

>>>>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>>>>> somehow Exponent involved too

>>>>>>>> TIA

>>>>>>>> Arkady

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>

Valery Pryamikov

07-09-2005, 10:51 PM

Where did you find a hash in the examples that you refered in your post?

it talks about encryption - not hashing.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:OiN6qD7WFHA.2996@TK2MSFTNGP10.phx.gbl...

> Sure hash function don't demand that ( my fault in description ) , I mean

> in examples public key data of size 128 send to hash. And as examples show

> that only modulus.

> But I can't find if it enough or I need to do some calculation of modulus

> and exponent to receive 128 bytes for hash

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:%23yL0Yt6WFHA.628@tk2msftngp13.phx.gbl...

>> Which hash function demands byte buffer of size 128 bytes on input? I

>> don't know any such hash functions. The sole reason of existence of hash

>> functions is that they can get data of arbitrary length and return a

>> fixed number.

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...

>>> So , how can I calculate hash with hush function which demand byte

>>> buffer of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) .

>>> That's my question

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>> It's not quite clear what you want to do with that hash ... and I'm

>>>> sure that you are aware that can calculate hash over whatever data you

>>>> need (whether it modulus or not) and the way you want...

>>>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER

>>>> presentation (as per PKCS#1) which contain both modulus and public

>>>> exponent - gives unambiguous specification of hash source data format -

>>>> easier to interop ++.

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

>>>>> Tnx for answer , I don't need public key token because it's 8 last

>>>>> bytes of hash but hash itself and my question was if in calculation of

>>>>> such hash used exponent and how. I see that number of bytes for hash

>>>>> calculation input is 128 exactly only modulus without exponent. If I

>>>>> need exponent to be used how I set for byte array for hash function ?

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>>>>>> RSA public key consists of both modulus and exponent. That is btw.

>>>>>> shown in sample that you refer (exponent = {1,0,1} is standard

>>>>>> recommended public exponent - 0x1001 = 2^16+1).

>>>>>> If you are asking about public key token - the hash is calculated

>>>>>> over ASN1.DER sequence containing modulus and exponent both in big

>>>>>> endian format (ie. the form that is specified in PKCS#1).

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>>>>>> Tnx , no need.

>>>>>>> Example from

>>>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>>>>>> show that PublicKey is Modulus only

>>>>>>> Arkady

>>>>>>>

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>>>>>> In other words how I can receive BYTE[] PublicKey

>>>>>>>> from Modulus and Exponent ?

>>>>>>>> TIA

>>>>>>>> Arkady

>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>>>>>> Hi!

>>>>>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>>>>>> somehow Exponent involved too

>>>>>>>>> TIA

>>>>>>>>> Arkady

>>>>>>>>>

>>>>>>>>

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>

>

it talks about encryption - not hashing.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:OiN6qD7WFHA.2996@TK2MSFTNGP10.phx.gbl...

> Sure hash function don't demand that ( my fault in description ) , I mean

> in examples public key data of size 128 send to hash. And as examples show

> that only modulus.

> But I can't find if it enough or I need to do some calculation of modulus

> and exponent to receive 128 bytes for hash

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:%23yL0Yt6WFHA.628@tk2msftngp13.phx.gbl...

>> Which hash function demands byte buffer of size 128 bytes on input? I

>> don't know any such hash functions. The sole reason of existence of hash

>> functions is that they can get data of arbitrary length and return a

>> fixed number.

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...

>>> So , how can I calculate hash with hush function which demand byte

>>> buffer of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) .

>>> That's my question

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>> It's not quite clear what you want to do with that hash ... and I'm

>>>> sure that you are aware that can calculate hash over whatever data you

>>>> need (whether it modulus or not) and the way you want...

>>>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER

>>>> presentation (as per PKCS#1) which contain both modulus and public

>>>> exponent - gives unambiguous specification of hash source data format -

>>>> easier to interop ++.

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...

>>>>> Tnx for answer , I don't need public key token because it's 8 last

>>>>> bytes of hash but hash itself and my question was if in calculation of

>>>>> such hash used exponent and how. I see that number of bytes for hash

>>>>> calculation input is 128 exactly only modulus without exponent. If I

>>>>> need exponent to be used how I set for byte array for hash function ?

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...

>>>>>> RSA public key consists of both modulus and exponent. That is btw.

>>>>>> shown in sample that you refer (exponent = {1,0,1} is standard

>>>>>> recommended public exponent - 0x1001 = 2^16+1).

>>>>>> If you are asking about public key token - the hash is calculated

>>>>>> over ASN1.DER sequence containing modulus and exponent both in big

>>>>>> endian format (ie. the form that is specified in PKCS#1).

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...

>>>>>>> Tnx , no need.

>>>>>>> Example from

>>>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp

>>>>>>> show that PublicKey is Modulus only

>>>>>>> Arkady

>>>>>>>

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...

>>>>>>>> In other words how I can receive BYTE[] PublicKey

>>>>>>>> from Modulus and Exponent ?

>>>>>>>> TIA

>>>>>>>> Arkady

>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...

>>>>>>>>> Hi!

>>>>>>>>> My question is do hash of public key is hash of it's Modulus or

>>>>>>>>> somehow Exponent involved too

>>>>>>>>> TIA

>>>>>>>>> Arkady

>>>>>>>>>

>>>>>>>>

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>

>

Juan Segarra Montesinos

07-09-2005, 10:51 PM

On Wed, 18 May 2005, Arkady Frenkel wrote:

> Sure hash function don't demand that ( my fault in description ) , I mean in

> examples public key data of size 128 send to hash. And as examples show that

> only modulus.

> But I can't find if it enough or I need to do some calculation of modulus

> and exponent to receive 128 bytes for hash

> Arkady

Hash functions returns fixed length output on input of arbitrary length.

You don't need to feed the hash functions necessarily with 128 bytes. In

fact, if you want to calculate the id of your key (supose 1024 bits)

concatenating the modulus and the public exponent, your input will be of

128 + 4 (blobs use a DWORD for storing the public exponent) = 132 bytes.

Good luck.

---

Juan Segarra Montesinos

http://juan.nisu.org/

> Sure hash function don't demand that ( my fault in description ) , I mean in

> examples public key data of size 128 send to hash. And as examples show that

> only modulus.

> But I can't find if it enough or I need to do some calculation of modulus

> and exponent to receive 128 bytes for hash

> Arkady

Hash functions returns fixed length output on input of arbitrary length.

You don't need to feed the hash functions necessarily with 128 bytes. In

fact, if you want to calculate the id of your key (supose 1024 bits)

concatenating the modulus and the public exponent, your input will be of

128 + 4 (blobs use a DWORD for storing the public exponent) = 132 bytes.

Good luck.

---

Juan Segarra Montesinos

http://juan.nisu.org/

Arkady Frenkel

07-09-2005, 10:51 PM

That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used to

calculate hash of public key not 131 and not 132.But both of you didn't

answer my simple question what is algorithm of callculation hash from

public key so I see I have to try other group, indirectly I see both in

Windows and open source ( free ssl ) modulus used only but I'm not sure 100%

Arkady

"Juan Segarra Montesinos" <sa085144@anubis.uji.es> wrote in message

news:Pine.LNX.4.44.0505181907350.13174-100000@anubis.uji.es...

> On Wed, 18 May 2005, Arkady Frenkel wrote:

>

>> Sure hash function don't demand that ( my fault in description ) , I mean

>> in

>> examples public key data of size 128 send to hash. And as examples show

>> that

>> only modulus.

>> But I can't find if it enough or I need to do some calculation of modulus

>> and exponent to receive 128 bytes for hash

>> Arkady

>

>

> Hash functions returns fixed length output on input of arbitrary length.

> You don't need to feed the hash functions necessarily with 128 bytes. In

> fact, if you want to calculate the id of your key (supose 1024 bits)

> concatenating the modulus and the public exponent, your input will be of

> 128 + 4 (blobs use a DWORD for storing the public exponent) = 132 bytes.

>

> Good luck.

>

> ---

> Juan Segarra Montesinos

> http://juan.nisu.org/

>

calculate hash of public key not 131 and not 132.But both of you didn't

answer my simple question what is algorithm of callculation hash from

public key so I see I have to try other group, indirectly I see both in

Windows and open source ( free ssl ) modulus used only but I'm not sure 100%

Arkady

"Juan Segarra Montesinos" <sa085144@anubis.uji.es> wrote in message

news:Pine.LNX.4.44.0505181907350.13174-100000@anubis.uji.es...

> On Wed, 18 May 2005, Arkady Frenkel wrote:

>

>> Sure hash function don't demand that ( my fault in description ) , I mean

>> in

>> examples public key data of size 128 send to hash. And as examples show

>> that

>> only modulus.

>> But I can't find if it enough or I need to do some calculation of modulus

>> and exponent to receive 128 bytes for hash

>> Arkady

>

>

> Hash functions returns fixed length output on input of arbitrary length.

> You don't need to feed the hash functions necessarily with 128 bytes. In

> fact, if you want to calculate the id of your key (supose 1024 bits)

> concatenating the modulus and the public exponent, your input will be of

> 128 + 4 (blobs use a DWORD for storing the public exponent) = 132 bytes.

>

> Good luck.

>

> ---

> Juan Segarra Montesinos

> http://juan.nisu.org/

>

Valery Pryamikov

07-09-2005, 10:51 PM

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used to

> calculate hash of public key not 131 and not 132.But both of you didn't

> answer my simple question what is algorithm of callculation hash from

> public key so I see I have to try other group, indirectly I see both in

> Windows and open source ( free ssl ) modulus used only but I'm not sure

> 100%

> Arkady

>

Hmm,

at first you are asking a completely meaningless question. We've tried to

clarify your requirements hoping that would show you the answers that you

were looking for. Instead you simply repeat your meaningless question with

extra mumbling about some number that you taken from somewhere...

How to hash a public key? You take a hash function, send public key as a

parameter to a hash function and get the result. That's at least how it is

usually done.

And your "That not correct..." is in fact completely wrong.

Modulus and exponent are not measured in bytes, but in bits. You are

referring to 1024 bit modulus that becomes less and less used due to simple

fact that is providing less than 80 bits of security (and just a couple of

weeks ago 740 bits modulus 200 decimal digits was successfully factored).

Public exponent could be any number from 3 up to large integer that takes a

half of bits of modulus (not bigger than that, since small private exponents

are vulnerable to Weiner's attack). The only requirement for public and

private exponents in rsa is that e*d=1 mod phi(m), where phi(m) is Euler's

phi function and is (p-1)*(q-1).

In fact, on other platforms than Windows it's quite usual to have public

exponent of the same size as private exponent and about half-size of

modulus, because in this case you actually can use public key and private

key interchangeably...

But you know, what? I think that you were not really asking for help....

-Valery.

http://www.harper.no/valery

news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used to

> calculate hash of public key not 131 and not 132.But both of you didn't

> answer my simple question what is algorithm of callculation hash from

> public key so I see I have to try other group, indirectly I see both in

> Windows and open source ( free ssl ) modulus used only but I'm not sure

> 100%

> Arkady

>

Hmm,

at first you are asking a completely meaningless question. We've tried to

clarify your requirements hoping that would show you the answers that you

were looking for. Instead you simply repeat your meaningless question with

extra mumbling about some number that you taken from somewhere...

How to hash a public key? You take a hash function, send public key as a

parameter to a hash function and get the result. That's at least how it is

usually done.

And your "That not correct..." is in fact completely wrong.

Modulus and exponent are not measured in bytes, but in bits. You are

referring to 1024 bit modulus that becomes less and less used due to simple

fact that is providing less than 80 bits of security (and just a couple of

weeks ago 740 bits modulus 200 decimal digits was successfully factored).

Public exponent could be any number from 3 up to large integer that takes a

half of bits of modulus (not bigger than that, since small private exponents

are vulnerable to Weiner's attack). The only requirement for public and

private exponents in rsa is that e*d=1 mod phi(m), where phi(m) is Euler's

phi function and is (p-1)*(q-1).

In fact, on other platforms than Windows it's quite usual to have public

exponent of the same size as private exponent and about half-size of

modulus, because in this case you actually can use public key and private

key interchangeably...

But you know, what? I think that you were not really asking for help....

-Valery.

http://www.harper.no/valery

Arkady Frenkel

07-09-2005, 10:51 PM

I ask very simple question and really want to read practical advice : how to

calculate hash from public key , if you ( Valery ) want to think as I have

to calculate public key token ( really I don't need that ) , but before to

receive last 8 bytes ( token ) I have to receive all hash and that is my

simple question. Do I need to send array of bytes of Modulus only or both

( Modulus and Exponent which is 3 ( that I wrote about ) in the case of RSA?

I don't need theories of security algorithms and their output , just

practical answer on my simple question.

I have ( C# code ):

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

RSAParameters rsaresult = new RSAParameters();

rsaresult = rsa.ExportParameters(false);

Now I have public key in the rsaresult and want to know if modulus will be

enough for hash of public key , that's all I need . Like to extract token

( last reverced 8 bytes ) afterwards e.g.

byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or

something else + rsaresult.Exponent.GetLength(0) */];

rsaresult.Modulus.CopyTo(PKbytes,0);

// probably or something else

// rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

SHA1Managed sha = new SHA1Managed() ;

byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

All I want to know what have to be in PKbytes array to receive hash of

public key.

All I want practical answer on practical question ( please no theory , I

have enough books around me )

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used to

>> calculate hash of public key not 131 and not 132.But both of you didn't

>> answer my simple question what is algorithm of callculation hash from

>> public key so I see I have to try other group, indirectly I see both in

>> Windows and open source ( free ssl ) modulus used only but I'm not sure

>> 100%

>> Arkady

>>

> Hmm,

> at first you are asking a completely meaningless question. We've tried to

> clarify your requirements hoping that would show you the answers that you

> were looking for. Instead you simply repeat your meaningless question with

> extra mumbling about some number that you taken from somewhere...

> How to hash a public key? You take a hash function, send public key as a

> parameter to a hash function and get the result. That's at least how it is

> usually done.

> And your "That not correct..." is in fact completely wrong.

> Modulus and exponent are not measured in bytes, but in bits. You are

> referring to 1024 bit modulus that becomes less and less used due to

> simple fact that is providing less than 80 bits of security (and just a

> couple of weeks ago 740 bits modulus 200 decimal digits was successfully

> factored).

> Public exponent could be any number from 3 up to large integer that takes

> a half of bits of modulus (not bigger than that, since small private

> exponents are vulnerable to Weiner's attack). The only requirement for

> public and private exponents in rsa is that e*d=1 mod phi(m), where phi(m)

> is Euler's phi function and is (p-1)*(q-1).

> In fact, on other platforms than Windows it's quite usual to have public

> exponent of the same size as private exponent and about half-size of

> modulus, because in this case you actually can use public key and private

> key interchangeably...

>

> But you know, what? I think that you were not really asking for help....

>

> -Valery.

> http://www.harper.no/valery

>

calculate hash from public key , if you ( Valery ) want to think as I have

to calculate public key token ( really I don't need that ) , but before to

receive last 8 bytes ( token ) I have to receive all hash and that is my

simple question. Do I need to send array of bytes of Modulus only or both

( Modulus and Exponent which is 3 ( that I wrote about ) in the case of RSA?

I don't need theories of security algorithms and their output , just

practical answer on my simple question.

I have ( C# code ):

RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

RSAParameters rsaresult = new RSAParameters();

rsaresult = rsa.ExportParameters(false);

Now I have public key in the rsaresult and want to know if modulus will be

enough for hash of public key , that's all I need . Like to extract token

( last reverced 8 bytes ) afterwards e.g.

byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or

something else + rsaresult.Exponent.GetLength(0) */];

rsaresult.Modulus.CopyTo(PKbytes,0);

// probably or something else

// rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

SHA1Managed sha = new SHA1Managed() ;

byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

All I want to know what have to be in PKbytes array to receive hash of

public key.

All I want practical answer on practical question ( please no theory , I

have enough books around me )

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used to

>> calculate hash of public key not 131 and not 132.But both of you didn't

>> answer my simple question what is algorithm of callculation hash from

>> public key so I see I have to try other group, indirectly I see both in

>> Windows and open source ( free ssl ) modulus used only but I'm not sure

>> 100%

>> Arkady

>>

> Hmm,

> at first you are asking a completely meaningless question. We've tried to

> clarify your requirements hoping that would show you the answers that you

> were looking for. Instead you simply repeat your meaningless question with

> extra mumbling about some number that you taken from somewhere...

> How to hash a public key? You take a hash function, send public key as a

> parameter to a hash function and get the result. That's at least how it is

> usually done.

> And your "That not correct..." is in fact completely wrong.

> Modulus and exponent are not measured in bytes, but in bits. You are

> referring to 1024 bit modulus that becomes less and less used due to

> simple fact that is providing less than 80 bits of security (and just a

> couple of weeks ago 740 bits modulus 200 decimal digits was successfully

> factored).

> Public exponent could be any number from 3 up to large integer that takes

> a half of bits of modulus (not bigger than that, since small private

> exponents are vulnerable to Weiner's attack). The only requirement for

> public and private exponents in rsa is that e*d=1 mod phi(m), where phi(m)

> is Euler's phi function and is (p-1)*(q-1).

> In fact, on other platforms than Windows it's quite usual to have public

> exponent of the same size as private exponent and about half-size of

> modulus, because in this case you actually can use public key and private

> key interchangeably...

>

> But you know, what? I think that you were not really asking for help....

>

> -Valery.

> http://www.harper.no/valery

>

Valery Pryamikov

07-09-2005, 10:51 PM

I answered you several times you can hash your public key in many different

ways - all depends on your needs. Ex:

1. Calculate hash on concatenation of little endian modulus with little

endian exponent without conversions (little endian is presentation used by

CAPI);

2. Calculate hash on concatenation of little endian exponent with little

endian modulus without conversions;

3. Calculate hash of little endian modulus and state that you are expecting

standard recommended public exponent only 0x1001 and fail processing if

exponent is different.

4. Do as in 1, but convert both values to big endian;

5. Do as in 2, but convert both values to big endian;

6. Do as in 3, but convert modulus to big endian;

7. Do as in 1, but convert both values to ASN1;

8. Do as in 2, but convert both values to ASN1;

9. Do as in 3, but convert modulus to ASN1;

7. Do as in 1, but pack both values into xml format;

8. Do as in 2, but pack both values into xml format;

9. Do as in 3, but pack modulus into xml format;

10. any variation of all above;

11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER encoded

structure of public key as specified in PKCS#1 and calculate hash on that

blob;

14. In case if your public key is stored in certificate it is already in the

form as in 13 - retrieve public key blob and calculate hash on that blob;

I can add a hundred more practical suggestions on how to hash public key.

You didn't provide us with concrete requirements to make a single practical

suggestion. I have tried to explain that to you several times. I did write

that public key could be hashed in many different ways depending on your

requirements in several of my posts to that thread.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>I ask very simple question and really want to read practical advice : how

>to calculate hash from public key , if you ( Valery ) want to think as I

>have to calculate public key token ( really I don't need that ) , but

>before to receive last 8 bytes ( token ) I have to receive all hash and

>that is my simple question. Do I need to send array of bytes of Modulus

>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in

>the case of RSA? I don't need theories of security algorithms and their

>output , just practical answer on my simple question.

> I have ( C# code ):

> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>

> RSAParameters rsaresult = new RSAParameters();

>

> rsaresult = rsa.ExportParameters(false);

>

> Now I have public key in the rsaresult and want to know if modulus will be

> enough for hash of public key , that's all I need . Like to extract token

> ( last reverced 8 bytes ) afterwards e.g.

>

> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or

> something else + rsaresult.Exponent.GetLength(0) */];

>

> rsaresult.Modulus.CopyTo(PKbytes,0);

>

> // probably or something else

>

> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>

> SHA1Managed sha = new SHA1Managed() ;

>

> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>

> All I want to know what have to be in PKbytes array to receive hash of

>

> public key.

>

> All I want practical answer on practical question ( please no theory , I

> have enough books around me )

>

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used

>>> to calculate hash of public key not 131 and not 132.But both of you

>>> didn't answer my simple question what is algorithm of callculation hash

>>> from public key so I see I have to try other group, indirectly I see

>>> both in Windows and open source ( free ssl ) modulus used only but I'm

>>> not sure 100%

>>> Arkady

>>>

>> Hmm,

>> at first you are asking a completely meaningless question. We've tried to

>> clarify your requirements hoping that would show you the answers that you

>> were looking for. Instead you simply repeat your meaningless question

>> with extra mumbling about some number that you taken from somewhere...

>> How to hash a public key? You take a hash function, send public key as a

>> parameter to a hash function and get the result. That's at least how it

>> is usually done.

>> And your "That not correct..." is in fact completely wrong.

>> Modulus and exponent are not measured in bytes, but in bits. You are

>> referring to 1024 bit modulus that becomes less and less used due to

>> simple fact that is providing less than 80 bits of security (and just a

>> couple of weeks ago 740 bits modulus 200 decimal digits was successfully

>> factored).

>> Public exponent could be any number from 3 up to large integer that takes

>> a half of bits of modulus (not bigger than that, since small private

>> exponents are vulnerable to Weiner's attack). The only requirement for

>> public and private exponents in rsa is that e*d=1 mod phi(m), where

>> phi(m) is Euler's phi function and is (p-1)*(q-1).

>> In fact, on other platforms than Windows it's quite usual to have public

>> exponent of the same size as private exponent and about half-size of

>> modulus, because in this case you actually can use public key and private

>> key interchangeably...

>>

>> But you know, what? I think that you were not really asking for help....

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>

>

ways - all depends on your needs. Ex:

1. Calculate hash on concatenation of little endian modulus with little

endian exponent without conversions (little endian is presentation used by

CAPI);

2. Calculate hash on concatenation of little endian exponent with little

endian modulus without conversions;

3. Calculate hash of little endian modulus and state that you are expecting

standard recommended public exponent only 0x1001 and fail processing if

exponent is different.

4. Do as in 1, but convert both values to big endian;

5. Do as in 2, but convert both values to big endian;

6. Do as in 3, but convert modulus to big endian;

7. Do as in 1, but convert both values to ASN1;

8. Do as in 2, but convert both values to ASN1;

9. Do as in 3, but convert modulus to ASN1;

7. Do as in 1, but pack both values into xml format;

8. Do as in 2, but pack both values into xml format;

9. Do as in 3, but pack modulus into xml format;

10. any variation of all above;

11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER encoded

structure of public key as specified in PKCS#1 and calculate hash on that

blob;

14. In case if your public key is stored in certificate it is already in the

form as in 13 - retrieve public key blob and calculate hash on that blob;

I can add a hundred more practical suggestions on how to hash public key.

You didn't provide us with concrete requirements to make a single practical

suggestion. I have tried to explain that to you several times. I did write

that public key could be hashed in many different ways depending on your

requirements in several of my posts to that thread.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>I ask very simple question and really want to read practical advice : how

>to calculate hash from public key , if you ( Valery ) want to think as I

>have to calculate public key token ( really I don't need that ) , but

>before to receive last 8 bytes ( token ) I have to receive all hash and

>that is my simple question. Do I need to send array of bytes of Modulus

>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in

>the case of RSA? I don't need theories of security algorithms and their

>output , just practical answer on my simple question.

> I have ( C# code ):

> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>

> RSAParameters rsaresult = new RSAParameters();

>

> rsaresult = rsa.ExportParameters(false);

>

> Now I have public key in the rsaresult and want to know if modulus will be

> enough for hash of public key , that's all I need . Like to extract token

> ( last reverced 8 bytes ) afterwards e.g.

>

> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or

> something else + rsaresult.Exponent.GetLength(0) */];

>

> rsaresult.Modulus.CopyTo(PKbytes,0);

>

> // probably or something else

>

> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>

> SHA1Managed sha = new SHA1Managed() ;

>

> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>

> All I want to know what have to be in PKbytes array to receive hash of

>

> public key.

>

> All I want practical answer on practical question ( please no theory , I

> have enough books around me )

>

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used

>>> to calculate hash of public key not 131 and not 132.But both of you

>>> didn't answer my simple question what is algorithm of callculation hash

>>> from public key so I see I have to try other group, indirectly I see

>>> both in Windows and open source ( free ssl ) modulus used only but I'm

>>> not sure 100%

>>> Arkady

>>>

>> Hmm,

>> at first you are asking a completely meaningless question. We've tried to

>> clarify your requirements hoping that would show you the answers that you

>> were looking for. Instead you simply repeat your meaningless question

>> with extra mumbling about some number that you taken from somewhere...

>> How to hash a public key? You take a hash function, send public key as a

>> parameter to a hash function and get the result. That's at least how it

>> is usually done.

>> And your "That not correct..." is in fact completely wrong.

>> Modulus and exponent are not measured in bytes, but in bits. You are

>> referring to 1024 bit modulus that becomes less and less used due to

>> simple fact that is providing less than 80 bits of security (and just a

>> couple of weeks ago 740 bits modulus 200 decimal digits was successfully

>> factored).

>> Public exponent could be any number from 3 up to large integer that takes

>> a half of bits of modulus (not bigger than that, since small private

>> exponents are vulnerable to Weiner's attack). The only requirement for

>> public and private exponents in rsa is that e*d=1 mod phi(m), where

>> phi(m) is Euler's phi function and is (p-1)*(q-1).

>> In fact, on other platforms than Windows it's quite usual to have public

>> exponent of the same size as private exponent and about half-size of

>> modulus, because in this case you actually can use public key and private

>> key interchangeably...

>>

>> But you know, what? I think that you were not really asking for help....

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>

>

Arkady Frenkel

07-09-2005, 10:51 PM

No , I can't do it on my own .

I need the way MSFT use it ( at least ) because I do it for UPnP device and

other devices ( not mine obviously like PC can be UPnP device too , WiFi ,

cameras and so on ) receive that hashed value as identification ID due to

UPnP security spec, so I can't do on my own but at least as MSFT do that and

in managed code ( so can't use (C)API ).

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>I answered you several times you can hash your public key in many different

>ways - all depends on your needs. Ex:

> 1. Calculate hash on concatenation of little endian modulus with little

> endian exponent without conversions (little endian is presentation used by

> CAPI);

> 2. Calculate hash on concatenation of little endian exponent with little

> endian modulus without conversions;

> 3. Calculate hash of little endian modulus and state that you are

> expecting standard recommended public exponent only 0x1001 and fail

> processing if exponent is different.

> 4. Do as in 1, but convert both values to big endian;

> 5. Do as in 2, but convert both values to big endian;

> 6. Do as in 3, but convert modulus to big endian;

> 7. Do as in 1, but convert both values to ASN1;

> 8. Do as in 2, but convert both values to ASN1;

> 9. Do as in 3, but convert modulus to ASN1;

> 7. Do as in 1, but pack both values into xml format;

> 8. Do as in 2, but pack both values into xml format;

> 9. Do as in 3, but pack modulus into xml format;

> 10. any variation of all above;

> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

> encoded structure of public key as specified in PKCS#1 and calculate hash

> on that blob;

> 14. In case if your public key is stored in certificate it is already in

> the form as in 13 - retrieve public key blob and calculate hash on that

> blob;

>

> I can add a hundred more practical suggestions on how to hash public key.

> You didn't provide us with concrete requirements to make a single

> practical suggestion. I have tried to explain that to you several times.

> I did write that public key could be hashed in many different ways

> depending on your requirements in several of my posts to that thread.

>

> -Valery.

> http://www.harper.no/valery

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>I ask very simple question and really want to read practical advice : how

>>to calculate hash from public key , if you ( Valery ) want to think as I

>>have to calculate public key token ( really I don't need that ) , but

>>before to receive last 8 bytes ( token ) I have to receive all hash and

>>that is my simple question. Do I need to send array of bytes of Modulus

>>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in

>>the case of RSA? I don't need theories of security algorithms and their

>>output , just practical answer on my simple question.

>> I have ( C# code ):

>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>

>> RSAParameters rsaresult = new RSAParameters();

>>

>> rsaresult = rsa.ExportParameters(false);

>>

>> Now I have public key in the rsaresult and want to know if modulus will

>> be enough for hash of public key , that's all I need . Like to extract

>> token ( last reverced 8 bytes ) afterwards e.g.

>>

>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or

>> something else + rsaresult.Exponent.GetLength(0) */];

>>

>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>

>> // probably or something else

>>

>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>

>> SHA1Managed sha = new SHA1Managed() ;

>>

>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>

>> All I want to know what have to be in PKbytes array to receive hash of

>>

>> public key.

>>

>> All I want practical answer on practical question ( please no theory , I

>> have enough books around me )

>>

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used

>>>> to calculate hash of public key not 131 and not 132.But both of you

>>>> didn't answer my simple question what is algorithm of callculation hash

>>>> from public key so I see I have to try other group, indirectly I see

>>>> both in Windows and open source ( free ssl ) modulus used only but I'm

>>>> not sure 100%

>>>> Arkady

>>>>

>>> Hmm,

>>> at first you are asking a completely meaningless question. We've tried

>>> to clarify your requirements hoping that would show you the answers that

>>> you were looking for. Instead you simply repeat your meaningless

>>> question with extra mumbling about some number that you taken from

>>> somewhere...

>>> How to hash a public key? You take a hash function, send public key as a

>>> parameter to a hash function and get the result. That's at least how it

>>> is usually done.

>>> And your "That not correct..." is in fact completely wrong.

>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>> referring to 1024 bit modulus that becomes less and less used due to

>>> simple fact that is providing less than 80 bits of security (and just a

>>> couple of weeks ago 740 bits modulus 200 decimal digits was successfully

>>> factored).

>>> Public exponent could be any number from 3 up to large integer that

>>> takes a half of bits of modulus (not bigger than that, since small

>>> private exponents are vulnerable to Weiner's attack). The only

>>> requirement for public and private exponents in rsa is that e*d=1 mod

>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>> In fact, on other platforms than Windows it's quite usual to have public

>>> exponent of the same size as private exponent and about half-size of

>>> modulus, because in this case you actually can use public key and

>>> private key interchangeably...

>>>

>>> But you know, what? I think that you were not really asking for help....

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>

>>

>

I need the way MSFT use it ( at least ) because I do it for UPnP device and

other devices ( not mine obviously like PC can be UPnP device too , WiFi ,

cameras and so on ) receive that hashed value as identification ID due to

UPnP security spec, so I can't do on my own but at least as MSFT do that and

in managed code ( so can't use (C)API ).

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>I answered you several times you can hash your public key in many different

>ways - all depends on your needs. Ex:

> 1. Calculate hash on concatenation of little endian modulus with little

> endian exponent without conversions (little endian is presentation used by

> CAPI);

> 2. Calculate hash on concatenation of little endian exponent with little

> endian modulus without conversions;

> 3. Calculate hash of little endian modulus and state that you are

> expecting standard recommended public exponent only 0x1001 and fail

> processing if exponent is different.

> 4. Do as in 1, but convert both values to big endian;

> 5. Do as in 2, but convert both values to big endian;

> 6. Do as in 3, but convert modulus to big endian;

> 7. Do as in 1, but convert both values to ASN1;

> 8. Do as in 2, but convert both values to ASN1;

> 9. Do as in 3, but convert modulus to ASN1;

> 7. Do as in 1, but pack both values into xml format;

> 8. Do as in 2, but pack both values into xml format;

> 9. Do as in 3, but pack modulus into xml format;

> 10. any variation of all above;

> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

> encoded structure of public key as specified in PKCS#1 and calculate hash

> on that blob;

> 14. In case if your public key is stored in certificate it is already in

> the form as in 13 - retrieve public key blob and calculate hash on that

> blob;

>

> I can add a hundred more practical suggestions on how to hash public key.

> You didn't provide us with concrete requirements to make a single

> practical suggestion. I have tried to explain that to you several times.

> I did write that public key could be hashed in many different ways

> depending on your requirements in several of my posts to that thread.

>

> -Valery.

> http://www.harper.no/valery

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>I ask very simple question and really want to read practical advice : how

>>to calculate hash from public key , if you ( Valery ) want to think as I

>>have to calculate public key token ( really I don't need that ) , but

>>before to receive last 8 bytes ( token ) I have to receive all hash and

>>that is my simple question. Do I need to send array of bytes of Modulus

>>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in

>>the case of RSA? I don't need theories of security algorithms and their

>>output , just practical answer on my simple question.

>> I have ( C# code ):

>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>

>> RSAParameters rsaresult = new RSAParameters();

>>

>> rsaresult = rsa.ExportParameters(false);

>>

>> Now I have public key in the rsaresult and want to know if modulus will

>> be enough for hash of public key , that's all I need . Like to extract

>> token ( last reverced 8 bytes ) afterwards e.g.

>>

>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or

>> something else + rsaresult.Exponent.GetLength(0) */];

>>

>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>

>> // probably or something else

>>

>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>

>> SHA1Managed sha = new SHA1Managed() ;

>>

>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>

>> All I want to know what have to be in PKbytes array to receive hash of

>>

>> public key.

>>

>> All I want practical answer on practical question ( please no theory , I

>> have enough books around me )

>>

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used

>>>> to calculate hash of public key not 131 and not 132.But both of you

>>>> didn't answer my simple question what is algorithm of callculation hash

>>>> from public key so I see I have to try other group, indirectly I see

>>>> both in Windows and open source ( free ssl ) modulus used only but I'm

>>>> not sure 100%

>>>> Arkady

>>>>

>>> Hmm,

>>> at first you are asking a completely meaningless question. We've tried

>>> to clarify your requirements hoping that would show you the answers that

>>> you were looking for. Instead you simply repeat your meaningless

>>> question with extra mumbling about some number that you taken from

>>> somewhere...

>>> How to hash a public key? You take a hash function, send public key as a

>>> parameter to a hash function and get the result. That's at least how it

>>> is usually done.

>>> And your "That not correct..." is in fact completely wrong.

>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>> referring to 1024 bit modulus that becomes less and less used due to

>>> simple fact that is providing less than 80 bits of security (and just a

>>> couple of weeks ago 740 bits modulus 200 decimal digits was successfully

>>> factored).

>>> Public exponent could be any number from 3 up to large integer that

>>> takes a half of bits of modulus (not bigger than that, since small

>>> private exponents are vulnerable to Weiner's attack). The only

>>> requirement for public and private exponents in rsa is that e*d=1 mod

>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>> In fact, on other platforms than Windows it's quite usual to have public

>>> exponent of the same size as private exponent and about half-size of

>>> modulus, because in this case you actually can use public key and

>>> private key interchangeably...

>>>

>>> But you know, what? I think that you were not really asking for help....

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>

>>

>

Valery Pryamikov

07-09-2005, 10:51 PM

Well, that was the first time you actually revealed some of your

requirements :-).

in that case - you need to hash ASN1.DER encodded public key structure as it

is specified in PKCS#1. This is the same form of public key as publickey

blob stored inside X509 certificates and you can do it with managed code

only. In case if you can use interop to CAPI, or use .Net 2.0. - it would

spare you some low-level conversion work.

Check Mitch Gallant's web site for good description of ASN1 encoding from

..Net framework:

http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

For a sample aplication that uses a lot of C# to CAPI interop and does lots

of public key related processing you can check my old PPC Certificate

Manager sample:

http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

> No , I can't do it on my own .

> I need the way MSFT use it ( at least ) because I do it for UPnP device

> and other devices ( not mine obviously like PC can be UPnP device too ,

> WiFi , cameras and so on ) receive that hashed value as identification ID

> due to UPnP security spec, so I can't do on my own but at least as MSFT do

> that and in managed code ( so can't use (C)API ).

>

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>I answered you several times you can hash your public key in many

>>different ways - all depends on your needs. Ex:

>> 1. Calculate hash on concatenation of little endian modulus with little

>> endian exponent without conversions (little endian is presentation used

>> by CAPI);

>> 2. Calculate hash on concatenation of little endian exponent with little

>> endian modulus without conversions;

>> 3. Calculate hash of little endian modulus and state that you are

>> expecting standard recommended public exponent only 0x1001 and fail

>> processing if exponent is different.

>> 4. Do as in 1, but convert both values to big endian;

>> 5. Do as in 2, but convert both values to big endian;

>> 6. Do as in 3, but convert modulus to big endian;

>> 7. Do as in 1, but convert both values to ASN1;

>> 8. Do as in 2, but convert both values to ASN1;

>> 9. Do as in 3, but convert modulus to ASN1;

>> 7. Do as in 1, but pack both values into xml format;

>> 8. Do as in 2, but pack both values into xml format;

>> 9. Do as in 3, but pack modulus into xml format;

>> 10. any variation of all above;

>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>> encoded structure of public key as specified in PKCS#1 and calculate hash

>> on that blob;

>> 14. In case if your public key is stored in certificate it is already in

>> the form as in 13 - retrieve public key blob and calculate hash on that

>> blob;

>>

>> I can add a hundred more practical suggestions on how to hash public key.

>> You didn't provide us with concrete requirements to make a single

>> practical suggestion. I have tried to explain that to you several times.

>> I did write that public key could be hashed in many different ways

>> depending on your requirements in several of my posts to that thread.

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>I ask very simple question and really want to read practical advice : how

>>>to calculate hash from public key , if you ( Valery ) want to think as I

>>>have to calculate public key token ( really I don't need that ) , but

>>>before to receive last 8 bytes ( token ) I have to receive all hash and

>>>that is my simple question. Do I need to send array of bytes of Modulus

>>>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in

>>>the case of RSA? I don't need theories of security algorithms and their

>>>output , just practical answer on my simple question.

>>> I have ( C# code ):

>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>

>>> RSAParameters rsaresult = new RSAParameters();

>>>

>>> rsaresult = rsa.ExportParameters(false);

>>>

>>> Now I have public key in the rsaresult and want to know if modulus will

>>> be enough for hash of public key , that's all I need . Like to extract

>>> token ( last reverced 8 bytes ) afterwards e.g.

>>>

>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or

>>> something else + rsaresult.Exponent.GetLength(0) */];

>>>

>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>

>>> // probably or something else

>>>

>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>

>>> SHA1Managed sha = new SHA1Managed() ;

>>>

>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>

>>> All I want to know what have to be in PKbytes array to receive hash of

>>>

>>> public key.

>>>

>>> All I want practical answer on practical question ( please no theory , I

>>> have enough books around me )

>>>

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used

>>>>> to calculate hash of public key not 131 and not 132.But both of you

>>>>> didn't answer my simple question what is algorithm of callculation

>>>>> hash from public key so I see I have to try other group, indirectly I

>>>>> see both in Windows and open source ( free ssl ) modulus used only but

>>>>> I'm not sure 100%

>>>>> Arkady

>>>>>

>>>> Hmm,

>>>> at first you are asking a completely meaningless question. We've tried

>>>> to clarify your requirements hoping that would show you the answers

>>>> that you were looking for. Instead you simply repeat your meaningless

>>>> question with extra mumbling about some number that you taken from

>>>> somewhere...

>>>> How to hash a public key? You take a hash function, send public key as

>>>> a parameter to a hash function and get the result. That's at least how

>>>> it is usually done.

>>>> And your "That not correct..." is in fact completely wrong.

>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>> simple fact that is providing less than 80 bits of security (and just a

>>>> couple of weeks ago 740 bits modulus 200 decimal digits was

>>>> successfully factored).

>>>> Public exponent could be any number from 3 up to large integer that

>>>> takes a half of bits of modulus (not bigger than that, since small

>>>> private exponents are vulnerable to Weiner's attack). The only

>>>> requirement for public and private exponents in rsa is that e*d=1 mod

>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>> In fact, on other platforms than Windows it's quite usual to have

>>>> public exponent of the same size as private exponent and about

>>>> half-size of modulus, because in this case you actually can use public

>>>> key and private key interchangeably...

>>>>

>>>> But you know, what? I think that you were not really asking for

>>>> help....

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>

>>>

>>

>

>

requirements :-).

in that case - you need to hash ASN1.DER encodded public key structure as it

is specified in PKCS#1. This is the same form of public key as publickey

blob stored inside X509 certificates and you can do it with managed code

only. In case if you can use interop to CAPI, or use .Net 2.0. - it would

spare you some low-level conversion work.

Check Mitch Gallant's web site for good description of ASN1 encoding from

..Net framework:

http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

For a sample aplication that uses a lot of C# to CAPI interop and does lots

of public key related processing you can check my old PPC Certificate

Manager sample:

http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

> No , I can't do it on my own .

> I need the way MSFT use it ( at least ) because I do it for UPnP device

> and other devices ( not mine obviously like PC can be UPnP device too ,

> WiFi , cameras and so on ) receive that hashed value as identification ID

> due to UPnP security spec, so I can't do on my own but at least as MSFT do

> that and in managed code ( so can't use (C)API ).

>

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>I answered you several times you can hash your public key in many

>>different ways - all depends on your needs. Ex:

>> 1. Calculate hash on concatenation of little endian modulus with little

>> endian exponent without conversions (little endian is presentation used

>> by CAPI);

>> 2. Calculate hash on concatenation of little endian exponent with little

>> endian modulus without conversions;

>> 3. Calculate hash of little endian modulus and state that you are

>> expecting standard recommended public exponent only 0x1001 and fail

>> processing if exponent is different.

>> 4. Do as in 1, but convert both values to big endian;

>> 5. Do as in 2, but convert both values to big endian;

>> 6. Do as in 3, but convert modulus to big endian;

>> 7. Do as in 1, but convert both values to ASN1;

>> 8. Do as in 2, but convert both values to ASN1;

>> 9. Do as in 3, but convert modulus to ASN1;

>> 7. Do as in 1, but pack both values into xml format;

>> 8. Do as in 2, but pack both values into xml format;

>> 9. Do as in 3, but pack modulus into xml format;

>> 10. any variation of all above;

>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>> encoded structure of public key as specified in PKCS#1 and calculate hash

>> on that blob;

>> 14. In case if your public key is stored in certificate it is already in

>> the form as in 13 - retrieve public key blob and calculate hash on that

>> blob;

>>

>> I can add a hundred more practical suggestions on how to hash public key.

>> You didn't provide us with concrete requirements to make a single

>> practical suggestion. I have tried to explain that to you several times.

>> I did write that public key could be hashed in many different ways

>> depending on your requirements in several of my posts to that thread.

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>I ask very simple question and really want to read practical advice : how

>>>to calculate hash from public key , if you ( Valery ) want to think as I

>>>have to calculate public key token ( really I don't need that ) , but

>>>before to receive last 8 bytes ( token ) I have to receive all hash and

>>>that is my simple question. Do I need to send array of bytes of Modulus

>>>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in

>>>the case of RSA? I don't need theories of security algorithms and their

>>>output , just practical answer on my simple question.

>>> I have ( C# code ):

>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>

>>> RSAParameters rsaresult = new RSAParameters();

>>>

>>> rsaresult = rsa.ExportParameters(false);

>>>

>>> Now I have public key in the rsaresult and want to know if modulus will

>>> be enough for hash of public key , that's all I need . Like to extract

>>> token ( last reverced 8 bytes ) afterwards e.g.

>>>

>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or

>>> something else + rsaresult.Exponent.GetLength(0) */];

>>>

>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>

>>> // probably or something else

>>>

>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>

>>> SHA1Managed sha = new SHA1Managed() ;

>>>

>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>

>>> All I want to know what have to be in PKbytes array to receive hash of

>>>

>>> public key.

>>>

>>> All I want practical answer on practical question ( please no theory , I

>>> have enough books around me )

>>>

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used

>>>>> to calculate hash of public key not 131 and not 132.But both of you

>>>>> didn't answer my simple question what is algorithm of callculation

>>>>> hash from public key so I see I have to try other group, indirectly I

>>>>> see both in Windows and open source ( free ssl ) modulus used only but

>>>>> I'm not sure 100%

>>>>> Arkady

>>>>>

>>>> Hmm,

>>>> at first you are asking a completely meaningless question. We've tried

>>>> to clarify your requirements hoping that would show you the answers

>>>> that you were looking for. Instead you simply repeat your meaningless

>>>> question with extra mumbling about some number that you taken from

>>>> somewhere...

>>>> How to hash a public key? You take a hash function, send public key as

>>>> a parameter to a hash function and get the result. That's at least how

>>>> it is usually done.

>>>> And your "That not correct..." is in fact completely wrong.

>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>> simple fact that is providing less than 80 bits of security (and just a

>>>> couple of weeks ago 740 bits modulus 200 decimal digits was

>>>> successfully factored).

>>>> Public exponent could be any number from 3 up to large integer that

>>>> takes a half of bits of modulus (not bigger than that, since small

>>>> private exponents are vulnerable to Weiner's attack). The only

>>>> requirement for public and private exponents in rsa is that e*d=1 mod

>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>> In fact, on other platforms than Windows it's quite usual to have

>>>> public exponent of the same size as private exponent and about

>>>> half-size of modulus, because in this case you actually can use public

>>>> key and private key interchangeably...

>>>>

>>>> But you know, what? I think that you were not really asking for

>>>> help....

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>

>>>

>>

>

>

Arkady Frenkel

07-09-2005, 10:51 PM

Tnx Valery , I'm out of office and have take some to learn the stuff

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

> Well, that was the first time you actually revealed some of your

> requirements :-).

> in that case - you need to hash ASN1.DER encodded public key structure as

> it is specified in PKCS#1. This is the same form of public key as

> publickey blob stored inside X509 certificates and you can do it with

> managed code only. In case if you can use interop to CAPI, or use .Net

> 2.0. - it would spare you some low-level conversion work.

> Check Mitch Gallant's web site for good description of ASN1 encoding from

> .Net framework:

> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>

> For a sample aplication that uses a lot of C# to CAPI interop and does

> lots of public key related processing you can check my old PPC Certificate

> Manager sample:

> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>

> -Valery.

> http://www.harper.no/valery

>

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>> No , I can't do it on my own .

>> I need the way MSFT use it ( at least ) because I do it for UPnP device

>> and other devices ( not mine obviously like PC can be UPnP device too ,

>> WiFi , cameras and so on ) receive that hashed value as identification ID

>> due to UPnP security spec, so I can't do on my own but at least as MSFT

>> do that and in managed code ( so can't use (C)API ).

>>

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>I answered you several times you can hash your public key in many

>>>different ways - all depends on your needs. Ex:

>>> 1. Calculate hash on concatenation of little endian modulus with little

>>> endian exponent without conversions (little endian is presentation used

>>> by CAPI);

>>> 2. Calculate hash on concatenation of little endian exponent with little

>>> endian modulus without conversions;

>>> 3. Calculate hash of little endian modulus and state that you are

>>> expecting standard recommended public exponent only 0x1001 and fail

>>> processing if exponent is different.

>>> 4. Do as in 1, but convert both values to big endian;

>>> 5. Do as in 2, but convert both values to big endian;

>>> 6. Do as in 3, but convert modulus to big endian;

>>> 7. Do as in 1, but convert both values to ASN1;

>>> 8. Do as in 2, but convert both values to ASN1;

>>> 9. Do as in 3, but convert modulus to ASN1;

>>> 7. Do as in 1, but pack both values into xml format;

>>> 8. Do as in 2, but pack both values into xml format;

>>> 9. Do as in 3, but pack modulus into xml format;

>>> 10. any variation of all above;

>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>> encoded structure of public key as specified in PKCS#1 and calculate

>>> hash on that blob;

>>> 14. In case if your public key is stored in certificate it is already in

>>> the form as in 13 - retrieve public key blob and calculate hash on that

>>> blob;

>>>

>>> I can add a hundred more practical suggestions on how to hash public

>>> key. You didn't provide us with concrete requirements to make a single

>>> practical suggestion. I have tried to explain that to you several times.

>>> I did write that public key could be hashed in many different ways

>>> depending on your requirements in several of my posts to that thread.

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>I ask very simple question and really want to read practical advice :

>>>>how to calculate hash from public key , if you ( Valery ) want to think

>>>>as I have to calculate public key token ( really I don't need that ) ,

>>>>but before to receive last 8 bytes ( token ) I have to receive all hash

>>>>and that is my simple question. Do I need to send array of bytes of

>>>>Modulus only or both ( Modulus and Exponent which is 3 ( that I wrote

>>>>about ) in the case of RSA? I don't need theories of security algorithms

>>>>and their output , just practical answer on my simple question.

>>>> I have ( C# code ):

>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>

>>>> RSAParameters rsaresult = new RSAParameters();

>>>>

>>>> rsaresult = rsa.ExportParameters(false);

>>>>

>>>> Now I have public key in the rsaresult and want to know if modulus will

>>>> be enough for hash of public key , that's all I need . Like to extract

>>>> token ( last reverced 8 bytes ) afterwards e.g.

>>>>

>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably

>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>

>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>

>>>> // probably or something else

>>>>

>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>

>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>

>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>

>>>> All I want to know what have to be in PKbytes array to receive hash of

>>>>

>>>> public key.

>>>>

>>>> All I want practical answer on practical question ( please no theory ,

>>>> I have enough books around me )

>>>>

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>> used to calculate hash of public key not 131 and not 132.But both of

>>>>>> you didn't answer my simple question what is algorithm of

>>>>>> callculation hash from public key so I see I have to try other

>>>>>> group, indirectly I see both in Windows and open source ( free ssl )

>>>>>> modulus used only but I'm not sure 100%

>>>>>> Arkady

>>>>>>

>>>>> Hmm,

>>>>> at first you are asking a completely meaningless question. We've tried

>>>>> to clarify your requirements hoping that would show you the answers

>>>>> that you were looking for. Instead you simply repeat your meaningless

>>>>> question with extra mumbling about some number that you taken from

>>>>> somewhere...

>>>>> How to hash a public key? You take a hash function, send public key as

>>>>> a parameter to a hash function and get the result. That's at least how

>>>>> it is usually done.

>>>>> And your "That not correct..." is in fact completely wrong.

>>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>>> simple fact that is providing less than 80 bits of security (and just

>>>>> a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>> successfully factored).

>>>>> Public exponent could be any number from 3 up to large integer that

>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>> requirement for public and private exponents in rsa is that e*d=1 mod

>>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>> public exponent of the same size as private exponent and about

>>>>> half-size of modulus, because in this case you actually can use public

>>>>> key and private key interchangeably...

>>>>>

>>>>> But you know, what? I think that you were not really asking for

>>>>> help....

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>

>>>>

>>>

>>

>>

>

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

> Well, that was the first time you actually revealed some of your

> requirements :-).

> in that case - you need to hash ASN1.DER encodded public key structure as

> it is specified in PKCS#1. This is the same form of public key as

> publickey blob stored inside X509 certificates and you can do it with

> managed code only. In case if you can use interop to CAPI, or use .Net

> 2.0. - it would spare you some low-level conversion work.

> Check Mitch Gallant's web site for good description of ASN1 encoding from

> .Net framework:

> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>

> For a sample aplication that uses a lot of C# to CAPI interop and does

> lots of public key related processing you can check my old PPC Certificate

> Manager sample:

> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>

> -Valery.

> http://www.harper.no/valery

>

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>> No , I can't do it on my own .

>> I need the way MSFT use it ( at least ) because I do it for UPnP device

>> and other devices ( not mine obviously like PC can be UPnP device too ,

>> WiFi , cameras and so on ) receive that hashed value as identification ID

>> due to UPnP security spec, so I can't do on my own but at least as MSFT

>> do that and in managed code ( so can't use (C)API ).

>>

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>I answered you several times you can hash your public key in many

>>>different ways - all depends on your needs. Ex:

>>> 1. Calculate hash on concatenation of little endian modulus with little

>>> endian exponent without conversions (little endian is presentation used

>>> by CAPI);

>>> 2. Calculate hash on concatenation of little endian exponent with little

>>> endian modulus without conversions;

>>> 3. Calculate hash of little endian modulus and state that you are

>>> expecting standard recommended public exponent only 0x1001 and fail

>>> processing if exponent is different.

>>> 4. Do as in 1, but convert both values to big endian;

>>> 5. Do as in 2, but convert both values to big endian;

>>> 6. Do as in 3, but convert modulus to big endian;

>>> 7. Do as in 1, but convert both values to ASN1;

>>> 8. Do as in 2, but convert both values to ASN1;

>>> 9. Do as in 3, but convert modulus to ASN1;

>>> 7. Do as in 1, but pack both values into xml format;

>>> 8. Do as in 2, but pack both values into xml format;

>>> 9. Do as in 3, but pack modulus into xml format;

>>> 10. any variation of all above;

>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>> encoded structure of public key as specified in PKCS#1 and calculate

>>> hash on that blob;

>>> 14. In case if your public key is stored in certificate it is already in

>>> the form as in 13 - retrieve public key blob and calculate hash on that

>>> blob;

>>>

>>> I can add a hundred more practical suggestions on how to hash public

>>> key. You didn't provide us with concrete requirements to make a single

>>> practical suggestion. I have tried to explain that to you several times.

>>> I did write that public key could be hashed in many different ways

>>> depending on your requirements in several of my posts to that thread.

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>I ask very simple question and really want to read practical advice :

>>>>how to calculate hash from public key , if you ( Valery ) want to think

>>>>as I have to calculate public key token ( really I don't need that ) ,

>>>>but before to receive last 8 bytes ( token ) I have to receive all hash

>>>>and that is my simple question. Do I need to send array of bytes of

>>>>Modulus only or both ( Modulus and Exponent which is 3 ( that I wrote

>>>>about ) in the case of RSA? I don't need theories of security algorithms

>>>>and their output , just practical answer on my simple question.

>>>> I have ( C# code ):

>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>

>>>> RSAParameters rsaresult = new RSAParameters();

>>>>

>>>> rsaresult = rsa.ExportParameters(false);

>>>>

>>>> Now I have public key in the rsaresult and want to know if modulus will

>>>> be enough for hash of public key , that's all I need . Like to extract

>>>> token ( last reverced 8 bytes ) afterwards e.g.

>>>>

>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably

>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>

>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>

>>>> // probably or something else

>>>>

>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>

>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>

>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>

>>>> All I want to know what have to be in PKbytes array to receive hash of

>>>>

>>>> public key.

>>>>

>>>> All I want practical answer on practical question ( please no theory ,

>>>> I have enough books around me )

>>>>

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>> used to calculate hash of public key not 131 and not 132.But both of

>>>>>> you didn't answer my simple question what is algorithm of

>>>>>> callculation hash from public key so I see I have to try other

>>>>>> group, indirectly I see both in Windows and open source ( free ssl )

>>>>>> modulus used only but I'm not sure 100%

>>>>>> Arkady

>>>>>>

>>>>> Hmm,

>>>>> at first you are asking a completely meaningless question. We've tried

>>>>> to clarify your requirements hoping that would show you the answers

>>>>> that you were looking for. Instead you simply repeat your meaningless

>>>>> question with extra mumbling about some number that you taken from

>>>>> somewhere...

>>>>> How to hash a public key? You take a hash function, send public key as

>>>>> a parameter to a hash function and get the result. That's at least how

>>>>> it is usually done.

>>>>> And your "That not correct..." is in fact completely wrong.

>>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>>> simple fact that is providing less than 80 bits of security (and just

>>>>> a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>> successfully factored).

>>>>> Public exponent could be any number from 3 up to large integer that

>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>> requirement for public and private exponents in rsa is that e*d=1 mod

>>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>> public exponent of the same size as private exponent and about

>>>>> half-size of modulus, because in this case you actually can use public

>>>>> key and private key interchangeably...

>>>>>

>>>>> But you know, what? I think that you were not really asking for

>>>>> help....

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>

>>>>

>>>

>>

>>

>

Arkady Frenkel

07-09-2005, 10:52 PM

Let's continue:)..

I'll return to ASN.DER afterwards but now I want to dig into .NET format. I

did keypair file with sn.exe end extracted public key from it to file. Now I

can read it and make the hash of it with next :

myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

FileMode.Open, FileAccess.Read));

....

byte []pk;

pk = myAssembly.GetName().GetPublicKey();

SHA1Managed sha = new SHA1Managed() ;

byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

byte []pt;

pt = myAssembly.GetName().GetPublicKeyToken();

And I see that reversed 8 last bytes of p[] are the same as

GetPublicKeyToken() return , so I see that all 160 bytes of Public key .Net

struct used for hash .

I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is

length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

PUBLICKEYBLOB.

Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004

in my case.

TIA

Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

> Tnx Valery , I'm out of office and have take some to learn the stuff

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>> Well, that was the first time you actually revealed some of your

>> requirements :-).

>> in that case - you need to hash ASN1.DER encodded public key structure as

>> it is specified in PKCS#1. This is the same form of public key as

>> publickey blob stored inside X509 certificates and you can do it with

>> managed code only. In case if you can use interop to CAPI, or use .Net

>> 2.0. - it would spare you some low-level conversion work.

>> Check Mitch Gallant's web site for good description of ASN1 encoding from

>> .Net framework:

>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>

>> For a sample aplication that uses a lot of C# to CAPI interop and does

>> lots of public key related processing you can check my old PPC

>> Certificate Manager sample:

>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>> No , I can't do it on my own .

>>> I need the way MSFT use it ( at least ) because I do it for UPnP device

>>> and other devices ( not mine obviously like PC can be UPnP device too ,

>>> WiFi , cameras and so on ) receive that hashed value as identification

>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>I answered you several times you can hash your public key in many

>>>>different ways - all depends on your needs. Ex:

>>>> 1. Calculate hash on concatenation of little endian modulus with little

>>>> endian exponent without conversions (little endian is presentation used

>>>> by CAPI);

>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>> little endian modulus without conversions;

>>>> 3. Calculate hash of little endian modulus and state that you are

>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>> processing if exponent is different.

>>>> 4. Do as in 1, but convert both values to big endian;

>>>> 5. Do as in 2, but convert both values to big endian;

>>>> 6. Do as in 3, but convert modulus to big endian;

>>>> 7. Do as in 1, but convert both values to ASN1;

>>>> 8. Do as in 2, but convert both values to ASN1;

>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>> 7. Do as in 1, but pack both values into xml format;

>>>> 8. Do as in 2, but pack both values into xml format;

>>>> 9. Do as in 3, but pack modulus into xml format;

>>>> 10. any variation of all above;

>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>> hash on that blob;

>>>> 14. In case if your public key is stored in certificate it is already

>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>> that blob;

>>>>

>>>> I can add a hundred more practical suggestions on how to hash public

>>>> key. You didn't provide us with concrete requirements to make a single

>>>> practical suggestion. I have tried to explain that to you several

>>>> times. I did write that public key could be hashed in many different

>>>> ways depending on your requirements in several of my posts to that

>>>> thread.

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>I ask very simple question and really want to read practical advice :

>>>>>how to calculate hash from public key , if you ( Valery ) want to think

>>>>>as I have to calculate public key token ( really I don't need that ) ,

>>>>>but before to receive last 8 bytes ( token ) I have to receive all hash

>>>>>and that is my simple question. Do I need to send array of bytes of

>>>>>Modulus only or both ( Modulus and Exponent which is 3 ( that I wrote

>>>>>about ) in the case of RSA? I don't need theories of security

>>>>>algorithms and their output , just practical answer on my simple

>>>>>question.

>>>>> I have ( C# code ):

>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>

>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>

>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>

>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>

>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably

>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>

>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>

>>>>> // probably or something else

>>>>>

>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>

>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>

>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>

>>>>> All I want to know what have to be in PKbytes array to receive hash of

>>>>>

>>>>> public key.

>>>>>

>>>>> All I want practical answer on practical question ( please no theory ,

>>>>> I have enough books around me )

>>>>>

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>> used to calculate hash of public key not 131 and not 132.But both of

>>>>>>> you didn't answer my simple question what is algorithm of

>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>> group, indirectly I see both in Windows and open source ( free ssl )

>>>>>>> modulus used only but I'm not sure 100%

>>>>>>> Arkady

>>>>>>>

>>>>>> Hmm,

>>>>>> at first you are asking a completely meaningless question. We've

>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>> meaningless question with extra mumbling about some number that you

>>>>>> taken from somewhere...

>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>> as a parameter to a hash function and get the result. That's at least

>>>>>> how it is usually done.

>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>>>> simple fact that is providing less than 80 bits of security (and just

>>>>>> a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>> successfully factored).

>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>> requirement for public and private exponents in rsa is that e*d=1 mod

>>>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>> public exponent of the same size as private exponent and about

>>>>>> half-size of modulus, because in this case you actually can use

>>>>>> public key and private key interchangeably...

>>>>>>

>>>>>> But you know, what? I think that you were not really asking for

>>>>>> help....

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>

>

I'll return to ASN.DER afterwards but now I want to dig into .NET format. I

did keypair file with sn.exe end extracted public key from it to file. Now I

can read it and make the hash of it with next :

myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

FileMode.Open, FileAccess.Read));

....

byte []pk;

pk = myAssembly.GetName().GetPublicKey();

SHA1Managed sha = new SHA1Managed() ;

byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

byte []pt;

pt = myAssembly.GetName().GetPublicKeyToken();

And I see that reversed 8 last bytes of p[] are the same as

GetPublicKeyToken() return , so I see that all 160 bytes of Public key .Net

struct used for hash .

I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is

length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

PUBLICKEYBLOB.

Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004

in my case.

TIA

Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

> Tnx Valery , I'm out of office and have take some to learn the stuff

> Arkady

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>> Well, that was the first time you actually revealed some of your

>> requirements :-).

>> in that case - you need to hash ASN1.DER encodded public key structure as

>> it is specified in PKCS#1. This is the same form of public key as

>> publickey blob stored inside X509 certificates and you can do it with

>> managed code only. In case if you can use interop to CAPI, or use .Net

>> 2.0. - it would spare you some low-level conversion work.

>> Check Mitch Gallant's web site for good description of ASN1 encoding from

>> .Net framework:

>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>

>> For a sample aplication that uses a lot of C# to CAPI interop and does

>> lots of public key related processing you can check my old PPC

>> Certificate Manager sample:

>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>> No , I can't do it on my own .

>>> I need the way MSFT use it ( at least ) because I do it for UPnP device

>>> and other devices ( not mine obviously like PC can be UPnP device too ,

>>> WiFi , cameras and so on ) receive that hashed value as identification

>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>I answered you several times you can hash your public key in many

>>>>different ways - all depends on your needs. Ex:

>>>> 1. Calculate hash on concatenation of little endian modulus with little

>>>> endian exponent without conversions (little endian is presentation used

>>>> by CAPI);

>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>> little endian modulus without conversions;

>>>> 3. Calculate hash of little endian modulus and state that you are

>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>> processing if exponent is different.

>>>> 4. Do as in 1, but convert both values to big endian;

>>>> 5. Do as in 2, but convert both values to big endian;

>>>> 6. Do as in 3, but convert modulus to big endian;

>>>> 7. Do as in 1, but convert both values to ASN1;

>>>> 8. Do as in 2, but convert both values to ASN1;

>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>> 7. Do as in 1, but pack both values into xml format;

>>>> 8. Do as in 2, but pack both values into xml format;

>>>> 9. Do as in 3, but pack modulus into xml format;

>>>> 10. any variation of all above;

>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>> hash on that blob;

>>>> 14. In case if your public key is stored in certificate it is already

>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>> that blob;

>>>>

>>>> I can add a hundred more practical suggestions on how to hash public

>>>> key. You didn't provide us with concrete requirements to make a single

>>>> practical suggestion. I have tried to explain that to you several

>>>> times. I did write that public key could be hashed in many different

>>>> ways depending on your requirements in several of my posts to that

>>>> thread.

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>I ask very simple question and really want to read practical advice :

>>>>>how to calculate hash from public key , if you ( Valery ) want to think

>>>>>as I have to calculate public key token ( really I don't need that ) ,

>>>>>but before to receive last 8 bytes ( token ) I have to receive all hash

>>>>>and that is my simple question. Do I need to send array of bytes of

>>>>>Modulus only or both ( Modulus and Exponent which is 3 ( that I wrote

>>>>>about ) in the case of RSA? I don't need theories of security

>>>>>algorithms and their output , just practical answer on my simple

>>>>>question.

>>>>> I have ( C# code ):

>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>

>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>

>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>

>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>

>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably

>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>

>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>

>>>>> // probably or something else

>>>>>

>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>

>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>

>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>

>>>>> All I want to know what have to be in PKbytes array to receive hash of

>>>>>

>>>>> public key.

>>>>>

>>>>> All I want practical answer on practical question ( please no theory ,

>>>>> I have enough books around me )

>>>>>

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>> used to calculate hash of public key not 131 and not 132.But both of

>>>>>>> you didn't answer my simple question what is algorithm of

>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>> group, indirectly I see both in Windows and open source ( free ssl )

>>>>>>> modulus used only but I'm not sure 100%

>>>>>>> Arkady

>>>>>>>

>>>>>> Hmm,

>>>>>> at first you are asking a completely meaningless question. We've

>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>> meaningless question with extra mumbling about some number that you

>>>>>> taken from somewhere...

>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>> as a parameter to a hash function and get the result. That's at least

>>>>>> how it is usually done.

>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>>>> simple fact that is providing less than 80 bits of security (and just

>>>>>> a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>> successfully factored).

>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>> requirement for public and private exponents in rsa is that e*d=1 mod

>>>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>> public exponent of the same size as private exponent and about

>>>>>> half-size of modulus, because in this case you actually can use

>>>>>> public key and private key interchangeably...

>>>>>>

>>>>>> But you know, what? I think that you were not really asking for

>>>>>> help....

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>

>

Arkady Frenkel

07-09-2005, 10:52 PM

Additionally Valery : why public key differ when I do -pt from PairKey.snk

file and the PublicKey.snk file extracted from the previous one ?

TIA

Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

> Let's continue:)..

> I'll return to ASN.DER afterwards but now I want to dig into .NET format.

> I did keypair file with sn.exe end extracted public key from it to file.

> Now I can read it and make the hash of it with next :

>

> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

> FileMode.Open, FileAccess.Read));

>

> ...

>

> byte []pk;

>

> pk = myAssembly.GetName().GetPublicKey();

>

> SHA1Managed sha = new SHA1Managed() ;

>

> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>

> byte []pt;

>

> pt = myAssembly.GetName().GetPublicKeyToken();

>

> And I see that reversed 8 last bytes of p[] are the same as

> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

> .Net struct used for hash .

>

> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is

> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

> PUBLICKEYBLOB.

> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004

> in my case.

>

> TIA

> Arkady

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>> Tnx Valery , I'm out of office and have take some to learn the stuff

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>> Well, that was the first time you actually revealed some of your

>>> requirements :-).

>>> in that case - you need to hash ASN1.DER encodded public key structure

>>> as it is specified in PKCS#1. This is the same form of public key as

>>> publickey blob stored inside X509 certificates and you can do it with

>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>> 2.0. - it would spare you some low-level conversion work.

>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>> from .Net framework:

>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>

>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>> lots of public key related processing you can check my old PPC

>>> Certificate Manager sample:

>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>> No , I can't do it on my own .

>>>> I need the way MSFT use it ( at least ) because I do it for UPnP device

>>>> and other devices ( not mine obviously like PC can be UPnP device too ,

>>>> WiFi , cameras and so on ) receive that hashed value as identification

>>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>I answered you several times you can hash your public key in many

>>>>>different ways - all depends on your needs. Ex:

>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>> little endian exponent without conversions (little endian is

>>>>> presentation used by CAPI);

>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>> little endian modulus without conversions;

>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>> processing if exponent is different.

>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>> 10. any variation of all above;

>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>> hash on that blob;

>>>>> 14. In case if your public key is stored in certificate it is already

>>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>>> that blob;

>>>>>

>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>> key. You didn't provide us with concrete requirements to make a single

>>>>> practical suggestion. I have tried to explain that to you several

>>>>> times. I did write that public key could be hashed in many different

>>>>> ways depending on your requirements in several of my posts to that

>>>>> thread.

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>I ask very simple question and really want to read practical advice :

>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which is

>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of

>>>>>>security algorithms and their output , just practical answer on my

>>>>>>simple question.

>>>>>> I have ( C# code ):

>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>

>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>

>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>

>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>

>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably

>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>

>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>

>>>>>> // probably or something else

>>>>>>

>>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>

>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>

>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>

>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>> of

>>>>>>

>>>>>> public key.

>>>>>>

>>>>>> All I want practical answer on practical question ( please no theory

>>>>>> , I have enough books around me )

>>>>>>

>>>>>> Arkady

>>>>>>

>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>> Arkady

>>>>>>>>

>>>>>>> Hmm,

>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>> meaningless question with extra mumbling about some number that you

>>>>>>> taken from somewhere...

>>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>> least how it is usually done.

>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>>> successfully factored).

>>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>> public exponent of the same size as private exponent and about

>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>> public key and private key interchangeably...

>>>>>>>

>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>> help....

>>>>>>>

>>>>>>> -Valery.

>>>>>>> http://www.harper.no/valery

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>

>

file and the PublicKey.snk file extracted from the previous one ?

TIA

Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

> Let's continue:)..

> I'll return to ASN.DER afterwards but now I want to dig into .NET format.

> I did keypair file with sn.exe end extracted public key from it to file.

> Now I can read it and make the hash of it with next :

>

> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

> FileMode.Open, FileAccess.Read));

>

> ...

>

> byte []pk;

>

> pk = myAssembly.GetName().GetPublicKey();

>

> SHA1Managed sha = new SHA1Managed() ;

>

> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>

> byte []pt;

>

> pt = myAssembly.GetName().GetPublicKeyToken();

>

> And I see that reversed 8 last bytes of p[] are the same as

> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

> .Net struct used for hash .

>

> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is

> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

> PUBLICKEYBLOB.

> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004

> in my case.

>

> TIA

> Arkady

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>> Tnx Valery , I'm out of office and have take some to learn the stuff

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>> Well, that was the first time you actually revealed some of your

>>> requirements :-).

>>> in that case - you need to hash ASN1.DER encodded public key structure

>>> as it is specified in PKCS#1. This is the same form of public key as

>>> publickey blob stored inside X509 certificates and you can do it with

>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>> 2.0. - it would spare you some low-level conversion work.

>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>> from .Net framework:

>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>

>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>> lots of public key related processing you can check my old PPC

>>> Certificate Manager sample:

>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>> No , I can't do it on my own .

>>>> I need the way MSFT use it ( at least ) because I do it for UPnP device

>>>> and other devices ( not mine obviously like PC can be UPnP device too ,

>>>> WiFi , cameras and so on ) receive that hashed value as identification

>>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>I answered you several times you can hash your public key in many

>>>>>different ways - all depends on your needs. Ex:

>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>> little endian exponent without conversions (little endian is

>>>>> presentation used by CAPI);

>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>> little endian modulus without conversions;

>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>> processing if exponent is different.

>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>> 10. any variation of all above;

>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>> hash on that blob;

>>>>> 14. In case if your public key is stored in certificate it is already

>>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>>> that blob;

>>>>>

>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>> key. You didn't provide us with concrete requirements to make a single

>>>>> practical suggestion. I have tried to explain that to you several

>>>>> times. I did write that public key could be hashed in many different

>>>>> ways depending on your requirements in several of my posts to that

>>>>> thread.

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>I ask very simple question and really want to read practical advice :

>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which is

>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of

>>>>>>security algorithms and their output , just practical answer on my

>>>>>>simple question.

>>>>>> I have ( C# code ):

>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>

>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>

>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>

>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>

>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably

>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>

>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>

>>>>>> // probably or something else

>>>>>>

>>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>

>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>

>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>

>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>> of

>>>>>>

>>>>>> public key.

>>>>>>

>>>>>> All I want practical answer on practical question ( please no theory

>>>>>> , I have enough books around me )

>>>>>>

>>>>>> Arkady

>>>>>>

>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>> Arkady

>>>>>>>>

>>>>>>> Hmm,

>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>> meaningless question with extra mumbling about some number that you

>>>>>>> taken from somewhere...

>>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>> least how it is usually done.

>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>>> successfully factored).

>>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>> public exponent of the same size as private exponent and about

>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>> public key and private key interchangeably...

>>>>>>>

>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>> help....

>>>>>>>

>>>>>>> -Valery.

>>>>>>> http://www.harper.no/valery

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>

>

Valery Pryamikov

07-09-2005, 10:52 PM

myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public key

as

RSAPublicKey ::= SEQUENCE {

modulus INTEGER,

publicExponent INTEGER

}

it means - it contain sequence's tag, size of the content, and big-endian

integers for modulus and publicExponent. Modulus is prepended 0x0 byte for

ensuring that leading bit will always be 0. Check your pk array to see

binary presentation. snk file contains information recorded in different way

that is proprietary and undocumented (except for code that comes with

Rotor). Strongname.h only contains definition of PublicKeyBlob that consist

of some extra information, but PublicKey inside of this structure is

ASN1.DER encoded structure. For playing with public keys (and other ASN

structures) you can use ASNDump utility (just Google for it).

Arkady, I've told you about ASN1. from my first post to that thread. Can

you, please, check the information I already gave you before asking any

further questions...

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

> Let's continue:)..

> I'll return to ASN.DER afterwards but now I want to dig into .NET format.

> I did keypair file with sn.exe end extracted public key from it to file.

> Now I can read it and make the hash of it with next :

>

> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

> FileMode.Open, FileAccess.Read));

>

> ...

>

> byte []pk;

>

> pk = myAssembly.GetName().GetPublicKey();

>

> SHA1Managed sha = new SHA1Managed() ;

>

> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>

> byte []pt;

>

> pt = myAssembly.GetName().GetPublicKeyToken();

>

> And I see that reversed 8 last bytes of p[] are the same as

> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

> .Net struct used for hash .

>

> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is

> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

> PUBLICKEYBLOB.

> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004

> in my case.

>

> TIA

> Arkady

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>> Tnx Valery , I'm out of office and have take some to learn the stuff

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>> Well, that was the first time you actually revealed some of your

>>> requirements :-).

>>> in that case - you need to hash ASN1.DER encodded public key structure

>>> as it is specified in PKCS#1. This is the same form of public key as

>>> publickey blob stored inside X509 certificates and you can do it with

>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>> 2.0. - it would spare you some low-level conversion work.

>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>> from .Net framework:

>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>

>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>> lots of public key related processing you can check my old PPC

>>> Certificate Manager sample:

>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>> No , I can't do it on my own .

>>>> I need the way MSFT use it ( at least ) because I do it for UPnP device

>>>> and other devices ( not mine obviously like PC can be UPnP device too ,

>>>> WiFi , cameras and so on ) receive that hashed value as identification

>>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>I answered you several times you can hash your public key in many

>>>>>different ways - all depends on your needs. Ex:

>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>> little endian exponent without conversions (little endian is

>>>>> presentation used by CAPI);

>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>> little endian modulus without conversions;

>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>> processing if exponent is different.

>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>> 10. any variation of all above;

>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>> hash on that blob;

>>>>> 14. In case if your public key is stored in certificate it is already

>>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>>> that blob;

>>>>>

>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>> key. You didn't provide us with concrete requirements to make a single

>>>>> practical suggestion. I have tried to explain that to you several

>>>>> times. I did write that public key could be hashed in many different

>>>>> ways depending on your requirements in several of my posts to that

>>>>> thread.

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>I ask very simple question and really want to read practical advice :

>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which is

>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of

>>>>>>security algorithms and their output , just practical answer on my

>>>>>>simple question.

>>>>>> I have ( C# code ):

>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>

>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>

>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>

>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>

>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably

>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>

>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>

>>>>>> // probably or something else

>>>>>>

>>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>

>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>

>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>

>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>> of

>>>>>>

>>>>>> public key.

>>>>>>

>>>>>> All I want practical answer on practical question ( please no theory

>>>>>> , I have enough books around me )

>>>>>>

>>>>>> Arkady

>>>>>>

>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>> Arkady

>>>>>>>>

>>>>>>> Hmm,

>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>> meaningless question with extra mumbling about some number that you

>>>>>>> taken from somewhere...

>>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>> least how it is usually done.

>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>>> successfully factored).

>>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>> public exponent of the same size as private exponent and about

>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>> public key and private key interchangeably...

>>>>>>>

>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>> help....

>>>>>>>

>>>>>>> -Valery.

>>>>>>> http://www.harper.no/valery

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>

>

as

RSAPublicKey ::= SEQUENCE {

modulus INTEGER,

publicExponent INTEGER

}

it means - it contain sequence's tag, size of the content, and big-endian

integers for modulus and publicExponent. Modulus is prepended 0x0 byte for

ensuring that leading bit will always be 0. Check your pk array to see

binary presentation. snk file contains information recorded in different way

that is proprietary and undocumented (except for code that comes with

Rotor). Strongname.h only contains definition of PublicKeyBlob that consist

of some extra information, but PublicKey inside of this structure is

ASN1.DER encoded structure. For playing with public keys (and other ASN

structures) you can use ASNDump utility (just Google for it).

Arkady, I've told you about ASN1. from my first post to that thread. Can

you, please, check the information I already gave you before asking any

further questions...

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

> Let's continue:)..

> I'll return to ASN.DER afterwards but now I want to dig into .NET format.

> I did keypair file with sn.exe end extracted public key from it to file.

> Now I can read it and make the hash of it with next :

>

> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

> FileMode.Open, FileAccess.Read));

>

> ...

>

> byte []pk;

>

> pk = myAssembly.GetName().GetPublicKey();

>

> SHA1Managed sha = new SHA1Managed() ;

>

> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>

> byte []pt;

>

> pt = myAssembly.GetName().GetPublicKeyToken();

>

> And I see that reversed 8 last bytes of p[] are the same as

> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

> .Net struct used for hash .

>

> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is

> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

> PUBLICKEYBLOB.

> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004

> in my case.

>

> TIA

> Arkady

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>> Tnx Valery , I'm out of office and have take some to learn the stuff

>> Arkady

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>> Well, that was the first time you actually revealed some of your

>>> requirements :-).

>>> in that case - you need to hash ASN1.DER encodded public key structure

>>> as it is specified in PKCS#1. This is the same form of public key as

>>> publickey blob stored inside X509 certificates and you can do it with

>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>> 2.0. - it would spare you some low-level conversion work.

>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>> from .Net framework:

>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>

>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>> lots of public key related processing you can check my old PPC

>>> Certificate Manager sample:

>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>> No , I can't do it on my own .

>>>> I need the way MSFT use it ( at least ) because I do it for UPnP device

>>>> and other devices ( not mine obviously like PC can be UPnP device too ,

>>>> WiFi , cameras and so on ) receive that hashed value as identification

>>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>I answered you several times you can hash your public key in many

>>>>>different ways - all depends on your needs. Ex:

>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>> little endian exponent without conversions (little endian is

>>>>> presentation used by CAPI);

>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>> little endian modulus without conversions;

>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>> processing if exponent is different.

>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>> 10. any variation of all above;

>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>> hash on that blob;

>>>>> 14. In case if your public key is stored in certificate it is already

>>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>>> that blob;

>>>>>

>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>> key. You didn't provide us with concrete requirements to make a single

>>>>> practical suggestion. I have tried to explain that to you several

>>>>> times. I did write that public key could be hashed in many different

>>>>> ways depending on your requirements in several of my posts to that

>>>>> thread.

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>I ask very simple question and really want to read practical advice :

>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which is

>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of

>>>>>>security algorithms and their output , just practical answer on my

>>>>>>simple question.

>>>>>> I have ( C# code ):

>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>

>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>

>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>

>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>

>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably

>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>

>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>

>>>>>> // probably or something else

>>>>>>

>>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>

>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>

>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>

>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>> of

>>>>>>

>>>>>> public key.

>>>>>>

>>>>>> All I want practical answer on practical question ( please no theory

>>>>>> , I have enough books around me )

>>>>>>

>>>>>> Arkady

>>>>>>

>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>> Arkady

>>>>>>>>

>>>>>>> Hmm,

>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>> meaningless question with extra mumbling about some number that you

>>>>>>> taken from somewhere...

>>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>> least how it is usually done.

>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are

>>>>>>> referring to 1024 bit modulus that becomes less and less used due to

>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>>> successfully factored).

>>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).

>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>> public exponent of the same size as private exponent and about

>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>> public key and private key interchangeably...

>>>>>>>

>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>> help....

>>>>>>>

>>>>>>> -Valery.

>>>>>>> http://www.harper.no/valery

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>

>

Arkady Frenkel

07-09-2005, 10:52 PM

Hi , Valery !

What I received is next array in debugger

( exact copy of byte array of PublicKey.snk opened in VS and attached ) that

include unencoded 3 DWORDs ( I ask before about them ) and afterwards

BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of modulus

( all in little-endian as shown ) .

Wait for your comments

Arkady

P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and

all the siblings but up now I didn't decide what solution to recommend to

UPnP committee.

"Valery Pryamikov" <valery@harper.no> wrote in message

news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...

> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public

> key

> as

> RSAPublicKey ::= SEQUENCE {

> modulus INTEGER,

> publicExponent INTEGER

> }

> it means - it contain sequence's tag, size of the content, and big-endian

> integers for modulus and publicExponent. Modulus is prepended 0x0 byte for

> ensuring that leading bit will always be 0. Check your pk array to see

> binary presentation. snk file contains information recorded in different

> way

> that is proprietary and undocumented (except for code that comes with

> Rotor). Strongname.h only contains definition of PublicKeyBlob that

> consist

> of some extra information, but PublicKey inside of this structure is

> ASN1.DER encoded structure. For playing with public keys (and other ASN

> structures) you can use ASNDump utility (just Google for it).

> Arkady, I've told you about ASN1. from my first post to that thread. Can

> you, please, check the information I already gave you before asking any

> further questions...

>

> -Valery.

> http://www.harper.no/valery

>

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

>> Let's continue:)..

>> I'll return to ASN.DER afterwards but now I want to dig into .NET format.

>> I did keypair file with sn.exe end extracted public key from it to file.

>> Now I can read it and make the hash of it with next :

>>

>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

>> FileMode.Open, FileAccess.Read));

>>

>> ...

>>

>> byte []pk;

>>

>> pk = myAssembly.GetName().GetPublicKey();

>>

>> SHA1Managed sha = new SHA1Managed() ;

>>

>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>>

>> byte []pt;

>>

>> pt = myAssembly.GetName().GetPublicKeyToken();

>>

>> And I see that reversed 8 last bytes of p[] are the same as

>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

>> .Net struct used for hash .

>>

>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3

>> is

>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

>> PUBLICKEYBLOB.

>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &

>> 0x8004

>> in my case.

>>

>> TIA

>> Arkady

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>>> Tnx Valery , I'm out of office and have take some to learn the stuff

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>>> Well, that was the first time you actually revealed some of your

>>>> requirements :-).

>>>> in that case - you need to hash ASN1.DER encodded public key structure

>>>> as it is specified in PKCS#1. This is the same form of public key as

>>>> publickey blob stored inside X509 certificates and you can do it with

>>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>>> 2.0. - it would spare you some low-level conversion work.

>>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>>> from .Net framework:

>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>>

>>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>>> lots of public key related processing you can check my old PPC

>>>> Certificate Manager sample:

>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>>> No , I can't do it on my own .

>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP

>>>>> device

>>>>> and other devices ( not mine obviously like PC can be UPnP device too

>>>>> ,

>>>>> WiFi , cameras and so on ) receive that hashed value as identification

>>>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>>

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>>I answered you several times you can hash your public key in many

>>>>>>different ways - all depends on your needs. Ex:

>>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>>> little endian exponent without conversions (little endian is

>>>>>> presentation used by CAPI);

>>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>>> little endian modulus without conversions;

>>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>>> processing if exponent is different.

>>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>>> 10. any variation of all above;

>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>>> hash on that blob;

>>>>>> 14. In case if your public key is stored in certificate it is already

>>>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>>>> that blob;

>>>>>>

>>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>>> key. You didn't provide us with concrete requirements to make a

>>>>>> single

>>>>>> practical suggestion. I have tried to explain that to you several

>>>>>> times. I did write that public key could be hashed in many different

>>>>>> ways depending on your requirements in several of my posts to that

>>>>>> thread.

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>>I ask very simple question and really want to read practical advice :

>>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which

>>>>>>>is

>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of

>>>>>>>security algorithms and their output , just practical answer on my

>>>>>>>simple question.

>>>>>>> I have ( C# code ):

>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>>

>>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>>

>>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>>

>>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>>

>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*

>>>>>>> probably

>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>>

>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>>

>>>>>>> // probably or something else

>>>>>>>

>>>>>>> //

>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>>

>>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>>

>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>>

>>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>>> of

>>>>>>>

>>>>>>> public key.

>>>>>>>

>>>>>>> All I want practical answer on practical question ( please no theory

>>>>>>> , I have enough books around me )

>>>>>>>

>>>>>>> Arkady

>>>>>>>

>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>>> Arkady

>>>>>>>>>

>>>>>>>> Hmm,

>>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>>> meaningless question with extra mumbling about some number that you

>>>>>>>> taken from somewhere...

>>>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>>> least how it is usually done.

>>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You

>>>>>>>> are

>>>>>>>> referring to 1024 bit modulus that becomes less and less used due

>>>>>>>> to

>>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>>>> successfully factored).

>>>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is

>>>>>>>> (p-1)*(q-1).

>>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>>> public exponent of the same size as private exponent and about

>>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>>> public key and private key interchangeably...

>>>>>>>>

>>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>>> help....

>>>>>>>>

>>>>>>>> -Valery.

>>>>>>>> http://www.harper.no/valery

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>>

>

What I received is next array in debugger

( exact copy of byte array of PublicKey.snk opened in VS and attached ) that

include unencoded 3 DWORDs ( I ask before about them ) and afterwards

BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of modulus

( all in little-endian as shown ) .

Wait for your comments

Arkady

P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and

all the siblings but up now I didn't decide what solution to recommend to

UPnP committee.

"Valery Pryamikov" <valery@harper.no> wrote in message

news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...

> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public

> key

> as

> RSAPublicKey ::= SEQUENCE {

> modulus INTEGER,

> publicExponent INTEGER

> }

> it means - it contain sequence's tag, size of the content, and big-endian

> integers for modulus and publicExponent. Modulus is prepended 0x0 byte for

> ensuring that leading bit will always be 0. Check your pk array to see

> binary presentation. snk file contains information recorded in different

> way

> that is proprietary and undocumented (except for code that comes with

> Rotor). Strongname.h only contains definition of PublicKeyBlob that

> consist

> of some extra information, but PublicKey inside of this structure is

> ASN1.DER encoded structure. For playing with public keys (and other ASN

> structures) you can use ASNDump utility (just Google for it).

> Arkady, I've told you about ASN1. from my first post to that thread. Can

> you, please, check the information I already gave you before asking any

> further questions...

>

> -Valery.

> http://www.harper.no/valery

>

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

>> Let's continue:)..

>> I'll return to ASN.DER afterwards but now I want to dig into .NET format.

>> I did keypair file with sn.exe end extracted public key from it to file.

>> Now I can read it and make the hash of it with next :

>>

>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

>> FileMode.Open, FileAccess.Read));

>>

>> ...

>>

>> byte []pk;

>>

>> pk = myAssembly.GetName().GetPublicKey();

>>

>> SHA1Managed sha = new SHA1Managed() ;

>>

>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>>

>> byte []pt;

>>

>> pt = myAssembly.GetName().GetPublicKeyToken();

>>

>> And I see that reversed 8 last bytes of p[] are the same as

>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

>> .Net struct used for hash .

>>

>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3

>> is

>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

>> PUBLICKEYBLOB.

>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &

>> 0x8004

>> in my case.

>>

>> TIA

>> Arkady

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>>> Tnx Valery , I'm out of office and have take some to learn the stuff

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>>> Well, that was the first time you actually revealed some of your

>>>> requirements :-).

>>>> in that case - you need to hash ASN1.DER encodded public key structure

>>>> as it is specified in PKCS#1. This is the same form of public key as

>>>> publickey blob stored inside X509 certificates and you can do it with

>>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>>> 2.0. - it would spare you some low-level conversion work.

>>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>>> from .Net framework:

>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>>

>>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>>> lots of public key related processing you can check my old PPC

>>>> Certificate Manager sample:

>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>>> No , I can't do it on my own .

>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP

>>>>> device

>>>>> and other devices ( not mine obviously like PC can be UPnP device too

>>>>> ,

>>>>> WiFi , cameras and so on ) receive that hashed value as identification

>>>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>>

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>>I answered you several times you can hash your public key in many

>>>>>>different ways - all depends on your needs. Ex:

>>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>>> little endian exponent without conversions (little endian is

>>>>>> presentation used by CAPI);

>>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>>> little endian modulus without conversions;

>>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>>> processing if exponent is different.

>>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>>> 10. any variation of all above;

>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>>> hash on that blob;

>>>>>> 14. In case if your public key is stored in certificate it is already

>>>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>>>> that blob;

>>>>>>

>>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>>> key. You didn't provide us with concrete requirements to make a

>>>>>> single

>>>>>> practical suggestion. I have tried to explain that to you several

>>>>>> times. I did write that public key could be hashed in many different

>>>>>> ways depending on your requirements in several of my posts to that

>>>>>> thread.

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>>I ask very simple question and really want to read practical advice :

>>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which

>>>>>>>is

>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of

>>>>>>>security algorithms and their output , just practical answer on my

>>>>>>>simple question.

>>>>>>> I have ( C# code ):

>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>>

>>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>>

>>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>>

>>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>>

>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*

>>>>>>> probably

>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>>

>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>>

>>>>>>> // probably or something else

>>>>>>>

>>>>>>> //

>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>>

>>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>>

>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>>

>>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>>> of

>>>>>>>

>>>>>>> public key.

>>>>>>>

>>>>>>> All I want practical answer on practical question ( please no theory

>>>>>>> , I have enough books around me )

>>>>>>>

>>>>>>> Arkady

>>>>>>>

>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>>> Arkady

>>>>>>>>>

>>>>>>>> Hmm,

>>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>>> meaningless question with extra mumbling about some number that you

>>>>>>>> taken from somewhere...

>>>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>>> least how it is usually done.

>>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You

>>>>>>>> are

>>>>>>>> referring to 1024 bit modulus that becomes less and less used due

>>>>>>>> to

>>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>>>> successfully factored).

>>>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is

>>>>>>>> (p-1)*(q-1).

>>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>>> public exponent of the same size as private exponent and about

>>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>>> public key and private key interchangeably...

>>>>>>>>

>>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>>> help....

>>>>>>>>

>>>>>>>> -Valery.

>>>>>>>> http://www.harper.no/valery

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>>

>

Valery Pryamikov

07-09-2005, 10:52 PM

?????????

Why do you show me content of SNK file? Snk file is completely irrelevant.

myAssembly.GetName().GetPublicKey() doesn't use snk file, but retrieves

public key from the assembly.

Read my comment about content of snk file in my prev. post.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:%23nWEc72XFHA.2128@TK2MSFTNGP15.phx.gbl...

> Hi , Valery !

> What I received is next array in debugger

> ( exact copy of byte array of PublicKey.snk opened in VS and attached )

> that

> include unencoded 3 DWORDs ( I ask before about them ) and afterwards

> BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of

> modulus

> ( all in little-endian as shown ) .

>

> Wait for your comments

> Arkady

>

> P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and

> all the siblings but up now I didn't decide what solution to recommend to

> UPnP committee.

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...

>> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public

>> key

>> as

>> RSAPublicKey ::= SEQUENCE {

>> modulus INTEGER,

>> publicExponent INTEGER

>> }

>> it means - it contain sequence's tag, size of the content, and big-endian

>> integers for modulus and publicExponent. Modulus is prepended 0x0 byte

>> for

>> ensuring that leading bit will always be 0. Check your pk array to see

>> binary presentation. snk file contains information recorded in different

>> way

>> that is proprietary and undocumented (except for code that comes with

>> Rotor). Strongname.h only contains definition of PublicKeyBlob that

>> consist

>> of some extra information, but PublicKey inside of this structure is

>> ASN1.DER encoded structure. For playing with public keys (and other ASN

>> structures) you can use ASNDump utility (just Google for it).

>> Arkady, I've told you about ASN1. from my first post to that thread. Can

>> you, please, check the information I already gave you before asking any

>> further questions...

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

>>> Let's continue:)..

>>> I'll return to ASN.DER afterwards but now I want to dig into .NET

>>> format.

>>> I did keypair file with sn.exe end extracted public key from it to file.

>>> Now I can read it and make the hash of it with next :

>>>

>>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

>>> FileMode.Open, FileAccess.Read));

>>>

>>> ...

>>>

>>> byte []pk;

>>>

>>> pk = myAssembly.GetName().GetPublicKey();

>>>

>>> SHA1Managed sha = new SHA1Managed() ;

>>>

>>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>>>

>>> byte []pt;

>>>

>>> pt = myAssembly.GetName().GetPublicKeyToken();

>>>

>>> And I see that reversed 8 last bytes of p[] are the same as

>>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

>>> .Net struct used for hash .

>>>

>>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3

>>> is

>>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

>>> PUBLICKEYBLOB.

>>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &

>>> 0x8004

>>> in my case.

>>>

>>> TIA

>>> Arkady

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>>>> Tnx Valery , I'm out of office and have take some to learn the stuff

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>>>> Well, that was the first time you actually revealed some of your

>>>>> requirements :-).

>>>>> in that case - you need to hash ASN1.DER encodded public key structure

>>>>> as it is specified in PKCS#1. This is the same form of public key as

>>>>> publickey blob stored inside X509 certificates and you can do it with

>>>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>>>> 2.0. - it would spare you some low-level conversion work.

>>>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>>>> from .Net framework:

>>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>>>

>>>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>>>> lots of public key related processing you can check my old PPC

>>>>> Certificate Manager sample:

>>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>>>> No , I can't do it on my own .

>>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP

>>>>>> device

>>>>>> and other devices ( not mine obviously like PC can be UPnP device too

>>>>>> ,

>>>>>> WiFi , cameras and so on ) receive that hashed value as

>>>>>> identification

>>>>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>>>

>>>>>> Arkady

>>>>>>

>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>>>I answered you several times you can hash your public key in many

>>>>>>>different ways - all depends on your needs. Ex:

>>>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>>>> little endian exponent without conversions (little endian is

>>>>>>> presentation used by CAPI);

>>>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>>>> little endian modulus without conversions;

>>>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>>>> processing if exponent is different.

>>>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>>>> 10. any variation of all above;

>>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>>>> hash on that blob;

>>>>>>> 14. In case if your public key is stored in certificate it is

>>>>>>> already

>>>>>>> in the form as in 13 - retrieve public key blob and calculate hash

>>>>>>> on

>>>>>>> that blob;

>>>>>>>

>>>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>>>> key. You didn't provide us with concrete requirements to make a

>>>>>>> single

>>>>>>> practical suggestion. I have tried to explain that to you several

>>>>>>> times. I did write that public key could be hashed in many different

>>>>>>> ways depending on your requirements in several of my posts to that

>>>>>>> thread.

>>>>>>>

>>>>>>> -Valery.

>>>>>>> http://www.harper.no/valery

>>>>>>>

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>>>I ask very simple question and really want to read practical advice

>>>>>>>>:

>>>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which

>>>>>>>>is

>>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories

>>>>>>>>of

>>>>>>>>security algorithms and their output , just practical answer on my

>>>>>>>>simple question.

>>>>>>>> I have ( C# code ):

>>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>>>

>>>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>>>

>>>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>>>

>>>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>>>

>>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*

>>>>>>>> probably

>>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>>>

>>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>>>

>>>>>>>> // probably or something else

>>>>>>>>

>>>>>>>> //

>>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>>>

>>>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>>>

>>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>>>

>>>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>>>> of

>>>>>>>>

>>>>>>>> public key.

>>>>>>>>

>>>>>>>> All I want practical answer on practical question ( please no

>>>>>>>> theory

>>>>>>>> , I have enough books around me )

>>>>>>>>

>>>>>>>> Arkady

>>>>>>>>

>>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>>>> Arkady

>>>>>>>>>>

>>>>>>>>> Hmm,

>>>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>>>> meaningless question with extra mumbling about some number that

>>>>>>>>> you

>>>>>>>>> taken from somewhere...

>>>>>>>>> How to hash a public key? You take a hash function, send public

>>>>>>>>> key

>>>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>>>> least how it is usually done.

>>>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You

>>>>>>>>> are

>>>>>>>>> referring to 1024 bit modulus that becomes less and less used due

>>>>>>>>> to

>>>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>>>>> successfully factored).

>>>>>>>>> Public exponent could be any number from 3 up to large integer

>>>>>>>>> that

>>>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is

>>>>>>>>> (p-1)*(q-1).

>>>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>>>> public exponent of the same size as private exponent and about

>>>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>>>> public key and private key interchangeably...

>>>>>>>>>

>>>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>>>> help....

>>>>>>>>>

>>>>>>>>> -Valery.

>>>>>>>>> http://www.harper.no/valery

>>>>>>>>>

>>>>>>>>

>>>>>>>>

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>

>>>>

>>>

>>>

>>

>

>

>

Why do you show me content of SNK file? Snk file is completely irrelevant.

myAssembly.GetName().GetPublicKey() doesn't use snk file, but retrieves

public key from the assembly.

Read my comment about content of snk file in my prev. post.

-Valery.

http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:%23nWEc72XFHA.2128@TK2MSFTNGP15.phx.gbl...

> Hi , Valery !

> What I received is next array in debugger

> ( exact copy of byte array of PublicKey.snk opened in VS and attached )

> that

> include unencoded 3 DWORDs ( I ask before about them ) and afterwards

> BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of

> modulus

> ( all in little-endian as shown ) .

>

> Wait for your comments

> Arkady

>

> P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and

> all the siblings but up now I didn't decide what solution to recommend to

> UPnP committee.

>

> "Valery Pryamikov" <valery@harper.no> wrote in message

> news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...

>> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public

>> key

>> as

>> RSAPublicKey ::= SEQUENCE {

>> modulus INTEGER,

>> publicExponent INTEGER

>> }

>> it means - it contain sequence's tag, size of the content, and big-endian

>> integers for modulus and publicExponent. Modulus is prepended 0x0 byte

>> for

>> ensuring that leading bit will always be 0. Check your pk array to see

>> binary presentation. snk file contains information recorded in different

>> way

>> that is proprietary and undocumented (except for code that comes with

>> Rotor). Strongname.h only contains definition of PublicKeyBlob that

>> consist

>> of some extra information, but PublicKey inside of this structure is

>> ASN1.DER encoded structure. For playing with public keys (and other ASN

>> structures) you can use ASNDump utility (just Google for it).

>> Arkady, I've told you about ASN1. from my first post to that thread. Can

>> you, please, check the information I already gave you before asking any

>> further questions...

>>

>> -Valery.

>> http://www.harper.no/valery

>>

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

>>> Let's continue:)..

>>> I'll return to ASN.DER afterwards but now I want to dig into .NET

>>> format.

>>> I did keypair file with sn.exe end extracted public key from it to file.

>>> Now I can read it and make the hash of it with next :

>>>

>>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

>>> FileMode.Open, FileAccess.Read));

>>>

>>> ...

>>>

>>> byte []pk;

>>>

>>> pk = myAssembly.GetName().GetPublicKey();

>>>

>>> SHA1Managed sha = new SHA1Managed() ;

>>>

>>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>>>

>>> byte []pt;

>>>

>>> pt = myAssembly.GetName().GetPublicKeyToken();

>>>

>>> And I see that reversed 8 last bytes of p[] are the same as

>>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

>>> .Net struct used for hash .

>>>

>>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3

>>> is

>>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

>>> PUBLICKEYBLOB.

>>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &

>>> 0x8004

>>> in my case.

>>>

>>> TIA

>>> Arkady

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>>>> Tnx Valery , I'm out of office and have take some to learn the stuff

>>>> Arkady

>>>>

>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>>>> Well, that was the first time you actually revealed some of your

>>>>> requirements :-).

>>>>> in that case - you need to hash ASN1.DER encodded public key structure

>>>>> as it is specified in PKCS#1. This is the same form of public key as

>>>>> publickey blob stored inside X509 certificates and you can do it with

>>>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>>>> 2.0. - it would spare you some low-level conversion work.

>>>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>>>> from .Net framework:

>>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>>>

>>>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>>>> lots of public key related processing you can check my old PPC

>>>>> Certificate Manager sample:

>>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>>>

>>>>> -Valery.

>>>>> http://www.harper.no/valery

>>>>>

>>>>>

>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>>>> No , I can't do it on my own .

>>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP

>>>>>> device

>>>>>> and other devices ( not mine obviously like PC can be UPnP device too

>>>>>> ,

>>>>>> WiFi , cameras and so on ) receive that hashed value as

>>>>>> identification

>>>>>> ID due to UPnP security spec, so I can't do on my own but at least as

>>>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>>>

>>>>>> Arkady

>>>>>>

>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>>>I answered you several times you can hash your public key in many

>>>>>>>different ways - all depends on your needs. Ex:

>>>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>>>> little endian exponent without conversions (little endian is

>>>>>>> presentation used by CAPI);

>>>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>>>> little endian modulus without conversions;

>>>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>>>> processing if exponent is different.

>>>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>>>> 10. any variation of all above;

>>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>>>> hash on that blob;

>>>>>>> 14. In case if your public key is stored in certificate it is

>>>>>>> already

>>>>>>> in the form as in 13 - retrieve public key blob and calculate hash

>>>>>>> on

>>>>>>> that blob;

>>>>>>>

>>>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>>>> key. You didn't provide us with concrete requirements to make a

>>>>>>> single

>>>>>>> practical suggestion. I have tried to explain that to you several

>>>>>>> times. I did write that public key could be hashed in many different

>>>>>>> ways depending on your requirements in several of my posts to that

>>>>>>> thread.

>>>>>>>

>>>>>>> -Valery.

>>>>>>> http://www.harper.no/valery

>>>>>>>

>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>>>I ask very simple question and really want to read practical advice

>>>>>>>>:

>>>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which

>>>>>>>>is

>>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories

>>>>>>>>of

>>>>>>>>security algorithms and their output , just practical answer on my

>>>>>>>>simple question.

>>>>>>>> I have ( C# code ):

>>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>>>

>>>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>>>

>>>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>>>

>>>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>>>

>>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*

>>>>>>>> probably

>>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>>>

>>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>>>

>>>>>>>> // probably or something else

>>>>>>>>

>>>>>>>> //

>>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>>>

>>>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>>>

>>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>>>

>>>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>>>> of

>>>>>>>>

>>>>>>>> public key.

>>>>>>>>

>>>>>>>> All I want practical answer on practical question ( please no

>>>>>>>> theory

>>>>>>>> , I have enough books around me )

>>>>>>>>

>>>>>>>> Arkady

>>>>>>>>

>>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>>>> Arkady

>>>>>>>>>>

>>>>>>>>> Hmm,

>>>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>>>> meaningless question with extra mumbling about some number that

>>>>>>>>> you

>>>>>>>>> taken from somewhere...

>>>>>>>>> How to hash a public key? You take a hash function, send public

>>>>>>>>> key

>>>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>>>> least how it is usually done.

>>>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You

>>>>>>>>> are

>>>>>>>>> referring to 1024 bit modulus that becomes less and less used due

>>>>>>>>> to

>>>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was

>>>>>>>>> successfully factored).

>>>>>>>>> Public exponent could be any number from 3 up to large integer

>>>>>>>>> that

>>>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is

>>>>>>>>> (p-1)*(q-1).

>>>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>>>> public exponent of the same size as private exponent and about

>>>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>>>> public key and private key interchangeably...

>>>>>>>>>

>>>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>>>> help....

>>>>>>>>>

>>>>>>>>> -Valery.

>>>>>>>>> http://www.harper.no/valery

>>>>>>>>>

>>>>>>>>

>>>>>>>>

>>>>>>>

>>>>>>

>>>>>>

>>>>>

>>>>

>>>>

>>>

>>>

>>

>

>

>

Valery Pryamikov

07-09-2005, 10:52 PM

Just a minor correction - it's DumpASN utility (not ASNDump as I wrote in my

prev.post)

-Valery.

http://www.harper.no/valery

"Valery Pryamikov" <valery@harper.no> wrote in message

news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...

> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public

> key as

> RSAPublicKey ::= SEQUENCE {

> modulus INTEGER,

> publicExponent INTEGER

> }

> it means - it contain sequence's tag, size of the content, and big-endian

> integers for modulus and publicExponent. Modulus is prepended 0x0 byte for

> ensuring that leading bit will always be 0. Check your pk array to see

> binary presentation. snk file contains information recorded in different

> way that is proprietary and undocumented (except for code that comes with

> Rotor). Strongname.h only contains definition of PublicKeyBlob that

> consist of some extra information, but PublicKey inside of this structure

> is ASN1.DER encoded structure. For playing with public keys (and other ASN

> structures) you can use ASNDump utility (just Google for it).

> Arkady, I've told you about ASN1. from my first post to that thread. Can

> you, please, check the information I already gave you before asking any

> further questions...

>

> -Valery.

> http://www.harper.no/valery

>

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

>> Let's continue:)..

>> I'll return to ASN.DER afterwards but now I want to dig into .NET format.

>> I did keypair file with sn.exe end extracted public key from it to file.

>> Now I can read it and make the hash of it with next :

>>

>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

>> FileMode.Open, FileAccess.Read));

>>

>> ...

>>

>> byte []pk;

>>

>> pk = myAssembly.GetName().GetPublicKey();

>>

>> SHA1Managed sha = new SHA1Managed() ;

>>

>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>>

>> byte []pt;

>>

>> pt = myAssembly.GetName().GetPublicKeyToken();

>>

>> And I see that reversed 8 last bytes of p[] are the same as

>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

>> .Net struct used for hash .

>>

>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3

>> is length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

>> PUBLICKEYBLOB.

>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &

>> 0x8004 in my case.

>>

>> TIA

>> Arkady

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>>> Tnx Valery , I'm out of office and have take some to learn the stuff

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>>> Well, that was the first time you actually revealed some of your

>>>> requirements :-).

>>>> in that case - you need to hash ASN1.DER encodded public key structure

>>>> as it is specified in PKCS#1. This is the same form of public key as

>>>> publickey blob stored inside X509 certificates and you can do it with

>>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>>> 2.0. - it would spare you some low-level conversion work.

>>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>>> from .Net framework:

>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>>

>>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>>> lots of public key related processing you can check my old PPC

>>>> Certificate Manager sample:

>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>>> No , I can't do it on my own .

>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP

>>>>> device and other devices ( not mine obviously like PC can be UPnP

>>>>> device too , WiFi , cameras and so on ) receive that hashed value as

>>>>> identification ID due to UPnP security spec, so I can't do on my own

>>>>> but at least as MSFT do that and in managed code ( so can't use

>>>>> (C)API ).

>>>>>

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>>I answered you several times you can hash your public key in many

>>>>>>different ways - all depends on your needs. Ex:

>>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>>> little endian exponent without conversions (little endian is

>>>>>> presentation used by CAPI);

>>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>>> little endian modulus without conversions;

>>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>>> processing if exponent is different.

>>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>>> 10. any variation of all above;

>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>>> hash on that blob;

>>>>>> 14. In case if your public key is stored in certificate it is already

>>>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>>>> that blob;

>>>>>>

>>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>>> key. You didn't provide us with concrete requirements to make a

>>>>>> single practical suggestion. I have tried to explain that to you

>>>>>> several times. I did write that public key could be hashed in many

>>>>>> different ways depending on your requirements in several of my posts

>>>>>> to that thread.

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>>I ask very simple question and really want to read practical advice :

>>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which

>>>>>>>is 3 ( that I wrote about ) in the case of RSA? I don't need theories

>>>>>>>of security algorithms and their output , just practical answer on

>>>>>>>my simple question.

>>>>>>> I have ( C# code ):

>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>>

>>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>>

>>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>>

>>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>>

>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*

>>>>>>> probably or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>>

>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>>

>>>>>>> // probably or something else

>>>>>>>

>>>>>>> //

>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>>

>>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>>

>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>>

>>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>>> of

>>>>>>>

>>>>>>> public key.

>>>>>>>

>>>>>>> All I want practical answer on practical question ( please no theory

>>>>>>> , I have enough books around me )

>>>>>>>

>>>>>>> Arkady

>>>>>>>

>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>>> Arkady

>>>>>>>>>

>>>>>>>> Hmm,

>>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>>> meaningless question with extra mumbling about some number that you

>>>>>>>> taken from somewhere...

>>>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>>> least how it is usually done.

>>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You

>>>>>>>> are referring to 1024 bit modulus that becomes less and less used

>>>>>>>> due to simple fact that is providing less than 80 bits of security

>>>>>>>> (and just a couple of weeks ago 740 bits modulus 200 decimal digits

>>>>>>>> was successfully factored).

>>>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is

>>>>>>>> (p-1)*(q-1).

>>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>>> public exponent of the same size as private exponent and about

>>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>>> public key and private key interchangeably...

>>>>>>>>

>>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>>> help....

>>>>>>>>

>>>>>>>> -Valery.

>>>>>>>> http://www.harper.no/valery

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>>

>

prev.post)

-Valery.

http://www.harper.no/valery

"Valery Pryamikov" <valery@harper.no> wrote in message

news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...

> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public

> key as

> RSAPublicKey ::= SEQUENCE {

> modulus INTEGER,

> publicExponent INTEGER

> }

> it means - it contain sequence's tag, size of the content, and big-endian

> integers for modulus and publicExponent. Modulus is prepended 0x0 byte for

> ensuring that leading bit will always be 0. Check your pk array to see

> binary presentation. snk file contains information recorded in different

> way that is proprietary and undocumented (except for code that comes with

> Rotor). Strongname.h only contains definition of PublicKeyBlob that

> consist of some extra information, but PublicKey inside of this structure

> is ASN1.DER encoded structure. For playing with public keys (and other ASN

> structures) you can use ASNDump utility (just Google for it).

> Arkady, I've told you about ASN1. from my first post to that thread. Can

> you, please, check the information I already gave you before asking any

> further questions...

>

> -Valery.

> http://www.harper.no/valery

>

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

>> Let's continue:)..

>> I'll return to ASN.DER afterwards but now I want to dig into .NET format.

>> I did keypair file with sn.exe end extracted public key from it to file.

>> Now I can read it and make the hash of it with next :

>>

>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

>> FileMode.Open, FileAccess.Read));

>>

>> ...

>>

>> byte []pk;

>>

>> pk = myAssembly.GetName().GetPublicKey();

>>

>> SHA1Managed sha = new SHA1Managed() ;

>>

>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>>

>> byte []pt;

>>

>> pt = myAssembly.GetName().GetPublicKeyToken();

>>

>> And I see that reversed 8 last bytes of p[] are the same as

>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

>> .Net struct used for hash .

>>

>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3

>> is length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

>> PUBLICKEYBLOB.

>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &

>> 0x8004 in my case.

>>

>> TIA

>> Arkady

>>

>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>>> Tnx Valery , I'm out of office and have take some to learn the stuff

>>> Arkady

>>>

>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>>> Well, that was the first time you actually revealed some of your

>>>> requirements :-).

>>>> in that case - you need to hash ASN1.DER encodded public key structure

>>>> as it is specified in PKCS#1. This is the same form of public key as

>>>> publickey blob stored inside X509 certificates and you can do it with

>>>> managed code only. In case if you can use interop to CAPI, or use .Net

>>>> 2.0. - it would spare you some low-level conversion work.

>>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>>> from .Net framework:

>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>>

>>>> For a sample aplication that uses a lot of C# to CAPI interop and does

>>>> lots of public key related processing you can check my old PPC

>>>> Certificate Manager sample:

>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>>

>>>> -Valery.

>>>> http://www.harper.no/valery

>>>>

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>>> No , I can't do it on my own .

>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP

>>>>> device and other devices ( not mine obviously like PC can be UPnP

>>>>> device too , WiFi , cameras and so on ) receive that hashed value as

>>>>> identification ID due to UPnP security spec, so I can't do on my own

>>>>> but at least as MSFT do that and in managed code ( so can't use

>>>>> (C)API ).

>>>>>

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>>I answered you several times you can hash your public key in many

>>>>>>different ways - all depends on your needs. Ex:

>>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>>> little endian exponent without conversions (little endian is

>>>>>> presentation used by CAPI);

>>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>>> little endian modulus without conversions;

>>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>>> processing if exponent is different.

>>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>>> 10. any variation of all above;

>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>>> encoded structure of public key as specified in PKCS#1 and calculate

>>>>>> hash on that blob;

>>>>>> 14. In case if your public key is stored in certificate it is already

>>>>>> in the form as in 13 - retrieve public key blob and calculate hash on

>>>>>> that blob;

>>>>>>

>>>>>> I can add a hundred more practical suggestions on how to hash public

>>>>>> key. You didn't provide us with concrete requirements to make a

>>>>>> single practical suggestion. I have tried to explain that to you

>>>>>> several times. I did write that public key could be hashed in many

>>>>>> different ways depending on your requirements in several of my posts

>>>>>> to that thread.

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>>I ask very simple question and really want to read practical advice :

>>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which

>>>>>>>is 3 ( that I wrote about ) in the case of RSA? I don't need theories

>>>>>>>of security algorithms and their output , just practical answer on

>>>>>>>my simple question.

>>>>>>> I have ( C# code ):

>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>>

>>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>>

>>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>>

>>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>>> will be enough for hash of public key , that's all I need . Like to

>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>>

>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*

>>>>>>> probably or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>>

>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>>

>>>>>>> // probably or something else

>>>>>>>

>>>>>>> //

>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>>

>>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>>

>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>>

>>>>>>> All I want to know what have to be in PKbytes array to receive hash

>>>>>>> of

>>>>>>>

>>>>>>> public key.

>>>>>>>

>>>>>>> All I want practical answer on practical question ( please no theory

>>>>>>> , I have enough books around me )

>>>>>>>

>>>>>>> Arkady

>>>>>>>

>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes

>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both

>>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>>> Arkady

>>>>>>>>>

>>>>>>>> Hmm,

>>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>>> meaningless question with extra mumbling about some number that you

>>>>>>>> taken from somewhere...

>>>>>>>> How to hash a public key? You take a hash function, send public key

>>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>>> least how it is usually done.

>>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You

>>>>>>>> are referring to 1024 bit modulus that becomes less and less used

>>>>>>>> due to simple fact that is providing less than 80 bits of security

>>>>>>>> (and just a couple of weeks ago 740 bits modulus 200 decimal digits

>>>>>>>> was successfully factored).

>>>>>>>> Public exponent could be any number from 3 up to large integer that

>>>>>>>> takes a half of bits of modulus (not bigger than that, since small

>>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is

>>>>>>>> (p-1)*(q-1).

>>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>>> public exponent of the same size as private exponent and about

>>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>>> public key and private key interchangeably...

>>>>>>>>

>>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>>> help....

>>>>>>>>

>>>>>>>> -Valery.

>>>>>>>> http://www.harper.no/valery

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>

>>>

>>

>>

>

Arkady Frenkel

07-09-2005, 10:52 PM

I show that because I can't show you byte array returned by

myAssembly.GetName().GetPublicKey() and it , as I wrote , exactly the same

array blob as publickey.snk I extracted with

sn.exe from pair key , OTOH I set assembly to that same pair key with :

myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

FileMode.Open, FileAccess.Read));

so I see those absolutely the same BLOB as you can see on attached file

TIA

Arkady

P.S. Just when writting I understand that I do can send you array returned

by myAssembly.GetName().GetPublicKey()

printing it in dos box ( file attached too ).So reverse ( as I understand in

security that called big-endian , in computer architecture so in networking

only each word or dword can be big/little endian ) last 8 bytes of hash of

that blob are exactly

Public Key tokey received with

myAssembly.GetName().GetPublicKeyToken() in this case

"Valery Pryamikov" <valery@harper.no> wrote in message

news:OSelY73XFHA.1152@tk2msftngp13.phx.gbl...

> ?????????

> Why do you show me content of SNK file? Snk file is completely irrelevant.

> myAssembly.GetName().GetPublicKey() doesn't use snk file, but retrieves

> public key from the assembly.

> Read my comment about content of snk file in my prev. post.

>

> -Valery.

> http://www.harper.no/valery

>

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23nWEc72XFHA.2128@TK2MSFTNGP15.phx.gbl...

>> Hi , Valery !

>> What I received is next array in debugger

>> ( exact copy of byte array of PublicKey.snk opened in VS and attached )

>> that

>> include unencoded 3 DWORDs ( I ask before about them ) and afterwards

>> BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of

>> modulus

>> ( all in little-endian as shown ) .

>>

>> Wait for your comments

>> Arkady

>>

>> P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and

>> all the siblings but up now I didn't decide what solution to recommend to

>> UPnP committee.

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...

>>> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public

>>> key

>>> as

>>> RSAPublicKey ::= SEQUENCE {

>>> modulus INTEGER,

>>> publicExponent INTEGER

>>> }

>>> it means - it contain sequence's tag, size of the content, and

>>> big-endian

>>> integers for modulus and publicExponent. Modulus is prepended 0x0 byte

>>> for

>>> ensuring that leading bit will always be 0. Check your pk array to see

>>> binary presentation. snk file contains information recorded in different

>>> way

>>> that is proprietary and undocumented (except for code that comes with

>>> Rotor). Strongname.h only contains definition of PublicKeyBlob that

>>> consist

>>> of some extra information, but PublicKey inside of this structure is

>>> ASN1.DER encoded structure. For playing with public keys (and other ASN

>>> structures) you can use ASNDump utility (just Google for it).

>>> Arkady, I've told you about ASN1. from my first post to that thread. Can

>>> you, please, check the information I already gave you before asking any

>>> further questions...

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

>>>> Let's continue:)..

>>>> I'll return to ASN.DER afterwards but now I want to dig into .NET

>>>> format.

>>>> I did keypair file with sn.exe end extracted public key from it to

>>>> file.

>>>> Now I can read it and make the hash of it with next :

>>>>

>>>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

>>>> FileMode.Open, FileAccess.Read));

>>>>

>>>> ...

>>>>

>>>> byte []pk;

>>>>

>>>> pk = myAssembly.GetName().GetPublicKey();

>>>>

>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>

>>>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>>>>

>>>> byte []pt;

>>>>

>>>> pt = myAssembly.GetName().GetPublicKeyToken();

>>>>

>>>> And I see that reversed 8 last bytes of p[] are the same as

>>>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

>>>> .Net struct used for hash .

>>>>

>>>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3

>>>> is

>>>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

>>>> PUBLICKEYBLOB.

>>>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &

>>>> 0x8004

>>>> in my case.

>>>>

>>>> TIA

>>>> Arkady

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>>>>> Tnx Valery , I'm out of office and have take some to learn the stuff

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>>>>> Well, that was the first time you actually revealed some of your

>>>>>> requirements :-).

>>>>>> in that case - you need to hash ASN1.DER encodded public key

>>>>>> structure

>>>>>> as it is specified in PKCS#1. This is the same form of public key as

>>>>>> publickey blob stored inside X509 certificates and you can do it with

>>>>>> managed code only. In case if you can use interop to CAPI, or use

>>>>>> .Net

>>>>>> 2.0. - it would spare you some low-level conversion work.

>>>>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>>>>> from .Net framework:

>>>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>>>>

>>>>>> For a sample aplication that uses a lot of C# to CAPI interop and

>>>>>> does

>>>>>> lots of public key related processing you can check my old PPC

>>>>>> Certificate Manager sample:

>>>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>>>>> No , I can't do it on my own .

>>>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP

>>>>>>> device

>>>>>>> and other devices ( not mine obviously like PC can be UPnP device

>>>>>>> too

>>>>>>> ,

>>>>>>> WiFi , cameras and so on ) receive that hashed value as

>>>>>>> identification

>>>>>>> ID due to UPnP security spec, so I can't do on my own but at least

>>>>>>> as

>>>>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>>>>

>>>>>>> Arkady

>>>>>>>

>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>>>>I answered you several times you can hash your public key in many

>>>>>>>>different ways - all depends on your needs. Ex:

>>>>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>>>>> little endian exponent without conversions (little endian is

>>>>>>>> presentation used by CAPI);

>>>>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>>>>> little endian modulus without conversions;

>>>>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>>>>> processing if exponent is different.

>>>>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>>>>> 10. any variation of all above;

>>>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>>>>> encoded structure of public key as specified in PKCS#1 and

>>>>>>>> calculate

>>>>>>>> hash on that blob;

>>>>>>>> 14. In case if your public key is stored in certificate it is

>>>>>>>> already

>>>>>>>> in the form as in 13 - retrieve public key blob and calculate hash

>>>>>>>> on

>>>>>>>> that blob;

>>>>>>>>

>>>>>>>> I can add a hundred more practical suggestions on how to hash

>>>>>>>> public

>>>>>>>> key. You didn't provide us with concrete requirements to make a

>>>>>>>> single

>>>>>>>> practical suggestion. I have tried to explain that to you several

>>>>>>>> times. I did write that public key could be hashed in many

>>>>>>>> different

>>>>>>>> ways depending on your requirements in several of my posts to that

>>>>>>>> thread.

>>>>>>>>

>>>>>>>> -Valery.

>>>>>>>> http://www.harper.no/valery

>>>>>>>>

>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>>>>I ask very simple question and really want to read practical advice

>>>>>>>>>:

>>>>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which

>>>>>>>>>is

>>>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories

>>>>>>>>>of

>>>>>>>>>security algorithms and their output , just practical answer on my

>>>>>>>>>simple question.

>>>>>>>>> I have ( C# code ):

>>>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>>>>

>>>>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>>>>

>>>>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>>>>

>>>>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>>>>> will be enough for hash of public key , that's all I need . Like

>>>>>>>>> to

>>>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>>>>

>>>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*

>>>>>>>>> probably

>>>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>>>>

>>>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>>>>

>>>>>>>>> // probably or something else

>>>>>>>>>

>>>>>>>>> //

>>>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>>>>

>>>>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>>>>

>>>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>>>>

>>>>>>>>> All I want to know what have to be in PKbytes array to receive

>>>>>>>>> hash

>>>>>>>>> of

>>>>>>>>>

>>>>>>>>> public key.

>>>>>>>>>

>>>>>>>>> All I want practical answer on practical question ( please no

>>>>>>>>> theory

>>>>>>>>> , I have enough books around me )

>>>>>>>>>

>>>>>>>>> Arkady

>>>>>>>>>

>>>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128

>>>>>>>>>>> bytes

>>>>>>>>>>> used to calculate hash of public key not 131 and not 132.But

>>>>>>>>>>> both

>>>>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>>>>> Arkady

>>>>>>>>>>>

>>>>>>>>>> Hmm,

>>>>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>>>>> meaningless question with extra mumbling about some number that

>>>>>>>>>> you

>>>>>>>>>> taken from somewhere...

>>>>>>>>>> How to hash a public key? You take a hash function, send public

>>>>>>>>>> key

>>>>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>>>>> least how it is usually done.

>>>>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You

>>>>>>>>>> are

>>>>>>>>>> referring to 1024 bit modulus that becomes less and less used due

>>>>>>>>>> to

>>>>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits

>>>>>>>>>> was

>>>>>>>>>> successfully factored).

>>>>>>>>>> Public exponent could be any number from 3 up to large integer

>>>>>>>>>> that

>>>>>>>>>> takes a half of bits of modulus (not bigger than that, since

>>>>>>>>>> small

>>>>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is

>>>>>>>>>> (p-1)*(q-1).

>>>>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>>>>> public exponent of the same size as private exponent and about

>>>>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>>>>> public key and private key interchangeably...

>>>>>>>>>>

>>>>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>>>>> help....

>>>>>>>>>>

>>>>>>>>>> -Valery.

>>>>>>>>>> http://www.harper.no/valery

>>>>>>>>>>

>>>>>>>>>

>>>>>>>>>

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>>

>

myAssembly.GetName().GetPublicKey() and it , as I wrote , exactly the same

array blob as publickey.snk I extracted with

sn.exe from pair key , OTOH I set assembly to that same pair key with :

myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

FileMode.Open, FileAccess.Read));

so I see those absolutely the same BLOB as you can see on attached file

TIA

Arkady

P.S. Just when writting I understand that I do can send you array returned

by myAssembly.GetName().GetPublicKey()

printing it in dos box ( file attached too ).So reverse ( as I understand in

security that called big-endian , in computer architecture so in networking

only each word or dword can be big/little endian ) last 8 bytes of hash of

that blob are exactly

Public Key tokey received with

myAssembly.GetName().GetPublicKeyToken() in this case

"Valery Pryamikov" <valery@harper.no> wrote in message

news:OSelY73XFHA.1152@tk2msftngp13.phx.gbl...

> ?????????

> Why do you show me content of SNK file? Snk file is completely irrelevant.

> myAssembly.GetName().GetPublicKey() doesn't use snk file, but retrieves

> public key from the assembly.

> Read my comment about content of snk file in my prev. post.

>

> -Valery.

> http://www.harper.no/valery

>

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:%23nWEc72XFHA.2128@TK2MSFTNGP15.phx.gbl...

>> Hi , Valery !

>> What I received is next array in debugger

>> ( exact copy of byte array of PublicKey.snk opened in VS and attached )

>> that

>> include unencoded 3 DWORDs ( I ask before about them ) and afterwards

>> BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of

>> modulus

>> ( all in little-endian as shown ) .

>>

>> Wait for your comments

>> Arkady

>>

>> P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and

>> all the siblings but up now I didn't decide what solution to recommend to

>> UPnP committee.

>>

>> "Valery Pryamikov" <valery@harper.no> wrote in message

>> news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...

>>> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public

>>> key

>>> as

>>> RSAPublicKey ::= SEQUENCE {

>>> modulus INTEGER,

>>> publicExponent INTEGER

>>> }

>>> it means - it contain sequence's tag, size of the content, and

>>> big-endian

>>> integers for modulus and publicExponent. Modulus is prepended 0x0 byte

>>> for

>>> ensuring that leading bit will always be 0. Check your pk array to see

>>> binary presentation. snk file contains information recorded in different

>>> way

>>> that is proprietary and undocumented (except for code that comes with

>>> Rotor). Strongname.h only contains definition of PublicKeyBlob that

>>> consist

>>> of some extra information, but PublicKey inside of this structure is

>>> ASN1.DER encoded structure. For playing with public keys (and other ASN

>>> structures) you can use ASNDump utility (just Google for it).

>>> Arkady, I've told you about ASN1. from my first post to that thread. Can

>>> you, please, check the information I already gave you before asking any

>>> further questions...

>>>

>>> -Valery.

>>> http://www.harper.no/valery

>>>

>>>

>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...

>>>> Let's continue:)..

>>>> I'll return to ASN.DER afterwards but now I want to dig into .NET

>>>> format.

>>>> I did keypair file with sn.exe end extracted public key from it to

>>>> file.

>>>> Now I can read it and make the hash of it with next :

>>>>

>>>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",

>>>> FileMode.Open, FileAccess.Read));

>>>>

>>>> ...

>>>>

>>>> byte []pk;

>>>>

>>>> pk = myAssembly.GetName().GetPublicKey();

>>>>

>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>

>>>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

>>>>

>>>> byte []pt;

>>>>

>>>> pt = myAssembly.GetName().GetPublicKeyToken();

>>>>

>>>> And I see that reversed 8 last bytes of p[] are the same as

>>>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key

>>>> .Net struct used for hash .

>>>>

>>>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3

>>>> is

>>>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+

>>>> PUBLICKEYBLOB.

>>>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &

>>>> 0x8004

>>>> in my case.

>>>>

>>>> TIA

>>>> Arkady

>>>>

>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...

>>>>> Tnx Valery , I'm out of office and have take some to learn the stuff

>>>>> Arkady

>>>>>

>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...

>>>>>> Well, that was the first time you actually revealed some of your

>>>>>> requirements :-).

>>>>>> in that case - you need to hash ASN1.DER encodded public key

>>>>>> structure

>>>>>> as it is specified in PKCS#1. This is the same form of public key as

>>>>>> publickey blob stored inside X509 certificates and you can do it with

>>>>>> managed code only. In case if you can use interop to CAPI, or use

>>>>>> .Net

>>>>>> 2.0. - it would spare you some low-level conversion work.

>>>>>> Check Mitch Gallant's web site for good description of ASN1 encoding

>>>>>> from .Net framework:

>>>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

>>>>>>

>>>>>> For a sample aplication that uses a lot of C# to CAPI interop and

>>>>>> does

>>>>>> lots of public key related processing you can check my old PPC

>>>>>> Certificate Manager sample:

>>>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

>>>>>>

>>>>>> -Valery.

>>>>>> http://www.harper.no/valery

>>>>>>

>>>>>>

>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...

>>>>>>> No , I can't do it on my own .

>>>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP

>>>>>>> device

>>>>>>> and other devices ( not mine obviously like PC can be UPnP device

>>>>>>> too

>>>>>>> ,

>>>>>>> WiFi , cameras and so on ) receive that hashed value as

>>>>>>> identification

>>>>>>> ID due to UPnP security spec, so I can't do on my own but at least

>>>>>>> as

>>>>>>> MSFT do that and in managed code ( so can't use (C)API ).

>>>>>>>

>>>>>>> Arkady

>>>>>>>

>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...

>>>>>>>>I answered you several times you can hash your public key in many

>>>>>>>>different ways - all depends on your needs. Ex:

>>>>>>>> 1. Calculate hash on concatenation of little endian modulus with

>>>>>>>> little endian exponent without conversions (little endian is

>>>>>>>> presentation used by CAPI);

>>>>>>>> 2. Calculate hash on concatenation of little endian exponent with

>>>>>>>> little endian modulus without conversions;

>>>>>>>> 3. Calculate hash of little endian modulus and state that you are

>>>>>>>> expecting standard recommended public exponent only 0x1001 and fail

>>>>>>>> processing if exponent is different.

>>>>>>>> 4. Do as in 1, but convert both values to big endian;

>>>>>>>> 5. Do as in 2, but convert both values to big endian;

>>>>>>>> 6. Do as in 3, but convert modulus to big endian;

>>>>>>>> 7. Do as in 1, but convert both values to ASN1;

>>>>>>>> 8. Do as in 2, but convert both values to ASN1;

>>>>>>>> 9. Do as in 3, but convert modulus to ASN1;

>>>>>>>> 7. Do as in 1, but pack both values into xml format;

>>>>>>>> 8. Do as in 2, but pack both values into xml format;

>>>>>>>> 9. Do as in 3, but pack modulus into xml format;

>>>>>>>> 10. any variation of all above;

>>>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;

>>>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;

>>>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER

>>>>>>>> encoded structure of public key as specified in PKCS#1 and

>>>>>>>> calculate

>>>>>>>> hash on that blob;

>>>>>>>> 14. In case if your public key is stored in certificate it is

>>>>>>>> already

>>>>>>>> in the form as in 13 - retrieve public key blob and calculate hash

>>>>>>>> on

>>>>>>>> that blob;

>>>>>>>>

>>>>>>>> I can add a hundred more practical suggestions on how to hash

>>>>>>>> public

>>>>>>>> key. You didn't provide us with concrete requirements to make a

>>>>>>>> single

>>>>>>>> practical suggestion. I have tried to explain that to you several

>>>>>>>> times. I did write that public key could be hashed in many

>>>>>>>> different

>>>>>>>> ways depending on your requirements in several of my posts to that

>>>>>>>> thread.

>>>>>>>>

>>>>>>>> -Valery.

>>>>>>>> http://www.harper.no/valery

>>>>>>>>

>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...

>>>>>>>>>I ask very simple question and really want to read practical advice

>>>>>>>>>:

>>>>>>>>>how to calculate hash from public key , if you ( Valery ) want to

>>>>>>>>>think as I have to calculate public key token ( really I don't need

>>>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to

>>>>>>>>>receive all hash and that is my simple question. Do I need to send

>>>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which

>>>>>>>>>is

>>>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories

>>>>>>>>>of

>>>>>>>>>security algorithms and their output , just practical answer on my

>>>>>>>>>simple question.

>>>>>>>>> I have ( C# code ):

>>>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

>>>>>>>>>

>>>>>>>>> RSAParameters rsaresult = new RSAParameters();

>>>>>>>>>

>>>>>>>>> rsaresult = rsa.ExportParameters(false);

>>>>>>>>>

>>>>>>>>> Now I have public key in the rsaresult and want to know if modulus

>>>>>>>>> will be enough for hash of public key , that's all I need . Like

>>>>>>>>> to

>>>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.

>>>>>>>>>

>>>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*

>>>>>>>>> probably

>>>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];

>>>>>>>>>

>>>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);

>>>>>>>>>

>>>>>>>>> // probably or something else

>>>>>>>>>

>>>>>>>>> //

>>>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

>>>>>>>>>

>>>>>>>>> SHA1Managed sha = new SHA1Managed() ;

>>>>>>>>>

>>>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

>>>>>>>>>

>>>>>>>>> All I want to know what have to be in PKbytes array to receive

>>>>>>>>> hash

>>>>>>>>> of

>>>>>>>>>

>>>>>>>>> public key.

>>>>>>>>>

>>>>>>>>> All I want practical answer on practical question ( please no

>>>>>>>>> theory

>>>>>>>>> , I have enough books around me )

>>>>>>>>>

>>>>>>>>> Arkady

>>>>>>>>>

>>>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message

>>>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...

>>>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

>>>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...

>>>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128

>>>>>>>>>>> bytes

>>>>>>>>>>> used to calculate hash of public key not 131 and not 132.But

>>>>>>>>>>> both

>>>>>>>>>>> of you didn't answer my simple question what is algorithm of

>>>>>>>>>>> callculation hash from public key so I see I have to try other

>>>>>>>>>>> group, indirectly I see both in Windows and open source ( free

>>>>>>>>>>> ssl ) modulus used only but I'm not sure 100%

>>>>>>>>>>> Arkady

>>>>>>>>>>>

>>>>>>>>>> Hmm,

>>>>>>>>>> at first you are asking a completely meaningless question. We've

>>>>>>>>>> tried to clarify your requirements hoping that would show you the

>>>>>>>>>> answers that you were looking for. Instead you simply repeat your

>>>>>>>>>> meaningless question with extra mumbling about some number that

>>>>>>>>>> you

>>>>>>>>>> taken from somewhere...

>>>>>>>>>> How to hash a public key? You take a hash function, send public

>>>>>>>>>> key

>>>>>>>>>> as a parameter to a hash function and get the result. That's at

>>>>>>>>>> least how it is usually done.

>>>>>>>>>> And your "That not correct..." is in fact completely wrong.

>>>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You

>>>>>>>>>> are

>>>>>>>>>> referring to 1024 bit modulus that becomes less and less used due

>>>>>>>>>> to

>>>>>>>>>> simple fact that is providing less than 80 bits of security (and

>>>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits

>>>>>>>>>> was

>>>>>>>>>> successfully factored).

>>>>>>>>>> Public exponent could be any number from 3 up to large integer

>>>>>>>>>> that

>>>>>>>>>> takes a half of bits of modulus (not bigger than that, since

>>>>>>>>>> small

>>>>>>>>>> private exponents are vulnerable to Weiner's attack). The only

>>>>>>>>>> requirement for public and private exponents in rsa is that e*d=1

>>>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is

>>>>>>>>>> (p-1)*(q-1).

>>>>>>>>>> In fact, on other platforms than Windows it's quite usual to have

>>>>>>>>>> public exponent of the same size as private exponent and about

>>>>>>>>>> half-size of modulus, because in this case you actually can use

>>>>>>>>>> public key and private key interchangeably...

>>>>>>>>>>

>>>>>>>>>> But you know, what? I think that you were not really asking for

>>>>>>>>>> help....

>>>>>>>>>>

>>>>>>>>>> -Valery.

>>>>>>>>>> http://www.harper.no/valery

>>>>>>>>>>

>>>>>>>>>

>>>>>>>>>

>>>>>>>>

>>>>>>>

>>>>>>>

>>>>>>

>>>>>

>>>>>

>>>>

>>>>

>>>

>>

>>

>>

>

Valery Pryamikov

07-09-2005, 10:52 PM

Ok, my bad, sorry. :(

It was some time ago when I looked at binary presetnation of Microsoft

CAPI/.Net public keys for the last time - I'm strating to forget things:-).

( must be my negative week :(

Michel I. Gallant wrote in his dotnet keyinfo article

(http://www.jensign.com/JavaScience/dotnet/keyinfo/):

....

(1)The CryptoAPI PUBLICKEYBLOB

is NOT an ASN.1 encoded key structure. Key modulus and exponent

are stored in little-endian order within a PUBLICKEYBLOB.

....

here is MSDN documentation of publickeyblob (with good explanation of all

fields including blobheaders and "magic"):

http://msdn.microsoft.com/library/en-us/seccrypto/security/public_key_blobs.asp

privatekey blob (also used in snk file) is documented here:

http://msdn.microsoft.com/library/en-us/seccrypto/security/private_key_blobs.asp

Mixup is caused by the fact that some CAPI functions (like

CryptImportPublicKeyInfo), while as others are using PUBLIKEYBLOB.

-Valery.

http://www.harper.no/valery

It was some time ago when I looked at binary presetnation of Microsoft

CAPI/.Net public keys for the last time - I'm strating to forget things:-).

( must be my negative week :(

Michel I. Gallant wrote in his dotnet keyinfo article

(http://www.jensign.com/JavaScience/dotnet/keyinfo/):

....

(1)The CryptoAPI PUBLICKEYBLOB

is NOT an ASN.1 encoded key structure. Key modulus and exponent

are stored in little-endian order within a PUBLICKEYBLOB.

....

here is MSDN documentation of publickeyblob (with good explanation of all

fields including blobheaders and "magic"):

http://msdn.microsoft.com/library/en-us/seccrypto/security/public_key_blobs.asp

privatekey blob (also used in snk file) is documented here:

http://msdn.microsoft.com/library/en-us/seccrypto/security/private_key_blobs.asp

Mixup is caused by the fact that some CAPI functions (like

CryptImportPublicKeyInfo), while as others are using PUBLIKEYBLOB.

-Valery.

http://www.harper.no/valery

Michel Gallant

07-09-2005, 10:52 PM

This is exactly why I spent a lot of time documenting this massive

confusion of public key formats! I forget this all the time myself,

and refer to my own articles! LOL

- Mitch

"Valery Pryamikov" <valery@harper.no> wrote in message news:eQKdOi7XFHA.612@TK2MSFTNGP12.phx.gbl...

> Ok, my bad, sorry. :(

> It was some time ago when I looked at binary presetnation of Microsoft

> CAPI/.Net public keys for the last time - I'm strating to forget things:-).

> ( must be my negative week :(

> Michel I. Gallant wrote in his dotnet keyinfo article

> (http://www.jensign.com/JavaScience/dotnet/keyinfo/):

> ...

> (1)The CryptoAPI PUBLICKEYBLOB

> is NOT an ASN.1 encoded key structure. Key modulus and exponent

> are stored in little-endian order within a PUBLICKEYBLOB.

> ...

>

> here is MSDN documentation of publickeyblob (with good explanation of all

> fields including blobheaders and "magic"):

> http://msdn.microsoft.com/library/en-us/seccrypto/security/public_key_blobs.asp

> privatekey blob (also used in snk file) is documented here:

> http://msdn.microsoft.com/library/en-us/seccrypto/security/private_key_blobs.asp

>

> Mixup is caused by the fact that some CAPI functions (like

> CryptImportPublicKeyInfo), while as others are using PUBLIKEYBLOB.

>

> -Valery.

> http://www.harper.no/valery

>

confusion of public key formats! I forget this all the time myself,

and refer to my own articles! LOL

- Mitch

"Valery Pryamikov" <valery@harper.no> wrote in message news:eQKdOi7XFHA.612@TK2MSFTNGP12.phx.gbl...

> Ok, my bad, sorry. :(

> It was some time ago when I looked at binary presetnation of Microsoft

> CAPI/.Net public keys for the last time - I'm strating to forget things:-).

> ( must be my negative week :(

> Michel I. Gallant wrote in his dotnet keyinfo article

> (http://www.jensign.com/JavaScience/dotnet/keyinfo/):

> ...

> (1)The CryptoAPI PUBLICKEYBLOB

> is NOT an ASN.1 encoded key structure. Key modulus and exponent

> are stored in little-endian order within a PUBLICKEYBLOB.

> ...

>

> here is MSDN documentation of publickeyblob (with good explanation of all

> fields including blobheaders and "magic"):

> http://msdn.microsoft.com/library/en-us/seccrypto/security/public_key_blobs.asp

> privatekey blob (also used in snk file) is documented here:

> http://msdn.microsoft.com/library/en-us/seccrypto/security/private_key_blobs.asp

>

> Mixup is caused by the fact that some CAPI functions (like

> CryptImportPublicKeyInfo), while as others are using PUBLIKEYBLOB.

>

> -Valery.

> http://www.harper.no/valery

>

Valery Pryamikov

07-09-2005, 10:52 PM

"Michel Gallant" <neutron@istar.ca> wrote in message

news:%23ytmEm7XFHA.2128@TK2MSFTNGP15.phx.gbl...

> This is exactly why I spent a lot of time documenting this massive

> confusion of public key formats! I forget this all the time myself,

> and refer to my own articles! LOL

LOL

-Valery

http://www.harper.no/valery

news:%23ytmEm7XFHA.2128@TK2MSFTNGP15.phx.gbl...

> This is exactly why I spent a lot of time documenting this massive

> confusion of public key formats! I forget this all the time myself,

> and refer to my own articles! LOL

LOL

-Valery

http://www.harper.no/valery

Arkady Frenkel

07-09-2005, 10:52 PM

Thanks , guys!

I understand that I have to add request to device which format it use to

calculate hash and meanwhile I support for modulus + exponent ( because they

exchanged through xml as 2 separated tokens due to spec ) and maybe .NET

( with wishlist for ASN1 for future ).

Tnx for time and patience :) , Valery.

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:u3IQjE8XFHA.712@TK2MSFTNGP14.phx.gbl...

> "Michel Gallant" <neutron@istar.ca> wrote in message

> news:%23ytmEm7XFHA.2128@TK2MSFTNGP15.phx.gbl...

>> This is exactly why I spent a lot of time documenting this massive

>> confusion of public key formats! I forget this all the time myself,

>> and refer to my own articles! LOL

> LOL

>

> -Valery

> http://www.harper.no/valery

>

I understand that I have to add request to device which format it use to

calculate hash and meanwhile I support for modulus + exponent ( because they

exchanged through xml as 2 separated tokens due to spec ) and maybe .NET

( with wishlist for ASN1 for future ).

Tnx for time and patience :) , Valery.

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:u3IQjE8XFHA.712@TK2MSFTNGP14.phx.gbl...

> "Michel Gallant" <neutron@istar.ca> wrote in message

> news:%23ytmEm7XFHA.2128@TK2MSFTNGP15.phx.gbl...

>> This is exactly why I spent a lot of time documenting this massive

>> confusion of public key formats! I forget this all the time myself,

>> and refer to my own articles! LOL

> LOL

>

> -Valery

> http://www.harper.no/valery

>

Valery Pryamikov

07-09-2005, 10:52 PM

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

news:O7MwYPHYFHA.4032@tk2msftngp13.phx.gbl...

> Thanks , guys!

> I understand that I have to add request to device which format it use to

> calculate hash and meanwhile I support for modulus + exponent ( because

> they exchanged through xml as 2 separated tokens due to spec ) and maybe

> .NET ( with wishlist for ASN1 for future ).

> Tnx for time and patience :) , Valery.

>

> Arkady

It's my pleasure :-). It was mutually useful conversation for us both - for

me it was great to refresh memory about all that stuff. ;-)

-Valery.

http://www.harper.no/valery

news:O7MwYPHYFHA.4032@tk2msftngp13.phx.gbl...

> Thanks , guys!

> I understand that I have to add request to device which format it use to

> calculate hash and meanwhile I support for modulus + exponent ( because

> they exchanged through xml as 2 separated tokens due to spec ) and maybe

> .NET ( with wishlist for ASN1 for future ).

> Tnx for time and patience :) , Valery.

>

> Arkady

It's my pleasure :-). It was mutually useful conversation for us both - for

me it was great to refresh memory about all that stuff. ;-)

-Valery.

http://www.harper.no/valery

Arkady Frenkel

07-09-2005, 10:52 PM

Me too , that only my beginning in this field,so I believe in soon to

continue to refresh you memory :)

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:ei8e%23SPYFHA.2588@TK2MSFTNGP14.phx.gbl...

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:O7MwYPHYFHA.4032@tk2msftngp13.phx.gbl...

>> Thanks , guys!

>> I understand that I have to add request to device which format it use to

>> calculate hash and meanwhile I support for modulus + exponent ( because

>> they exchanged through xml as 2 separated tokens due to spec ) and

>> maybe .NET ( with wishlist for ASN1 for future ).

>> Tnx for time and patience :) , Valery.

>>

>> Arkady

>

>

> It's my pleasure :-). It was mutually useful conversation for us both -

> for me it was great to refresh memory about all that stuff. ;-)

>

> -Valery.

> http://www.harper.no/valery

>

continue to refresh you memory :)

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message

news:ei8e%23SPYFHA.2588@TK2MSFTNGP14.phx.gbl...

>

> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message

> news:O7MwYPHYFHA.4032@tk2msftngp13.phx.gbl...

>> Thanks , guys!

>> I understand that I have to add request to device which format it use to

>> calculate hash and meanwhile I support for modulus + exponent ( because

>> they exchanged through xml as 2 separated tokens due to spec ) and

>> maybe .NET ( with wishlist for ASN1 for future ).

>> Tnx for time and patience :) , Valery.

>>

>> Arkady

>

>

> It's my pleasure :-). It was mutually useful conversation for us both -

> for me it was great to refresh memory about all that stuff. ;-)

>

> -Valery.

> http://www.harper.no/valery

>