Hash of Public key



Arkady Frenkel
07-09-2005, 10:51 PM
Hi!
My question is do hash of public key is hash of it's Modulus or somehow
Exponent involved too
TIA
Arkady

Arkady Frenkel
07-09-2005, 10:51 PM
In other words how I can receive BYTE[] PublicKey
from Modulus and Exponent ?
TIA
Arkady
"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
> Hi!
> My question is do hash of public key is hash of it's Modulus or somehow
> Exponent involved too
> TIA
> Arkady
>

Arkady Frenkel
07-09-2005, 10:51 PM
Tnx , no need.
Example from
http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp
show that PublicKey is Modulus only
Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...
> In other words how I can receive BYTE[] PublicKey
> from Modulus and Exponent ?
> TIA
> Arkady
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
>> Hi!
>> My question is do hash of public key is hash of it's Modulus or somehow
>> Exponent involved too
>> TIA
>> Arkady
>>
>
>

Valery Pryamikov
07-09-2005, 10:51 PM
RSA public key consists of both modulus and exponent. That is btw. shown in
sample that you refer (exponent = {1,0,1} is standard recommended public
exponent - 0x1001 = 2^16+1).
If you are asking about public key token - the hash is calculated over
ASN1.DER sequence containing modulus and exponent both in big endian format
(ie. the form that is specified in PKCS#1).

-Valery.
http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...
> Tnx , no need.
> Example from
> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp
> show that PublicKey is Modulus only
> Arkady
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...
>> In other words how I can receive BYTE[] PublicKey
>> from Modulus and Exponent ?
>> TIA
>> Arkady
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
>>> Hi!
>>> My question is do hash of public key is hash of it's Modulus or somehow
>>> Exponent involved too
>>> TIA
>>> Arkady
>>>
>>
>>
>
>

Arkady Frenkel
07-09-2005, 10:51 PM
Tnx for answer , I don't need public key token because it's 8 last bytes of
hash but hash itself and my question was if in calculation of such hash used
exponent and how. I see that number of bytes for hash calculation input is
128 exactly only modulus without exponent. If I need exponent to be used how
I set for byte array for hash function ?
Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message
news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...
> RSA public key consists of both modulus and exponent. That is btw. shown
> in sample that you refer (exponent = {1,0,1} is standard recommended
> public exponent - 0x1001 = 2^16+1).
> If you are asking about public key token - the hash is calculated over
> ASN1.DER sequence containing modulus and exponent both in big endian
> format (ie. the form that is specified in PKCS#1).
>
> -Valery.
> http://www.harper.no/valery
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...
>> Tnx , no need.
>> Example from
>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp
>> show that PublicKey is Modulus only
>> Arkady
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...
>>> In other words how I can receive BYTE[] PublicKey
>>> from Modulus and Exponent ?
>>> TIA
>>> Arkady
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
>>>> Hi!
>>>> My question is do hash of public key is hash of it's Modulus or somehow
>>>> Exponent involved too
>>>> TIA
>>>> Arkady
>>>>
>>>
>>>
>>
>>
>

Valery Pryamikov
07-09-2005, 10:51 PM
It's not quite clear what you want to do with that hash ... and I'm sure
that you are aware that can calculate hash over whatever data you need
(whether it modulus or not) and the way you want...
but if I were you, I'd calculate the hash of valid publickey ASN1 DER
presentation (as per PKCS#1) which contain both modulus and public
exponent - gives unambiguous specification of hash source data format -
easier to interop ++.

-Valery.
http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...
> Tnx for answer , I don't need public key token because it's 8 last bytes
> of hash but hash itself and my question was if in calculation of such hash
> used exponent and how. I see that number of bytes for hash calculation
> input is 128 exactly only modulus without exponent. If I need exponent to
> be used how I set for byte array for hash function ?
> Arkady
>
> "Valery Pryamikov" <valery@harper.no> wrote in message
> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...
>> RSA public key consists of both modulus and exponent. That is btw. shown
>> in sample that you refer (exponent = {1,0,1} is standard recommended
>> public exponent - 0x1001 = 2^16+1).
>> If you are asking about public key token - the hash is calculated over
>> ASN1.DER sequence containing modulus and exponent both in big endian
>> format (ie. the form that is specified in PKCS#1).
>>
>> -Valery.
>> http://www.harper.no/valery
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...
>>> Tnx , no need.
>>> Example from
>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp
>>> show that PublicKey is Modulus only
>>> Arkady
>>>
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...
>>>> In other words how I can receive BYTE[] PublicKey
>>>> from Modulus and Exponent ?
>>>> TIA
>>>> Arkady
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
>>>>> Hi!
>>>>> My question is do hash of public key is hash of it's Modulus or
>>>>> somehow Exponent involved too
>>>>> TIA
>>>>> Arkady
>>>>>
>>>>
>>>>
>>>
>>>
>>
>
>

Arkady Frenkel
07-09-2005, 10:51 PM
So , how can I calculate hash with hush function which demand byte buffer of
128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's my
question
Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message
news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...
> It's not quite clear what you want to do with that hash ... and I'm sure
> that you are aware that can calculate hash over whatever data you need
> (whether it modulus or not) and the way you want...
> but if I were you, I'd calculate the hash of valid publickey ASN1 DER
> presentation (as per PKCS#1) which contain both modulus and public
> exponent - gives unambiguous specification of hash source data format -
> easier to interop ++.
>
> -Valery.
> http://www.harper.no/valery
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...
>> Tnx for answer , I don't need public key token because it's 8 last bytes
>> of hash but hash itself and my question was if in calculation of such
>> hash used exponent and how. I see that number of bytes for hash
>> calculation input is 128 exactly only modulus without exponent. If I need
>> exponent to be used how I set for byte array for hash function ?
>> Arkady
>>
>> "Valery Pryamikov" <valery@harper.no> wrote in message
>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...
>>> RSA public key consists of both modulus and exponent. That is btw. shown
>>> in sample that you refer (exponent = {1,0,1} is standard recommended
>>> public exponent - 0x1001 = 2^16+1).
>>> If you are asking about public key token - the hash is calculated over
>>> ASN1.DER sequence containing modulus and exponent both in big endian
>>> format (ie. the form that is specified in PKCS#1).
>>>
>>> -Valery.
>>> http://www.harper.no/valery
>>>
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...
>>>> Tnx , no need.
>>>> Example from
>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp
>>>> show that PublicKey is Modulus only
>>>> Arkady
>>>>
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...
>>>>> In other words how I can receive BYTE[] PublicKey
>>>>> from Modulus and Exponent ?
>>>>> TIA
>>>>> Arkady
>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
>>>>>> Hi!
>>>>>> My question is do hash of public key is hash of it's Modulus or
>>>>>> somehow Exponent involved too
>>>>>> TIA
>>>>>> Arkady
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>

Valery Pryamikov
07-09-2005, 10:51 PM
Which hash function demands byte buffer of size 128 bytes on input? I don't
know any such hash functions. The sole reason of existence of hash functions
is that they can get data of arbitrary length and return a fixed number.

-Valery.
http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...
> So , how can I calculate hash with hush function which demand byte buffer
> of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's my
> question
> Arkady
>
> "Valery Pryamikov" <valery@harper.no> wrote in message
> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...
>> It's not quite clear what you want to do with that hash ... and I'm sure
>> that you are aware that can calculate hash over whatever data you need
>> (whether it modulus or not) and the way you want...
>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER
>> presentation (as per PKCS#1) which contain both modulus and public
>> exponent - gives unambiguous specification of hash source data format -
>> easier to interop ++.
>>
>> -Valery.
>> http://www.harper.no/valery
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...
>>> Tnx for answer , I don't need public key token because it's 8 last bytes
>>> of hash but hash itself and my question was if in calculation of such
>>> hash used exponent and how. I see that number of bytes for hash
>>> calculation input is 128 exactly only modulus without exponent. If I
>>> need exponent to be used how I set for byte array for hash function ?
>>> Arkady
>>>
>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...
>>>> RSA public key consists of both modulus and exponent. That is btw.
>>>> shown in sample that you refer (exponent = {1,0,1} is standard
>>>> recommended public exponent - 0x1001 = 2^16+1).
>>>> If you are asking about public key token - the hash is calculated over
>>>> ASN1.DER sequence containing modulus and exponent both in big endian
>>>> format (ie. the form that is specified in PKCS#1).
>>>>
>>>> -Valery.
>>>> http://www.harper.no/valery
>>>>
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...
>>>>> Tnx , no need.
>>>>> Example from
>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp
>>>>> show that PublicKey is Modulus only
>>>>> Arkady
>>>>>
>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...
>>>>>> In other words how I can receive BYTE[] PublicKey
>>>>>> from Modulus and Exponent ?
>>>>>> TIA
>>>>>> Arkady
>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
>>>>>>> Hi!
>>>>>>> My question is do hash of public key is hash of it's Modulus or
>>>>>>> somehow Exponent involved too
>>>>>>> TIA
>>>>>>> Arkady
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>
>

Arkady Frenkel
07-09-2005, 10:51 PM
Sure hash function don't demand that ( my fault in description ) , I mean in
examples public key data of size 128 send to hash. And as examples show that
only modulus.
But I can't find if it enough or I need to do some calculation of modulus
and exponent to receive 128 bytes for hash
Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message
news:%23yL0Yt6WFHA.628@tk2msftngp13.phx.gbl...
> Which hash function demands byte buffer of size 128 bytes on input? I
> don't know any such hash functions. The sole reason of existence of hash
> functions is that they can get data of arbitrary length and return a fixed
> number.
>
> -Valery.
> http://www.harper.no/valery
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...
>> So , how can I calculate hash with hush function which demand byte buffer
>> of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) . That's
>> my question
>> Arkady
>>
>> "Valery Pryamikov" <valery@harper.no> wrote in message
>> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...
>>> It's not quite clear what you want to do with that hash ... and I'm sure
>>> that you are aware that can calculate hash over whatever data you need
>>> (whether it modulus or not) and the way you want...
>>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER
>>> presentation (as per PKCS#1) which contain both modulus and public
>>> exponent - gives unambiguous specification of hash source data format -
>>> easier to interop ++.
>>>
>>> -Valery.
>>> http://www.harper.no/valery
>>>
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...
>>>> Tnx for answer , I don't need public key token because it's 8 last
>>>> bytes of hash but hash itself and my question was if in calculation of
>>>> such hash used exponent and how. I see that number of bytes for hash
>>>> calculation input is 128 exactly only modulus without exponent. If I
>>>> need exponent to be used how I set for byte array for hash function ?
>>>> Arkady
>>>>
>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...
>>>>> RSA public key consists of both modulus and exponent. That is btw.
>>>>> shown in sample that you refer (exponent = {1,0,1} is standard
>>>>> recommended public exponent - 0x1001 = 2^16+1).
>>>>> If you are asking about public key token - the hash is calculated over
>>>>> ASN1.DER sequence containing modulus and exponent both in big endian
>>>>> format (ie. the form that is specified in PKCS#1).
>>>>>
>>>>> -Valery.
>>>>> http://www.harper.no/valery
>>>>>
>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...
>>>>>> Tnx , no need.
>>>>>> Example from
>>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp
>>>>>> show that PublicKey is Modulus only
>>>>>> Arkady
>>>>>>
>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...
>>>>>>> In other words how I can receive BYTE[] PublicKey
>>>>>>> from Modulus and Exponent ?
>>>>>>> TIA
>>>>>>> Arkady
>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
>>>>>>>> Hi!
>>>>>>>> My question is do hash of public key is hash of it's Modulus or
>>>>>>>> somehow Exponent involved too
>>>>>>>> TIA
>>>>>>>> Arkady
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>

Valery Pryamikov
07-09-2005, 10:51 PM
Where did you find a hash in the examples that you refered in your post?
it talks about encryption - not hashing.

-Valery.
http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:OiN6qD7WFHA.2996@TK2MSFTNGP10.phx.gbl...
> Sure hash function don't demand that ( my fault in description ) , I mean
> in examples public key data of size 128 send to hash. And as examples show
> that only modulus.
> But I can't find if it enough or I need to do some calculation of modulus
> and exponent to receive 128 bytes for hash
> Arkady
>
> "Valery Pryamikov" <valery@harper.no> wrote in message
> news:%23yL0Yt6WFHA.628@tk2msftngp13.phx.gbl...
>> Which hash function demands byte buffer of size 128 bytes on input? I
>> don't know any such hash functions. The sole reason of existence of hash
>> functions is that they can get data of arbitrary length and return a
>> fixed number.
>>
>> -Valery.
>> http://www.harper.no/valery
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:eoWbll6WFHA.2540@tk2msftngp13.phx.gbl...
>>> So , how can I calculate hash with hush function which demand byte
>>> buffer of 128 if I have modulus ( 128 bytes) and exponent ( 3 bytes ) .
>>> That's my question
>>> Arkady
>>>
>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>> news:%23IpL$g6WFHA.3620@TK2MSFTNGP09.phx.gbl...
>>>> It's not quite clear what you want to do with that hash ... and I'm
>>>> sure that you are aware that can calculate hash over whatever data you
>>>> need (whether it modulus or not) and the way you want...
>>>> but if I were you, I'd calculate the hash of valid publickey ASN1 DER
>>>> presentation (as per PKCS#1) which contain both modulus and public
>>>> exponent - gives unambiguous specification of hash source data format -
>>>> easier to interop ++.
>>>>
>>>> -Valery.
>>>> http://www.harper.no/valery
>>>>
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:OHkTP$5WFHA.3572@TK2MSFTNGP12.phx.gbl...
>>>>> Tnx for answer , I don't need public key token because it's 8 last
>>>>> bytes of hash but hash itself and my question was if in calculation of
>>>>> such hash used exponent and how. I see that number of bytes for hash
>>>>> calculation input is 128 exactly only modulus without exponent. If I
>>>>> need exponent to be used how I set for byte array for hash function ?
>>>>> Arkady
>>>>>
>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>> news:%23XYTJz4WFHA.2664@TK2MSFTNGP15.phx.gbl...
>>>>>> RSA public key consists of both modulus and exponent. That is btw.
>>>>>> shown in sample that you refer (exponent = {1,0,1} is standard
>>>>>> recommended public exponent - 0x1001 = 2^16+1).
>>>>>> If you are asking about public key token - the hash is calculated
>>>>>> over ASN1.DER sequence containing modulus and exponent both in big
>>>>>> endian format (ie. the form that is specified in PKCS#1).
>>>>>>
>>>>>> -Valery.
>>>>>> http://www.harper.no/valery
>>>>>>
>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>> news:eg3mipyWFHA.3540@TK2MSFTNGP15.phx.gbl...
>>>>>>> Tnx , no need.
>>>>>>> Example from
>>>>>>> http://winfx.msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/winfx/ref/ns/system.security.cryptography/c/rsacryptoserviceprovider/m/encrypt.asp
>>>>>>> show that PublicKey is Modulus only
>>>>>>> Arkady
>>>>>>>
>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>> news:uBePRnyWFHA.2420@TK2MSFTNGP12.phx.gbl...
>>>>>>>> In other words how I can receive BYTE[] PublicKey
>>>>>>>> from Modulus and Exponent ?
>>>>>>>> TIA
>>>>>>>> Arkady
>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>>> news:eP172eyWFHA.3620@TK2MSFTNGP09.phx.gbl...
>>>>>>>>> Hi!
>>>>>>>>> My question is do hash of public key is hash of it's Modulus or
>>>>>>>>> somehow Exponent involved too
>>>>>>>>> TIA
>>>>>>>>> Arkady
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>
>

Juan Segarra Montesinos
07-09-2005, 10:51 PM
On Wed, 18 May 2005, Arkady Frenkel wrote:

> Sure hash function don't demand that ( my fault in description ) , I mean in
> examples public key data of size 128 send to hash. And as examples show that
> only modulus.
> But I can't find if it enough or I need to do some calculation of modulus
> and exponent to receive 128 bytes for hash
> Arkady


Hash functions returns fixed length output on input of arbitrary length.
You don't need to feed the hash functions necessarily with 128 bytes. In
fact, if you want to calculate the id of your key (supose 1024 bits)
concatenating the modulus and the public exponent, your input will be of
128 + 4 (blobs use a DWORD for storing the public exponent) = 132 bytes.

Good luck.

---
Juan Segarra Montesinos
http://juan.nisu.org/

Arkady Frenkel
07-09-2005, 10:51 PM
That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used to
calculate hash of public key not 131 and not 132.But both of you didn't
answer my simple question what is algorithm of callculation hash from
public key so I see I have to try other group, indirectly I see both in
Windows and open source ( free ssl ) modulus used only but I'm not sure 100%
Arkady

"Juan Segarra Montesinos" <sa085144@anubis.uji.es> wrote in message
news:Pine.LNX.4.44.0505181907350.13174-100000@anubis.uji.es...
> On Wed, 18 May 2005, Arkady Frenkel wrote:
>
>> Sure hash function don't demand that ( my fault in description ) , I mean
>> in
>> examples public key data of size 128 send to hash. And as examples show
>> that
>> only modulus.
>> But I can't find if it enough or I need to do some calculation of modulus
>> and exponent to receive 128 bytes for hash
>> Arkady
>
>
> Hash functions returns fixed length output on input of arbitrary length.
> You don't need to feed the hash functions necessarily with 128 bytes. In
> fact, if you want to calculate the id of your key (supose 1024 bits)
> concatenating the modulus and the public exponent, your input will be of
> 128 + 4 (blobs use a DWORD for storing the public exponent) = 132 bytes.
>
> Good luck.
>
> ---
> Juan Segarra Montesinos
> http://juan.nisu.org/
>

Valery Pryamikov
07-09-2005, 10:51 PM
"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used to
> calculate hash of public key not 131 and not 132.But both of you didn't
> answer my simple question what is algorithm of callculation hash from
> public key so I see I have to try other group, indirectly I see both in
> Windows and open source ( free ssl ) modulus used only but I'm not sure
> 100%
> Arkady
>
Hmm,
at first you are asking a completely meaningless question. We've tried to
clarify your requirements hoping that would show you the answers that you
were looking for. Instead you simply repeat your meaningless question with
extra mumbling about some number that you taken from somewhere...
How to hash a public key? You take a hash function, send public key as a
parameter to a hash function and get the result. That's at least how it is
usually done.
And your "That not correct..." is in fact completely wrong.
Modulus and exponent are not measured in bytes, but in bits. You are
referring to 1024 bit modulus that becomes less and less used due to simple
fact that is providing less than 80 bits of security (and just a couple of
weeks ago 740 bits modulus 200 decimal digits was successfully factored).
Public exponent could be any number from 3 up to large integer that takes a
half of bits of modulus (not bigger than that, since small private exponents
are vulnerable to Weiner's attack). The only requirement for public and
private exponents in rsa is that e*d=1 mod phi(m), where phi(m) is Euler's
phi function and is (p-1)*(q-1).
In fact, on other platforms than Windows it's quite usual to have public
exponent of the same size as private exponent and about half-size of
modulus, because in this case you actually can use public key and private
key interchangeably...

But you know, what? I think that you were not really asking for help....

-Valery.
http://www.harper.no/valery

Arkady Frenkel
07-09-2005, 10:51 PM
I ask very simple question and really want to read practical advice : how to
calculate hash from public key , if you ( Valery ) want to think as I have
to calculate public key token ( really I don't need that ) , but before to
receive last 8 bytes ( token ) I have to receive all hash and that is my
simple question. Do I need to send array of bytes of Modulus only or both
( Modulus and Exponent which is 3 ( that I wrote about ) in the case of RSA?
I don't need theories of security algorithms and their output , just
practical answer on my simple question.
I have ( C# code ):
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();

RSAParameters rsaresult = new RSAParameters();

rsaresult = rsa.ExportParameters(false);

Now I have public key in the rsaresult and want to know if modulus will be
enough for hash of public key , that's all I need . Like to extract token
( last reverced 8 bytes ) afterwards e.g.

byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or
something else + rsaresult.Exponent.GetLength(0) */];

rsaresult.Modulus.CopyTo(PKbytes,0);

// probably or something else

// rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));

SHA1Managed sha = new SHA1Managed() ;

byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;

All I want to know what have to be in PKbytes array to receive hash of

public key.

All I want practical answer on practical question ( please no theory , I
have enough books around me )

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message
news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used to
>> calculate hash of public key not 131 and not 132.But both of you didn't
>> answer my simple question what is algorithm of callculation hash from
>> public key so I see I have to try other group, indirectly I see both in
>> Windows and open source ( free ssl ) modulus used only but I'm not sure
>> 100%
>> Arkady
>>
> Hmm,
> at first you are asking a completely meaningless question. We've tried to
> clarify your requirements hoping that would show you the answers that you
> were looking for. Instead you simply repeat your meaningless question with
> extra mumbling about some number that you taken from somewhere...
> How to hash a public key? You take a hash function, send public key as a
> parameter to a hash function and get the result. That's at least how it is
> usually done.
> And your "That not correct..." is in fact completely wrong.
> Modulus and exponent are not measured in bytes, but in bits. You are
> referring to 1024 bit modulus that becomes less and less used due to
> simple fact that is providing less than 80 bits of security (and just a
> couple of weeks ago 740 bits modulus 200 decimal digits was successfully
> factored).
> Public exponent could be any number from 3 up to large integer that takes
> a half of bits of modulus (not bigger than that, since small private
> exponents are vulnerable to Weiner's attack). The only requirement for
> public and private exponents in rsa is that e*d=1 mod phi(m), where phi(m)
> is Euler's phi function and is (p-1)*(q-1).
> In fact, on other platforms than Windows it's quite usual to have public
> exponent of the same size as private exponent and about half-size of
> modulus, because in this case you actually can use public key and private
> key interchangeably...
>
> But you know, what? I think that you were not really asking for help....
>
> -Valery.
> http://www.harper.no/valery
>

Valery Pryamikov
07-09-2005, 10:51 PM
I answered you several times you can hash your public key in many different
ways - all depends on your needs. Ex:
1. Calculate hash on concatenation of little endian modulus with little
endian exponent without conversions (little endian is presentation used by
CAPI);
2. Calculate hash on concatenation of little endian exponent with little
endian modulus without conversions;
3. Calculate hash of little endian modulus and state that you are expecting
standard recommended public exponent only 0x1001 and fail processing if
exponent is different.
4. Do as in 1, but convert both values to big endian;
5. Do as in 2, but convert both values to big endian;
6. Do as in 3, but convert modulus to big endian;
7. Do as in 1, but convert both values to ASN1;
8. Do as in 2, but convert both values to ASN1;
9. Do as in 3, but convert modulus to ASN1;
7. Do as in 1, but pack both values into xml format;
8. Do as in 2, but pack both values into xml format;
9. Do as in 3, but pack modulus into xml format;
10. any variation of all above;
11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER encoded
structure of public key as specified in PKCS#1 and calculate hash on that
blob;
14. In case if your public key is stored in certificate it is already in the
form as in 13 - retrieve public key blob and calculate hash on that blob;

I can add a hundred more practical suggestions on how to hash public key.
You didn't provide us with concrete requirements to make a single practical
suggestion. I have tried to explain that to you several times. I did write
that public key could be hashed in many different ways depending on your
requirements in several of my posts to that thread.

-Valery.
http://www.harper.no/valery

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>I ask very simple question and really want to read practical advice : how
>to calculate hash from public key , if you ( Valery ) want to think as I
>have to calculate public key token ( really I don't need that ) , but
>before to receive last 8 bytes ( token ) I have to receive all hash and
>that is my simple question. Do I need to send array of bytes of Modulus
>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in
>the case of RSA? I don't need theories of security algorithms and their
>output , just practical answer on my simple question.
> I have ( C# code ):
> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>
> RSAParameters rsaresult = new RSAParameters();
>
> rsaresult = rsa.ExportParameters(false);
>
> Now I have public key in the rsaresult and want to know if modulus will be
> enough for hash of public key , that's all I need . Like to extract token
> ( last reverced 8 bytes ) afterwards e.g.
>
> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or
> something else + rsaresult.Exponent.GetLength(0) */];
>
> rsaresult.Modulus.CopyTo(PKbytes,0);
>
> // probably or something else
>
> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>
> SHA1Managed sha = new SHA1Managed() ;
>
> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>
> All I want to know what have to be in PKbytes array to receive hash of
>
> public key.
>
> All I want practical answer on practical question ( please no theory , I
> have enough books around me )
>
> Arkady
>
> "Valery Pryamikov" <valery@harper.no> wrote in message
> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used
>>> to calculate hash of public key not 131 and not 132.But both of you
>>> didn't answer my simple question what is algorithm of callculation hash
>>> from public key so I see I have to try other group, indirectly I see
>>> both in Windows and open source ( free ssl ) modulus used only but I'm
>>> not sure 100%
>>> Arkady
>>>
>> Hmm,
>> at first you are asking a completely meaningless question. We've tried to
>> clarify your requirements hoping that would show you the answers that you
>> were looking for. Instead you simply repeat your meaningless question
>> with extra mumbling about some number that you taken from somewhere...
>> How to hash a public key? You take a hash function, send public key as a
>> parameter to a hash function and get the result. That's at least how it
>> is usually done.
>> And your "That not correct..." is in fact completely wrong.
>> Modulus and exponent are not measured in bytes, but in bits. You are
>> referring to 1024 bit modulus that becomes less and less used due to
>> simple fact that is providing less than 80 bits of security (and just a
>> couple of weeks ago 740 bits modulus 200 decimal digits was successfully
>> factored).
>> Public exponent could be any number from 3 up to large integer that takes
>> a half of bits of modulus (not bigger than that, since small private
>> exponents are vulnerable to Weiner's attack). The only requirement for
>> public and private exponents in rsa is that e*d=1 mod phi(m), where
>> phi(m) is Euler's phi function and is (p-1)*(q-1).
>> In fact, on other platforms than Windows it's quite usual to have public
>> exponent of the same size as private exponent and about half-size of
>> modulus, because in this case you actually can use public key and private
>> key interchangeably...
>>
>> But you know, what? I think that you were not really asking for help....
>>
>> -Valery.
>> http://www.harper.no/valery
>>
>
>

Arkady Frenkel
07-09-2005, 10:51 PM
No , I can't do it on my own .
I need the way MSFT use it ( at least ) because I do it for UPnP device and
other devices ( not mine obviously like PC can be UPnP device too , WiFi ,
cameras and so on ) receive that hashed value as identification ID due to
UPnP security spec, so I can't do on my own but at least as MSFT do that and
in managed code ( so can't use (C)API ).

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message
news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>I answered you several times you can hash your public key in many different
>ways - all depends on your needs. Ex:
> 1. Calculate hash on concatenation of little endian modulus with little
> endian exponent without conversions (little endian is presentation used by
> CAPI);
> 2. Calculate hash on concatenation of little endian exponent with little
> endian modulus without conversions;
> 3. Calculate hash of little endian modulus and state that you are
> expecting standard recommended public exponent only 0x1001 and fail
> processing if exponent is different.
> 4. Do as in 1, but convert both values to big endian;
> 5. Do as in 2, but convert both values to big endian;
> 6. Do as in 3, but convert modulus to big endian;
> 7. Do as in 1, but convert both values to ASN1;
> 8. Do as in 2, but convert both values to ASN1;
> 9. Do as in 3, but convert modulus to ASN1;
> 7. Do as in 1, but pack both values into xml format;
> 8. Do as in 2, but pack both values into xml format;
> 9. Do as in 3, but pack modulus into xml format;
> 10. any variation of all above;
> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
> encoded structure of public key as specified in PKCS#1 and calculate hash
> on that blob;
> 14. In case if your public key is stored in certificate it is already in
> the form as in 13 - retrieve public key blob and calculate hash on that
> blob;
>
> I can add a hundred more practical suggestions on how to hash public key.
> You didn't provide us with concrete requirements to make a single
> practical suggestion. I have tried to explain that to you several times.
> I did write that public key could be hashed in many different ways
> depending on your requirements in several of my posts to that thread.
>
> -Valery.
> http://www.harper.no/valery
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>I ask very simple question and really want to read practical advice : how
>>to calculate hash from public key , if you ( Valery ) want to think as I
>>have to calculate public key token ( really I don't need that ) , but
>>before to receive last 8 bytes ( token ) I have to receive all hash and
>>that is my simple question. Do I need to send array of bytes of Modulus
>>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in
>>the case of RSA? I don't need theories of security algorithms and their
>>output , just practical answer on my simple question.
>> I have ( C# code ):
>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>
>> RSAParameters rsaresult = new RSAParameters();
>>
>> rsaresult = rsa.ExportParameters(false);
>>
>> Now I have public key in the rsaresult and want to know if modulus will
>> be enough for hash of public key , that's all I need . Like to extract
>> token ( last reverced 8 bytes ) afterwards e.g.
>>
>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or
>> something else + rsaresult.Exponent.GetLength(0) */];
>>
>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>
>> // probably or something else
>>
>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>
>> SHA1Managed sha = new SHA1Managed() ;
>>
>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>
>> All I want to know what have to be in PKbytes array to receive hash of
>>
>> public key.
>>
>> All I want practical answer on practical question ( please no theory , I
>> have enough books around me )
>>
>> Arkady
>>
>> "Valery Pryamikov" <valery@harper.no> wrote in message
>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used
>>>> to calculate hash of public key not 131 and not 132.But both of you
>>>> didn't answer my simple question what is algorithm of callculation hash
>>>> from public key so I see I have to try other group, indirectly I see
>>>> both in Windows and open source ( free ssl ) modulus used only but I'm
>>>> not sure 100%
>>>> Arkady
>>>>
>>> Hmm,
>>> at first you are asking a completely meaningless question. We've tried
>>> to clarify your requirements hoping that would show you the answers that
>>> you were looking for. Instead you simply repeat your meaningless
>>> question with extra mumbling about some number that you taken from
>>> somewhere...
>>> How to hash a public key? You take a hash function, send public key as a
>>> parameter to a hash function and get the result. That's at least how it
>>> is usually done.
>>> And your "That not correct..." is in fact completely wrong.
>>> Modulus and exponent are not measured in bytes, but in bits. You are
>>> referring to 1024 bit modulus that becomes less and less used due to
>>> simple fact that is providing less than 80 bits of security (and just a
>>> couple of weeks ago 740 bits modulus 200 decimal digits was successfully
>>> factored).
>>> Public exponent could be any number from 3 up to large integer that
>>> takes a half of bits of modulus (not bigger than that, since small
>>> private exponents are vulnerable to Weiner's attack). The only
>>> requirement for public and private exponents in rsa is that e*d=1 mod
>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).
>>> In fact, on other platforms than Windows it's quite usual to have public
>>> exponent of the same size as private exponent and about half-size of
>>> modulus, because in this case you actually can use public key and
>>> private key interchangeably...
>>>
>>> But you know, what? I think that you were not really asking for help....
>>>
>>> -Valery.
>>> http://www.harper.no/valery
>>>
>>
>>
>

Valery Pryamikov
07-09-2005, 10:51 PM
Well, that was the first time you actually revealed some of your
requirements :-).
in that case - you need to hash ASN1.DER encodded public key structure as it
is specified in PKCS#1. This is the same form of public key as publickey
blob stored inside X509 certificates and you can do it with managed code
only. In case if you can use interop to CAPI, or use .Net 2.0. - it would
spare you some low-level conversion work.
Check Mitch Gallant's web site for good description of ASN1 encoding from
..Net framework:
http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html

For a sample aplication that uses a lot of C# to CAPI interop and does lots
of public key related processing you can check my old PPC Certificate
Manager sample:
http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957

-Valery.
http://www.harper.no/valery


"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
> No , I can't do it on my own .
> I need the way MSFT use it ( at least ) because I do it for UPnP device
> and other devices ( not mine obviously like PC can be UPnP device too ,
> WiFi , cameras and so on ) receive that hashed value as identification ID
> due to UPnP security spec, so I can't do on my own but at least as MSFT do
> that and in managed code ( so can't use (C)API ).
>
> Arkady
>
> "Valery Pryamikov" <valery@harper.no> wrote in message
> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>I answered you several times you can hash your public key in many
>>different ways - all depends on your needs. Ex:
>> 1. Calculate hash on concatenation of little endian modulus with little
>> endian exponent without conversions (little endian is presentation used
>> by CAPI);
>> 2. Calculate hash on concatenation of little endian exponent with little
>> endian modulus without conversions;
>> 3. Calculate hash of little endian modulus and state that you are
>> expecting standard recommended public exponent only 0x1001 and fail
>> processing if exponent is different.
>> 4. Do as in 1, but convert both values to big endian;
>> 5. Do as in 2, but convert both values to big endian;
>> 6. Do as in 3, but convert modulus to big endian;
>> 7. Do as in 1, but convert both values to ASN1;
>> 8. Do as in 2, but convert both values to ASN1;
>> 9. Do as in 3, but convert modulus to ASN1;
>> 7. Do as in 1, but pack both values into xml format;
>> 8. Do as in 2, but pack both values into xml format;
>> 9. Do as in 3, but pack modulus into xml format;
>> 10. any variation of all above;
>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>> encoded structure of public key as specified in PKCS#1 and calculate hash
>> on that blob;
>> 14. In case if your public key is stored in certificate it is already in
>> the form as in 13 - retrieve public key blob and calculate hash on that
>> blob;
>>
>> I can add a hundred more practical suggestions on how to hash public key.
>> You didn't provide us with concrete requirements to make a single
>> practical suggestion. I have tried to explain that to you several times.
>> I did write that public key could be hashed in many different ways
>> depending on your requirements in several of my posts to that thread.
>>
>> -Valery.
>> http://www.harper.no/valery
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>I ask very simple question and really want to read practical advice : how
>>>to calculate hash from public key , if you ( Valery ) want to think as I
>>>have to calculate public key token ( really I don't need that ) , but
>>>before to receive last 8 bytes ( token ) I have to receive all hash and
>>>that is my simple question. Do I need to send array of bytes of Modulus
>>>only or both ( Modulus and Exponent which is 3 ( that I wrote about ) in
>>>the case of RSA? I don't need theories of security algorithms and their
>>>output , just practical answer on my simple question.
>>> I have ( C# code ):
>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>
>>> RSAParameters rsaresult = new RSAParameters();
>>>
>>> rsaresult = rsa.ExportParameters(false);
>>>
>>> Now I have public key in the rsaresult and want to know if modulus will
>>> be enough for hash of public key , that's all I need . Like to extract
>>> token ( last reverced 8 bytes ) afterwards e.g.
>>>
>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably or
>>> something else + rsaresult.Exponent.GetLength(0) */];
>>>
>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>
>>> // probably or something else
>>>
>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>
>>> SHA1Managed sha = new SHA1Managed() ;
>>>
>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>
>>> All I want to know what have to be in PKbytes array to receive hash of
>>>
>>> public key.
>>>
>>> All I want practical answer on practical question ( please no theory , I
>>> have enough books around me )
>>>
>>> Arkady
>>>
>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes used
>>>>> to calculate hash of public key not 131 and not 132.But both of you
>>>>> didn't answer my simple question what is algorithm of callculation
>>>>> hash from public key so I see I have to try other group, indirectly I
>>>>> see both in Windows and open source ( free ssl ) modulus used only but
>>>>> I'm not sure 100%
>>>>> Arkady
>>>>>
>>>> Hmm,
>>>> at first you are asking a completely meaningless question. We've tried
>>>> to clarify your requirements hoping that would show you the answers
>>>> that you were looking for. Instead you simply repeat your meaningless
>>>> question with extra mumbling about some number that you taken from
>>>> somewhere...
>>>> How to hash a public key? You take a hash function, send public key as
>>>> a parameter to a hash function and get the result. That's at least how
>>>> it is usually done.
>>>> And your "That not correct..." is in fact completely wrong.
>>>> Modulus and exponent are not measured in bytes, but in bits. You are
>>>> referring to 1024 bit modulus that becomes less and less used due to
>>>> simple fact that is providing less than 80 bits of security (and just a
>>>> couple of weeks ago 740 bits modulus 200 decimal digits was
>>>> successfully factored).
>>>> Public exponent could be any number from 3 up to large integer that
>>>> takes a half of bits of modulus (not bigger than that, since small
>>>> private exponents are vulnerable to Weiner's attack). The only
>>>> requirement for public and private exponents in rsa is that e*d=1 mod
>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).
>>>> In fact, on other platforms than Windows it's quite usual to have
>>>> public exponent of the same size as private exponent and about
>>>> half-size of modulus, because in this case you actually can use public
>>>> key and private key interchangeably...
>>>>
>>>> But you know, what? I think that you were not really asking for
>>>> help....
>>>>
>>>> -Valery.
>>>> http://www.harper.no/valery
>>>>
>>>
>>>
>>
>
>

Arkady Frenkel
07-09-2005, 10:51 PM
Tnx Valery , I'm out of office and have take some to learn the stuff
Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message
news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...
> Well, that was the first time you actually revealed some of your
> requirements :-).
> in that case - you need to hash ASN1.DER encodded public key structure as
> it is specified in PKCS#1. This is the same form of public key as
> publickey blob stored inside X509 certificates and you can do it with
> managed code only. In case if you can use interop to CAPI, or use .Net
> 2.0. - it would spare you some low-level conversion work.
> Check Mitch Gallant's web site for good description of ASN1 encoding from
> .Net framework:
> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html
>
> For a sample aplication that uses a lot of C# to CAPI interop and does
> lots of public key related processing you can check my old PPC Certificate
> Manager sample:
> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957
>
> -Valery.
> http://www.harper.no/valery
>
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
>> No , I can't do it on my own .
>> I need the way MSFT use it ( at least ) because I do it for UPnP device
>> and other devices ( not mine obviously like PC can be UPnP device too ,
>> WiFi , cameras and so on ) receive that hashed value as identification ID
>> due to UPnP security spec, so I can't do on my own but at least as MSFT
>> do that and in managed code ( so can't use (C)API ).
>>
>> Arkady
>>
>> "Valery Pryamikov" <valery@harper.no> wrote in message
>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>>I answered you several times you can hash your public key in many
>>>different ways - all depends on your needs. Ex:
>>> 1. Calculate hash on concatenation of little endian modulus with little
>>> endian exponent without conversions (little endian is presentation used
>>> by CAPI);
>>> 2. Calculate hash on concatenation of little endian exponent with little
>>> endian modulus without conversions;
>>> 3. Calculate hash of little endian modulus and state that you are
>>> expecting standard recommended public exponent only 0x1001 and fail
>>> processing if exponent is different.
>>> 4. Do as in 1, but convert both values to big endian;
>>> 5. Do as in 2, but convert both values to big endian;
>>> 6. Do as in 3, but convert modulus to big endian;
>>> 7. Do as in 1, but convert both values to ASN1;
>>> 8. Do as in 2, but convert both values to ASN1;
>>> 9. Do as in 3, but convert modulus to ASN1;
>>> 7. Do as in 1, but pack both values into xml format;
>>> 8. Do as in 2, but pack both values into xml format;
>>> 9. Do as in 3, but pack modulus into xml format;
>>> 10. any variation of all above;
>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>>> encoded structure of public key as specified in PKCS#1 and calculate
>>> hash on that blob;
>>> 14. In case if your public key is stored in certificate it is already in
>>> the form as in 13 - retrieve public key blob and calculate hash on that
>>> blob;
>>>
>>> I can add a hundred more practical suggestions on how to hash public
>>> key. You didn't provide us with concrete requirements to make a single
>>> practical suggestion. I have tried to explain that to you several times.
>>> I did write that public key could be hashed in many different ways
>>> depending on your requirements in several of my posts to that thread.
>>>
>>> -Valery.
>>> http://www.harper.no/valery
>>>
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>>I ask very simple question and really want to read practical advice :
>>>>how to calculate hash from public key , if you ( Valery ) want to think
>>>>as I have to calculate public key token ( really I don't need that ) ,
>>>>but before to receive last 8 bytes ( token ) I have to receive all hash
>>>>and that is my simple question. Do I need to send array of bytes of
>>>>Modulus only or both ( Modulus and Exponent which is 3 ( that I wrote
>>>>about ) in the case of RSA? I don't need theories of security algorithms
>>>>and their output , just practical answer on my simple question.
>>>> I have ( C# code ):
>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>>
>>>> RSAParameters rsaresult = new RSAParameters();
>>>>
>>>> rsaresult = rsa.ExportParameters(false);
>>>>
>>>> Now I have public key in the rsaresult and want to know if modulus will
>>>> be enough for hash of public key , that's all I need . Like to extract
>>>> token ( last reverced 8 bytes ) afterwards e.g.
>>>>
>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably
>>>> or something else + rsaresult.Exponent.GetLength(0) */];
>>>>
>>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>>
>>>> // probably or something else
>>>>
>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>>
>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>
>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>>
>>>> All I want to know what have to be in PKbytes array to receive hash of
>>>>
>>>> public key.
>>>>
>>>> All I want practical answer on practical question ( please no theory ,
>>>> I have enough books around me )
>>>>
>>>> Arkady
>>>>
>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes
>>>>>> used to calculate hash of public key not 131 and not 132.But both of
>>>>>> you didn't answer my simple question what is algorithm of
>>>>>> callculation hash from public key so I see I have to try other
>>>>>> group, indirectly I see both in Windows and open source ( free ssl )
>>>>>> modulus used only but I'm not sure 100%
>>>>>> Arkady
>>>>>>
>>>>> Hmm,
>>>>> at first you are asking a completely meaningless question. We've tried
>>>>> to clarify your requirements hoping that would show you the answers
>>>>> that you were looking for. Instead you simply repeat your meaningless
>>>>> question with extra mumbling about some number that you taken from
>>>>> somewhere...
>>>>> How to hash a public key? You take a hash function, send public key as
>>>>> a parameter to a hash function and get the result. That's at least how
>>>>> it is usually done.
>>>>> And your "That not correct..." is in fact completely wrong.
>>>>> Modulus and exponent are not measured in bytes, but in bits. You are
>>>>> referring to 1024 bit modulus that becomes less and less used due to
>>>>> simple fact that is providing less than 80 bits of security (and just
>>>>> a couple of weeks ago 740 bits modulus 200 decimal digits was
>>>>> successfully factored).
>>>>> Public exponent could be any number from 3 up to large integer that
>>>>> takes a half of bits of modulus (not bigger than that, since small
>>>>> private exponents are vulnerable to Weiner's attack). The only
>>>>> requirement for public and private exponents in rsa is that e*d=1 mod
>>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).
>>>>> In fact, on other platforms than Windows it's quite usual to have
>>>>> public exponent of the same size as private exponent and about
>>>>> half-size of modulus, because in this case you actually can use public
>>>>> key and private key interchangeably...
>>>>>
>>>>> But you know, what? I think that you were not really asking for
>>>>> help....
>>>>>
>>>>> -Valery.
>>>>> http://www.harper.no/valery
>>>>>
>>>>
>>>>
>>>
>>
>>
>

Arkady Frenkel
07-09-2005, 10:52 PM
Let's continue:)..
I'll return to ASN.DER afterwards but now I want to dig into .NET format. I
did keypair file with sn.exe end extracted public key from it to file. Now I
can read it and make the hash of it with next :

myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",
FileMode.Open, FileAccess.Read));

....

byte []pk;

pk = myAssembly.GetName().GetPublicKey();

SHA1Managed sha = new SHA1Managed() ;

byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.

byte []pt;

pt = myAssembly.GetName().GetPublicKeyToken();

And I see that reversed 8 last bytes of p[] are the same as
GetPublicKeyToken() return , so I see that all 160 bytes of Public key .Net
struct used for hash .

I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is
length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+
PUBLICKEYBLOB.
Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004
in my case.

TIA
Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...
> Tnx Valery , I'm out of office and have take some to learn the stuff
> Arkady
>
> "Valery Pryamikov" <valery@harper.no> wrote in message
> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...
>> Well, that was the first time you actually revealed some of your
>> requirements :-).
>> in that case - you need to hash ASN1.DER encodded public key structure as
>> it is specified in PKCS#1. This is the same form of public key as
>> publickey blob stored inside X509 certificates and you can do it with
>> managed code only. In case if you can use interop to CAPI, or use .Net
>> 2.0. - it would spare you some low-level conversion work.
>> Check Mitch Gallant's web site for good description of ASN1 encoding from
>> .Net framework:
>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html
>>
>> For a sample aplication that uses a lot of C# to CAPI interop and does
>> lots of public key related processing you can check my old PPC
>> Certificate Manager sample:
>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957
>>
>> -Valery.
>> http://www.harper.no/valery
>>
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
>>> No , I can't do it on my own .
>>> I need the way MSFT use it ( at least ) because I do it for UPnP device
>>> and other devices ( not mine obviously like PC can be UPnP device too ,
>>> WiFi , cameras and so on ) receive that hashed value as identification
>>> ID due to UPnP security spec, so I can't do on my own but at least as
>>> MSFT do that and in managed code ( so can't use (C)API ).
>>>
>>> Arkady
>>>
>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>>>I answered you several times you can hash your public key in many
>>>>different ways - all depends on your needs. Ex:
>>>> 1. Calculate hash on concatenation of little endian modulus with little
>>>> endian exponent without conversions (little endian is presentation used
>>>> by CAPI);
>>>> 2. Calculate hash on concatenation of little endian exponent with
>>>> little endian modulus without conversions;
>>>> 3. Calculate hash of little endian modulus and state that you are
>>>> expecting standard recommended public exponent only 0x1001 and fail
>>>> processing if exponent is different.
>>>> 4. Do as in 1, but convert both values to big endian;
>>>> 5. Do as in 2, but convert both values to big endian;
>>>> 6. Do as in 3, but convert modulus to big endian;
>>>> 7. Do as in 1, but convert both values to ASN1;
>>>> 8. Do as in 2, but convert both values to ASN1;
>>>> 9. Do as in 3, but convert modulus to ASN1;
>>>> 7. Do as in 1, but pack both values into xml format;
>>>> 8. Do as in 2, but pack both values into xml format;
>>>> 9. Do as in 3, but pack modulus into xml format;
>>>> 10. any variation of all above;
>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>>>> encoded structure of public key as specified in PKCS#1 and calculate
>>>> hash on that blob;
>>>> 14. In case if your public key is stored in certificate it is already
>>>> in the form as in 13 - retrieve public key blob and calculate hash on
>>>> that blob;
>>>>
>>>> I can add a hundred more practical suggestions on how to hash public
>>>> key. You didn't provide us with concrete requirements to make a single
>>>> practical suggestion. I have tried to explain that to you several
>>>> times. I did write that public key could be hashed in many different
>>>> ways depending on your requirements in several of my posts to that
>>>> thread.
>>>>
>>>> -Valery.
>>>> http://www.harper.no/valery
>>>>
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>>>I ask very simple question and really want to read practical advice :
>>>>>how to calculate hash from public key , if you ( Valery ) want to think
>>>>>as I have to calculate public key token ( really I don't need that ) ,
>>>>>but before to receive last 8 bytes ( token ) I have to receive all hash
>>>>>and that is my simple question. Do I need to send array of bytes of
>>>>>Modulus only or both ( Modulus and Exponent which is 3 ( that I wrote
>>>>>about ) in the case of RSA? I don't need theories of security
>>>>>algorithms and their output , just practical answer on my simple
>>>>>question.
>>>>> I have ( C# code ):
>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>>>
>>>>> RSAParameters rsaresult = new RSAParameters();
>>>>>
>>>>> rsaresult = rsa.ExportParameters(false);
>>>>>
>>>>> Now I have public key in the rsaresult and want to know if modulus
>>>>> will be enough for hash of public key , that's all I need . Like to
>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.
>>>>>
>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably
>>>>> or something else + rsaresult.Exponent.GetLength(0) */];
>>>>>
>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>>>
>>>>> // probably or something else
>>>>>
>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>>>
>>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>>
>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>>>
>>>>> All I want to know what have to be in PKbytes array to receive hash of
>>>>>
>>>>> public key.
>>>>>
>>>>> All I want practical answer on practical question ( please no theory ,
>>>>> I have enough books around me )
>>>>>
>>>>> Arkady
>>>>>
>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes
>>>>>>> used to calculate hash of public key not 131 and not 132.But both of
>>>>>>> you didn't answer my simple question what is algorithm of
>>>>>>> callculation hash from public key so I see I have to try other
>>>>>>> group, indirectly I see both in Windows and open source ( free ssl )
>>>>>>> modulus used only but I'm not sure 100%
>>>>>>> Arkady
>>>>>>>
>>>>>> Hmm,
>>>>>> at first you are asking a completely meaningless question. We've
>>>>>> tried to clarify your requirements hoping that would show you the
>>>>>> answers that you were looking for. Instead you simply repeat your
>>>>>> meaningless question with extra mumbling about some number that you
>>>>>> taken from somewhere...
>>>>>> How to hash a public key? You take a hash function, send public key
>>>>>> as a parameter to a hash function and get the result. That's at least
>>>>>> how it is usually done.
>>>>>> And your "That not correct..." is in fact completely wrong.
>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are
>>>>>> referring to 1024 bit modulus that becomes less and less used due to
>>>>>> simple fact that is providing less than 80 bits of security (and just
>>>>>> a couple of weeks ago 740 bits modulus 200 decimal digits was
>>>>>> successfully factored).
>>>>>> Public exponent could be any number from 3 up to large integer that
>>>>>> takes a half of bits of modulus (not bigger than that, since small
>>>>>> private exponents are vulnerable to Weiner's attack). The only
>>>>>> requirement for public and private exponents in rsa is that e*d=1 mod
>>>>>> phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).
>>>>>> In fact, on other platforms than Windows it's quite usual to have
>>>>>> public exponent of the same size as private exponent and about
>>>>>> half-size of modulus, because in this case you actually can use
>>>>>> public key and private key interchangeably...
>>>>>>
>>>>>> But you know, what? I think that you were not really asking for
>>>>>> help....
>>>>>>
>>>>>> -Valery.
>>>>>> http://www.harper.no/valery
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>
>

Arkady Frenkel
07-09-2005, 10:52 PM
Additionally Valery : why public key differ when I do -pt from PairKey.snk
file and the PublicKey.snk file extracted from the previous one ?
TIA
Arkady

"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...
> Let's continue:)..
> I'll return to ASN.DER afterwards but now I want to dig into .NET format.
> I did keypair file with sn.exe end extracted public key from it to file.
> Now I can read it and make the hash of it with next :
>
> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",
> FileMode.Open, FileAccess.Read));
>
> ...
>
> byte []pk;
>
> pk = myAssembly.GetName().GetPublicKey();
>
> SHA1Managed sha = new SHA1Managed() ;
>
> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.
>
> byte []pt;
>
> pt = myAssembly.GetName().GetPublicKeyToken();
>
> And I see that reversed 8 last bytes of p[] are the same as
> GetPublicKeyToken() return , so I see that all 160 bytes of Public key
> .Net struct used for hash .
>
> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is
> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+
> PUBLICKEYBLOB.
> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004
> in my case.
>
> TIA
> Arkady
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...
>> Tnx Valery , I'm out of office and have take some to learn the stuff
>> Arkady
>>
>> "Valery Pryamikov" <valery@harper.no> wrote in message
>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...
>>> Well, that was the first time you actually revealed some of your
>>> requirements :-).
>>> in that case - you need to hash ASN1.DER encodded public key structure
>>> as it is specified in PKCS#1. This is the same form of public key as
>>> publickey blob stored inside X509 certificates and you can do it with
>>> managed code only. In case if you can use interop to CAPI, or use .Net
>>> 2.0. - it would spare you some low-level conversion work.
>>> Check Mitch Gallant's web site for good description of ASN1 encoding
>>> from .Net framework:
>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html
>>>
>>> For a sample aplication that uses a lot of C# to CAPI interop and does
>>> lots of public key related processing you can check my old PPC
>>> Certificate Manager sample:
>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957
>>>
>>> -Valery.
>>> http://www.harper.no/valery
>>>
>>>
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
>>>> No , I can't do it on my own .
>>>> I need the way MSFT use it ( at least ) because I do it for UPnP device
>>>> and other devices ( not mine obviously like PC can be UPnP device too ,
>>>> WiFi , cameras and so on ) receive that hashed value as identification
>>>> ID due to UPnP security spec, so I can't do on my own but at least as
>>>> MSFT do that and in managed code ( so can't use (C)API ).
>>>>
>>>> Arkady
>>>>
>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>>>>I answered you several times you can hash your public key in many
>>>>>different ways - all depends on your needs. Ex:
>>>>> 1. Calculate hash on concatenation of little endian modulus with
>>>>> little endian exponent without conversions (little endian is
>>>>> presentation used by CAPI);
>>>>> 2. Calculate hash on concatenation of little endian exponent with
>>>>> little endian modulus without conversions;
>>>>> 3. Calculate hash of little endian modulus and state that you are
>>>>> expecting standard recommended public exponent only 0x1001 and fail
>>>>> processing if exponent is different.
>>>>> 4. Do as in 1, but convert both values to big endian;
>>>>> 5. Do as in 2, but convert both values to big endian;
>>>>> 6. Do as in 3, but convert modulus to big endian;
>>>>> 7. Do as in 1, but convert both values to ASN1;
>>>>> 8. Do as in 2, but convert both values to ASN1;
>>>>> 9. Do as in 3, but convert modulus to ASN1;
>>>>> 7. Do as in 1, but pack both values into xml format;
>>>>> 8. Do as in 2, but pack both values into xml format;
>>>>> 9. Do as in 3, but pack modulus into xml format;
>>>>> 10. any variation of all above;
>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>>>>> encoded structure of public key as specified in PKCS#1 and calculate
>>>>> hash on that blob;
>>>>> 14. In case if your public key is stored in certificate it is already
>>>>> in the form as in 13 - retrieve public key blob and calculate hash on
>>>>> that blob;
>>>>>
>>>>> I can add a hundred more practical suggestions on how to hash public
>>>>> key. You didn't provide us with concrete requirements to make a single
>>>>> practical suggestion. I have tried to explain that to you several
>>>>> times. I did write that public key could be hashed in many different
>>>>> ways depending on your requirements in several of my posts to that
>>>>> thread.
>>>>>
>>>>> -Valery.
>>>>> http://www.harper.no/valery
>>>>>
>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>>>>I ask very simple question and really want to read practical advice :
>>>>>>how to calculate hash from public key , if you ( Valery ) want to
>>>>>>think as I have to calculate public key token ( really I don't need
>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to
>>>>>>receive all hash and that is my simple question. Do I need to send
>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which is
>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of
>>>>>>security algorithms and their output , just practical answer on my
>>>>>>simple question.
>>>>>> I have ( C# code ):
>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>>>>
>>>>>> RSAParameters rsaresult = new RSAParameters();
>>>>>>
>>>>>> rsaresult = rsa.ExportParameters(false);
>>>>>>
>>>>>> Now I have public key in the rsaresult and want to know if modulus
>>>>>> will be enough for hash of public key , that's all I need . Like to
>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.
>>>>>>
>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably
>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];
>>>>>>
>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>>>>
>>>>>> // probably or something else
>>>>>>
>>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>>>>
>>>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>>>
>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>>>>
>>>>>> All I want to know what have to be in PKbytes array to receive hash
>>>>>> of
>>>>>>
>>>>>> public key.
>>>>>>
>>>>>> All I want practical answer on practical question ( please no theory
>>>>>> , I have enough books around me )
>>>>>>
>>>>>> Arkady
>>>>>>
>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes
>>>>>>>> used to calculate hash of public key not 131 and not 132.But both
>>>>>>>> of you didn't answer my simple question what is algorithm of
>>>>>>>> callculation hash from public key so I see I have to try other
>>>>>>>> group, indirectly I see both in Windows and open source ( free
>>>>>>>> ssl ) modulus used only but I'm not sure 100%
>>>>>>>> Arkady
>>>>>>>>
>>>>>>> Hmm,
>>>>>>> at first you are asking a completely meaningless question. We've
>>>>>>> tried to clarify your requirements hoping that would show you the
>>>>>>> answers that you were looking for. Instead you simply repeat your
>>>>>>> meaningless question with extra mumbling about some number that you
>>>>>>> taken from somewhere...
>>>>>>> How to hash a public key? You take a hash function, send public key
>>>>>>> as a parameter to a hash function and get the result. That's at
>>>>>>> least how it is usually done.
>>>>>>> And your "That not correct..." is in fact completely wrong.
>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are
>>>>>>> referring to 1024 bit modulus that becomes less and less used due to
>>>>>>> simple fact that is providing less than 80 bits of security (and
>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was
>>>>>>> successfully factored).
>>>>>>> Public exponent could be any number from 3 up to large integer that
>>>>>>> takes a half of bits of modulus (not bigger than that, since small
>>>>>>> private exponents are vulnerable to Weiner's attack). The only
>>>>>>> requirement for public and private exponents in rsa is that e*d=1
>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).
>>>>>>> In fact, on other platforms than Windows it's quite usual to have
>>>>>>> public exponent of the same size as private exponent and about
>>>>>>> half-size of modulus, because in this case you actually can use
>>>>>>> public key and private key interchangeably...
>>>>>>>
>>>>>>> But you know, what? I think that you were not really asking for
>>>>>>> help....
>>>>>>>
>>>>>>> -Valery.
>>>>>>> http://www.harper.no/valery
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>
>

Valery Pryamikov
07-09-2005, 10:52 PM
myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public key
as
RSAPublicKey ::= SEQUENCE {
modulus INTEGER,
publicExponent INTEGER
}
it means - it contain sequence's tag, size of the content, and big-endian
integers for modulus and publicExponent. Modulus is prepended 0x0 byte for
ensuring that leading bit will always be 0. Check your pk array to see
binary presentation. snk file contains information recorded in different way
that is proprietary and undocumented (except for code that comes with
Rotor). Strongname.h only contains definition of PublicKeyBlob that consist
of some extra information, but PublicKey inside of this structure is
ASN1.DER encoded structure. For playing with public keys (and other ASN
structures) you can use ASNDump utility (just Google for it).
Arkady, I've told you about ASN1. from my first post to that thread. Can
you, please, check the information I already gave you before asking any
further questions...

-Valery.
http://www.harper.no/valery


"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...
> Let's continue:)..
> I'll return to ASN.DER afterwards but now I want to dig into .NET format.
> I did keypair file with sn.exe end extracted public key from it to file.
> Now I can read it and make the hash of it with next :
>
> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",
> FileMode.Open, FileAccess.Read));
>
> ...
>
> byte []pk;
>
> pk = myAssembly.GetName().GetPublicKey();
>
> SHA1Managed sha = new SHA1Managed() ;
>
> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.
>
> byte []pt;
>
> pt = myAssembly.GetName().GetPublicKeyToken();
>
> And I see that reversed 8 last bytes of p[] are the same as
> GetPublicKeyToken() return , so I see that all 160 bytes of Public key
> .Net struct used for hash .
>
> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3 is
> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+
> PUBLICKEYBLOB.
> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 & 0x8004
> in my case.
>
> TIA
> Arkady
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...
>> Tnx Valery , I'm out of office and have take some to learn the stuff
>> Arkady
>>
>> "Valery Pryamikov" <valery@harper.no> wrote in message
>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...
>>> Well, that was the first time you actually revealed some of your
>>> requirements :-).
>>> in that case - you need to hash ASN1.DER encodded public key structure
>>> as it is specified in PKCS#1. This is the same form of public key as
>>> publickey blob stored inside X509 certificates and you can do it with
>>> managed code only. In case if you can use interop to CAPI, or use .Net
>>> 2.0. - it would spare you some low-level conversion work.
>>> Check Mitch Gallant's web site for good description of ASN1 encoding
>>> from .Net framework:
>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html
>>>
>>> For a sample aplication that uses a lot of C# to CAPI interop and does
>>> lots of public key related processing you can check my old PPC
>>> Certificate Manager sample:
>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957
>>>
>>> -Valery.
>>> http://www.harper.no/valery
>>>
>>>
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
>>>> No , I can't do it on my own .
>>>> I need the way MSFT use it ( at least ) because I do it for UPnP device
>>>> and other devices ( not mine obviously like PC can be UPnP device too ,
>>>> WiFi , cameras and so on ) receive that hashed value as identification
>>>> ID due to UPnP security spec, so I can't do on my own but at least as
>>>> MSFT do that and in managed code ( so can't use (C)API ).
>>>>
>>>> Arkady
>>>>
>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>>>>I answered you several times you can hash your public key in many
>>>>>different ways - all depends on your needs. Ex:
>>>>> 1. Calculate hash on concatenation of little endian modulus with
>>>>> little endian exponent without conversions (little endian is
>>>>> presentation used by CAPI);
>>>>> 2. Calculate hash on concatenation of little endian exponent with
>>>>> little endian modulus without conversions;
>>>>> 3. Calculate hash of little endian modulus and state that you are
>>>>> expecting standard recommended public exponent only 0x1001 and fail
>>>>> processing if exponent is different.
>>>>> 4. Do as in 1, but convert both values to big endian;
>>>>> 5. Do as in 2, but convert both values to big endian;
>>>>> 6. Do as in 3, but convert modulus to big endian;
>>>>> 7. Do as in 1, but convert both values to ASN1;
>>>>> 8. Do as in 2, but convert both values to ASN1;
>>>>> 9. Do as in 3, but convert modulus to ASN1;
>>>>> 7. Do as in 1, but pack both values into xml format;
>>>>> 8. Do as in 2, but pack both values into xml format;
>>>>> 9. Do as in 3, but pack modulus into xml format;
>>>>> 10. any variation of all above;
>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>>>>> encoded structure of public key as specified in PKCS#1 and calculate
>>>>> hash on that blob;
>>>>> 14. In case if your public key is stored in certificate it is already
>>>>> in the form as in 13 - retrieve public key blob and calculate hash on
>>>>> that blob;
>>>>>
>>>>> I can add a hundred more practical suggestions on how to hash public
>>>>> key. You didn't provide us with concrete requirements to make a single
>>>>> practical suggestion. I have tried to explain that to you several
>>>>> times. I did write that public key could be hashed in many different
>>>>> ways depending on your requirements in several of my posts to that
>>>>> thread.
>>>>>
>>>>> -Valery.
>>>>> http://www.harper.no/valery
>>>>>
>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>>>>I ask very simple question and really want to read practical advice :
>>>>>>how to calculate hash from public key , if you ( Valery ) want to
>>>>>>think as I have to calculate public key token ( really I don't need
>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to
>>>>>>receive all hash and that is my simple question. Do I need to send
>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which is
>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of
>>>>>>security algorithms and their output , just practical answer on my
>>>>>>simple question.
>>>>>> I have ( C# code ):
>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>>>>
>>>>>> RSAParameters rsaresult = new RSAParameters();
>>>>>>
>>>>>> rsaresult = rsa.ExportParameters(false);
>>>>>>
>>>>>> Now I have public key in the rsaresult and want to know if modulus
>>>>>> will be enough for hash of public key , that's all I need . Like to
>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.
>>>>>>
>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/* probably
>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];
>>>>>>
>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>>>>
>>>>>> // probably or something else
>>>>>>
>>>>>> // rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>>>>
>>>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>>>
>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>>>>
>>>>>> All I want to know what have to be in PKbytes array to receive hash
>>>>>> of
>>>>>>
>>>>>> public key.
>>>>>>
>>>>>> All I want practical answer on practical question ( please no theory
>>>>>> , I have enough books around me )
>>>>>>
>>>>>> Arkady
>>>>>>
>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes
>>>>>>>> used to calculate hash of public key not 131 and not 132.But both
>>>>>>>> of you didn't answer my simple question what is algorithm of
>>>>>>>> callculation hash from public key so I see I have to try other
>>>>>>>> group, indirectly I see both in Windows and open source ( free
>>>>>>>> ssl ) modulus used only but I'm not sure 100%
>>>>>>>> Arkady
>>>>>>>>
>>>>>>> Hmm,
>>>>>>> at first you are asking a completely meaningless question. We've
>>>>>>> tried to clarify your requirements hoping that would show you the
>>>>>>> answers that you were looking for. Instead you simply repeat your
>>>>>>> meaningless question with extra mumbling about some number that you
>>>>>>> taken from somewhere...
>>>>>>> How to hash a public key? You take a hash function, send public key
>>>>>>> as a parameter to a hash function and get the result. That's at
>>>>>>> least how it is usually done.
>>>>>>> And your "That not correct..." is in fact completely wrong.
>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You are
>>>>>>> referring to 1024 bit modulus that becomes less and less used due to
>>>>>>> simple fact that is providing less than 80 bits of security (and
>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was
>>>>>>> successfully factored).
>>>>>>> Public exponent could be any number from 3 up to large integer that
>>>>>>> takes a half of bits of modulus (not bigger than that, since small
>>>>>>> private exponents are vulnerable to Weiner's attack). The only
>>>>>>> requirement for public and private exponents in rsa is that e*d=1
>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is (p-1)*(q-1).
>>>>>>> In fact, on other platforms than Windows it's quite usual to have
>>>>>>> public exponent of the same size as private exponent and about
>>>>>>> half-size of modulus, because in this case you actually can use
>>>>>>> public key and private key interchangeably...
>>>>>>>
>>>>>>> But you know, what? I think that you were not really asking for
>>>>>>> help....
>>>>>>>
>>>>>>> -Valery.
>>>>>>> http://www.harper.no/valery
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>
>

Arkady Frenkel
07-09-2005, 10:52 PM
Hi , Valery !
What I received is next array in debugger
( exact copy of byte array of PublicKey.snk opened in VS and attached ) that
include unencoded 3 DWORDs ( I ask before about them ) and afterwards
BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of modulus
( all in little-endian as shown ) .

Wait for your comments
Arkady

P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and
all the siblings but up now I didn't decide what solution to recommend to
UPnP committee.

"Valery Pryamikov" <valery@harper.no> wrote in message
news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...
> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public
> key
> as
> RSAPublicKey ::= SEQUENCE {
> modulus INTEGER,
> publicExponent INTEGER
> }
> it means - it contain sequence's tag, size of the content, and big-endian
> integers for modulus and publicExponent. Modulus is prepended 0x0 byte for
> ensuring that leading bit will always be 0. Check your pk array to see
> binary presentation. snk file contains information recorded in different
> way
> that is proprietary and undocumented (except for code that comes with
> Rotor). Strongname.h only contains definition of PublicKeyBlob that
> consist
> of some extra information, but PublicKey inside of this structure is
> ASN1.DER encoded structure. For playing with public keys (and other ASN
> structures) you can use ASNDump utility (just Google for it).
> Arkady, I've told you about ASN1. from my first post to that thread. Can
> you, please, check the information I already gave you before asking any
> further questions...
>
> -Valery.
> http://www.harper.no/valery
>
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...
>> Let's continue:)..
>> I'll return to ASN.DER afterwards but now I want to dig into .NET format.
>> I did keypair file with sn.exe end extracted public key from it to file.
>> Now I can read it and make the hash of it with next :
>>
>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",
>> FileMode.Open, FileAccess.Read));
>>
>> ...
>>
>> byte []pk;
>>
>> pk = myAssembly.GetName().GetPublicKey();
>>
>> SHA1Managed sha = new SHA1Managed() ;
>>
>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.
>>
>> byte []pt;
>>
>> pt = myAssembly.GetName().GetPublicKeyToken();
>>
>> And I see that reversed 8 last bytes of p[] are the same as
>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key
>> .Net struct used for hash .
>>
>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3
>> is
>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+
>> PUBLICKEYBLOB.
>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &
>> 0x8004
>> in my case.
>>
>> TIA
>> Arkady
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...
>>> Tnx Valery , I'm out of office and have take some to learn the stuff
>>> Arkady
>>>
>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...
>>>> Well, that was the first time you actually revealed some of your
>>>> requirements :-).
>>>> in that case - you need to hash ASN1.DER encodded public key structure
>>>> as it is specified in PKCS#1. This is the same form of public key as
>>>> publickey blob stored inside X509 certificates and you can do it with
>>>> managed code only. In case if you can use interop to CAPI, or use .Net
>>>> 2.0. - it would spare you some low-level conversion work.
>>>> Check Mitch Gallant's web site for good description of ASN1 encoding
>>>> from .Net framework:
>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html
>>>>
>>>> For a sample aplication that uses a lot of C# to CAPI interop and does
>>>> lots of public key related processing you can check my old PPC
>>>> Certificate Manager sample:
>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957
>>>>
>>>> -Valery.
>>>> http://www.harper.no/valery
>>>>
>>>>
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
>>>>> No , I can't do it on my own .
>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP
>>>>> device
>>>>> and other devices ( not mine obviously like PC can be UPnP device too
>>>>> ,
>>>>> WiFi , cameras and so on ) receive that hashed value as identification
>>>>> ID due to UPnP security spec, so I can't do on my own but at least as
>>>>> MSFT do that and in managed code ( so can't use (C)API ).
>>>>>
>>>>> Arkady
>>>>>
>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>>>>>I answered you several times you can hash your public key in many
>>>>>>different ways - all depends on your needs. Ex:
>>>>>> 1. Calculate hash on concatenation of little endian modulus with
>>>>>> little endian exponent without conversions (little endian is
>>>>>> presentation used by CAPI);
>>>>>> 2. Calculate hash on concatenation of little endian exponent with
>>>>>> little endian modulus without conversions;
>>>>>> 3. Calculate hash of little endian modulus and state that you are
>>>>>> expecting standard recommended public exponent only 0x1001 and fail
>>>>>> processing if exponent is different.
>>>>>> 4. Do as in 1, but convert both values to big endian;
>>>>>> 5. Do as in 2, but convert both values to big endian;
>>>>>> 6. Do as in 3, but convert modulus to big endian;
>>>>>> 7. Do as in 1, but convert both values to ASN1;
>>>>>> 8. Do as in 2, but convert both values to ASN1;
>>>>>> 9. Do as in 3, but convert modulus to ASN1;
>>>>>> 7. Do as in 1, but pack both values into xml format;
>>>>>> 8. Do as in 2, but pack both values into xml format;
>>>>>> 9. Do as in 3, but pack modulus into xml format;
>>>>>> 10. any variation of all above;
>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>>>>>> encoded structure of public key as specified in PKCS#1 and calculate
>>>>>> hash on that blob;
>>>>>> 14. In case if your public key is stored in certificate it is already
>>>>>> in the form as in 13 - retrieve public key blob and calculate hash on
>>>>>> that blob;
>>>>>>
>>>>>> I can add a hundred more practical suggestions on how to hash public
>>>>>> key. You didn't provide us with concrete requirements to make a
>>>>>> single
>>>>>> practical suggestion. I have tried to explain that to you several
>>>>>> times. I did write that public key could be hashed in many different
>>>>>> ways depending on your requirements in several of my posts to that
>>>>>> thread.
>>>>>>
>>>>>> -Valery.
>>>>>> http://www.harper.no/valery
>>>>>>
>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>>>>>I ask very simple question and really want to read practical advice :
>>>>>>>how to calculate hash from public key , if you ( Valery ) want to
>>>>>>>think as I have to calculate public key token ( really I don't need
>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to
>>>>>>>receive all hash and that is my simple question. Do I need to send
>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which
>>>>>>>is
>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories of
>>>>>>>security algorithms and their output , just practical answer on my
>>>>>>>simple question.
>>>>>>> I have ( C# code ):
>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>>>>>
>>>>>>> RSAParameters rsaresult = new RSAParameters();
>>>>>>>
>>>>>>> rsaresult = rsa.ExportParameters(false);
>>>>>>>
>>>>>>> Now I have public key in the rsaresult and want to know if modulus
>>>>>>> will be enough for hash of public key , that's all I need . Like to
>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.
>>>>>>>
>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*
>>>>>>> probably
>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];
>>>>>>>
>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>>>>>
>>>>>>> // probably or something else
>>>>>>>
>>>>>>> //
>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>>>>>
>>>>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>>>>
>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>>>>>
>>>>>>> All I want to know what have to be in PKbytes array to receive hash
>>>>>>> of
>>>>>>>
>>>>>>> public key.
>>>>>>>
>>>>>>> All I want practical answer on practical question ( please no theory
>>>>>>> , I have enough books around me )
>>>>>>>
>>>>>>> Arkady
>>>>>>>
>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes
>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both
>>>>>>>>> of you didn't answer my simple question what is algorithm of
>>>>>>>>> callculation hash from public key so I see I have to try other
>>>>>>>>> group, indirectly I see both in Windows and open source ( free
>>>>>>>>> ssl ) modulus used only but I'm not sure 100%
>>>>>>>>> Arkady
>>>>>>>>>
>>>>>>>> Hmm,
>>>>>>>> at first you are asking a completely meaningless question. We've
>>>>>>>> tried to clarify your requirements hoping that would show you the
>>>>>>>> answers that you were looking for. Instead you simply repeat your
>>>>>>>> meaningless question with extra mumbling about some number that you
>>>>>>>> taken from somewhere...
>>>>>>>> How to hash a public key? You take a hash function, send public key
>>>>>>>> as a parameter to a hash function and get the result. That's at
>>>>>>>> least how it is usually done.
>>>>>>>> And your "That not correct..." is in fact completely wrong.
>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You
>>>>>>>> are
>>>>>>>> referring to 1024 bit modulus that becomes less and less used due
>>>>>>>> to
>>>>>>>> simple fact that is providing less than 80 bits of security (and
>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was
>>>>>>>> successfully factored).
>>>>>>>> Public exponent could be any number from 3 up to large integer that
>>>>>>>> takes a half of bits of modulus (not bigger than that, since small
>>>>>>>> private exponents are vulnerable to Weiner's attack). The only
>>>>>>>> requirement for public and private exponents in rsa is that e*d=1
>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is
>>>>>>>> (p-1)*(q-1).
>>>>>>>> In fact, on other platforms than Windows it's quite usual to have
>>>>>>>> public exponent of the same size as private exponent and about
>>>>>>>> half-size of modulus, because in this case you actually can use
>>>>>>>> public key and private key interchangeably...
>>>>>>>>
>>>>>>>> But you know, what? I think that you were not really asking for
>>>>>>>> help....
>>>>>>>>
>>>>>>>> -Valery.
>>>>>>>> http://www.harper.no/valery
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>>
>

Valery Pryamikov
07-09-2005, 10:52 PM
?????????
Why do you show me content of SNK file? Snk file is completely irrelevant.
myAssembly.GetName().GetPublicKey() doesn't use snk file, but retrieves
public key from the assembly.
Read my comment about content of snk file in my prev. post.

-Valery.
http://www.harper.no/valery


"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:%23nWEc72XFHA.2128@TK2MSFTNGP15.phx.gbl...
> Hi , Valery !
> What I received is next array in debugger
> ( exact copy of byte array of PublicKey.snk opened in VS and attached )
> that
> include unencoded 3 DWORDs ( I ask before about them ) and afterwards
> BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of
> modulus
> ( all in little-endian as shown ) .
>
> Wait for your comments
> Arkady
>
> P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and
> all the siblings but up now I didn't decide what solution to recommend to
> UPnP committee.
>
> "Valery Pryamikov" <valery@harper.no> wrote in message
> news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...
>> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public
>> key
>> as
>> RSAPublicKey ::= SEQUENCE {
>> modulus INTEGER,
>> publicExponent INTEGER
>> }
>> it means - it contain sequence's tag, size of the content, and big-endian
>> integers for modulus and publicExponent. Modulus is prepended 0x0 byte
>> for
>> ensuring that leading bit will always be 0. Check your pk array to see
>> binary presentation. snk file contains information recorded in different
>> way
>> that is proprietary and undocumented (except for code that comes with
>> Rotor). Strongname.h only contains definition of PublicKeyBlob that
>> consist
>> of some extra information, but PublicKey inside of this structure is
>> ASN1.DER encoded structure. For playing with public keys (and other ASN
>> structures) you can use ASNDump utility (just Google for it).
>> Arkady, I've told you about ASN1. from my first post to that thread. Can
>> you, please, check the information I already gave you before asking any
>> further questions...
>>
>> -Valery.
>> http://www.harper.no/valery
>>
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...
>>> Let's continue:)..
>>> I'll return to ASN.DER afterwards but now I want to dig into .NET
>>> format.
>>> I did keypair file with sn.exe end extracted public key from it to file.
>>> Now I can read it and make the hash of it with next :
>>>
>>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",
>>> FileMode.Open, FileAccess.Read));
>>>
>>> ...
>>>
>>> byte []pk;
>>>
>>> pk = myAssembly.GetName().GetPublicKey();
>>>
>>> SHA1Managed sha = new SHA1Managed() ;
>>>
>>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.
>>>
>>> byte []pt;
>>>
>>> pt = myAssembly.GetName().GetPublicKeyToken();
>>>
>>> And I see that reversed 8 last bytes of p[] are the same as
>>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key
>>> .Net struct used for hash .
>>>
>>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3
>>> is
>>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+
>>> PUBLICKEYBLOB.
>>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &
>>> 0x8004
>>> in my case.
>>>
>>> TIA
>>> Arkady
>>>
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...
>>>> Tnx Valery , I'm out of office and have take some to learn the stuff
>>>> Arkady
>>>>
>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...
>>>>> Well, that was the first time you actually revealed some of your
>>>>> requirements :-).
>>>>> in that case - you need to hash ASN1.DER encodded public key structure
>>>>> as it is specified in PKCS#1. This is the same form of public key as
>>>>> publickey blob stored inside X509 certificates and you can do it with
>>>>> managed code only. In case if you can use interop to CAPI, or use .Net
>>>>> 2.0. - it would spare you some low-level conversion work.
>>>>> Check Mitch Gallant's web site for good description of ASN1 encoding
>>>>> from .Net framework:
>>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html
>>>>>
>>>>> For a sample aplication that uses a lot of C# to CAPI interop and does
>>>>> lots of public key related processing you can check my old PPC
>>>>> Certificate Manager sample:
>>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957
>>>>>
>>>>> -Valery.
>>>>> http://www.harper.no/valery
>>>>>
>>>>>
>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
>>>>>> No , I can't do it on my own .
>>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP
>>>>>> device
>>>>>> and other devices ( not mine obviously like PC can be UPnP device too
>>>>>> ,
>>>>>> WiFi , cameras and so on ) receive that hashed value as
>>>>>> identification
>>>>>> ID due to UPnP security spec, so I can't do on my own but at least as
>>>>>> MSFT do that and in managed code ( so can't use (C)API ).
>>>>>>
>>>>>> Arkady
>>>>>>
>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>>>>>>I answered you several times you can hash your public key in many
>>>>>>>different ways - all depends on your needs. Ex:
>>>>>>> 1. Calculate hash on concatenation of little endian modulus with
>>>>>>> little endian exponent without conversions (little endian is
>>>>>>> presentation used by CAPI);
>>>>>>> 2. Calculate hash on concatenation of little endian exponent with
>>>>>>> little endian modulus without conversions;
>>>>>>> 3. Calculate hash of little endian modulus and state that you are
>>>>>>> expecting standard recommended public exponent only 0x1001 and fail
>>>>>>> processing if exponent is different.
>>>>>>> 4. Do as in 1, but convert both values to big endian;
>>>>>>> 5. Do as in 2, but convert both values to big endian;
>>>>>>> 6. Do as in 3, but convert modulus to big endian;
>>>>>>> 7. Do as in 1, but convert both values to ASN1;
>>>>>>> 8. Do as in 2, but convert both values to ASN1;
>>>>>>> 9. Do as in 3, but convert modulus to ASN1;
>>>>>>> 7. Do as in 1, but pack both values into xml format;
>>>>>>> 8. Do as in 2, but pack both values into xml format;
>>>>>>> 9. Do as in 3, but pack modulus into xml format;
>>>>>>> 10. any variation of all above;
>>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>>>>>>> encoded structure of public key as specified in PKCS#1 and calculate
>>>>>>> hash on that blob;
>>>>>>> 14. In case if your public key is stored in certificate it is
>>>>>>> already
>>>>>>> in the form as in 13 - retrieve public key blob and calculate hash
>>>>>>> on
>>>>>>> that blob;
>>>>>>>
>>>>>>> I can add a hundred more practical suggestions on how to hash public
>>>>>>> key. You didn't provide us with concrete requirements to make a
>>>>>>> single
>>>>>>> practical suggestion. I have tried to explain that to you several
>>>>>>> times. I did write that public key could be hashed in many different
>>>>>>> ways depending on your requirements in several of my posts to that
>>>>>>> thread.
>>>>>>>
>>>>>>> -Valery.
>>>>>>> http://www.harper.no/valery
>>>>>>>
>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>>>>>>I ask very simple question and really want to read practical advice
>>>>>>>>:
>>>>>>>>how to calculate hash from public key , if you ( Valery ) want to
>>>>>>>>think as I have to calculate public key token ( really I don't need
>>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to
>>>>>>>>receive all hash and that is my simple question. Do I need to send
>>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which
>>>>>>>>is
>>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories
>>>>>>>>of
>>>>>>>>security algorithms and their output , just practical answer on my
>>>>>>>>simple question.
>>>>>>>> I have ( C# code ):
>>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>>>>>>
>>>>>>>> RSAParameters rsaresult = new RSAParameters();
>>>>>>>>
>>>>>>>> rsaresult = rsa.ExportParameters(false);
>>>>>>>>
>>>>>>>> Now I have public key in the rsaresult and want to know if modulus
>>>>>>>> will be enough for hash of public key , that's all I need . Like to
>>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.
>>>>>>>>
>>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*
>>>>>>>> probably
>>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];
>>>>>>>>
>>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>>>>>>
>>>>>>>> // probably or something else
>>>>>>>>
>>>>>>>> //
>>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>>>>>>
>>>>>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>>>>>
>>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>>>>>>
>>>>>>>> All I want to know what have to be in PKbytes array to receive hash
>>>>>>>> of
>>>>>>>>
>>>>>>>> public key.
>>>>>>>>
>>>>>>>> All I want practical answer on practical question ( please no
>>>>>>>> theory
>>>>>>>> , I have enough books around me )
>>>>>>>>
>>>>>>>> Arkady
>>>>>>>>
>>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes
>>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both
>>>>>>>>>> of you didn't answer my simple question what is algorithm of
>>>>>>>>>> callculation hash from public key so I see I have to try other
>>>>>>>>>> group, indirectly I see both in Windows and open source ( free
>>>>>>>>>> ssl ) modulus used only but I'm not sure 100%
>>>>>>>>>> Arkady
>>>>>>>>>>
>>>>>>>>> Hmm,
>>>>>>>>> at first you are asking a completely meaningless question. We've
>>>>>>>>> tried to clarify your requirements hoping that would show you the
>>>>>>>>> answers that you were looking for. Instead you simply repeat your
>>>>>>>>> meaningless question with extra mumbling about some number that
>>>>>>>>> you
>>>>>>>>> taken from somewhere...
>>>>>>>>> How to hash a public key? You take a hash function, send public
>>>>>>>>> key
>>>>>>>>> as a parameter to a hash function and get the result. That's at
>>>>>>>>> least how it is usually done.
>>>>>>>>> And your "That not correct..." is in fact completely wrong.
>>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You
>>>>>>>>> are
>>>>>>>>> referring to 1024 bit modulus that becomes less and less used due
>>>>>>>>> to
>>>>>>>>> simple fact that is providing less than 80 bits of security (and
>>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits was
>>>>>>>>> successfully factored).
>>>>>>>>> Public exponent could be any number from 3 up to large integer
>>>>>>>>> that
>>>>>>>>> takes a half of bits of modulus (not bigger than that, since small
>>>>>>>>> private exponents are vulnerable to Weiner's attack). The only
>>>>>>>>> requirement for public and private exponents in rsa is that e*d=1
>>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is
>>>>>>>>> (p-1)*(q-1).
>>>>>>>>> In fact, on other platforms than Windows it's quite usual to have
>>>>>>>>> public exponent of the same size as private exponent and about
>>>>>>>>> half-size of modulus, because in this case you actually can use
>>>>>>>>> public key and private key interchangeably...
>>>>>>>>>
>>>>>>>>> But you know, what? I think that you were not really asking for
>>>>>>>>> help....
>>>>>>>>>
>>>>>>>>> -Valery.
>>>>>>>>> http://www.harper.no/valery
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>
>
>

Valery Pryamikov
07-09-2005, 10:52 PM
Just a minor correction - it's DumpASN utility (not ASNDump as I wrote in my
prev.post)

-Valery.
http://www.harper.no/valery

"Valery Pryamikov" <valery@harper.no> wrote in message
news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...
> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public
> key as
> RSAPublicKey ::= SEQUENCE {
> modulus INTEGER,
> publicExponent INTEGER
> }
> it means - it contain sequence's tag, size of the content, and big-endian
> integers for modulus and publicExponent. Modulus is prepended 0x0 byte for
> ensuring that leading bit will always be 0. Check your pk array to see
> binary presentation. snk file contains information recorded in different
> way that is proprietary and undocumented (except for code that comes with
> Rotor). Strongname.h only contains definition of PublicKeyBlob that
> consist of some extra information, but PublicKey inside of this structure
> is ASN1.DER encoded structure. For playing with public keys (and other ASN
> structures) you can use ASNDump utility (just Google for it).
> Arkady, I've told you about ASN1. from my first post to that thread. Can
> you, please, check the information I already gave you before asking any
> further questions...
>
> -Valery.
> http://www.harper.no/valery
>
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...
>> Let's continue:)..
>> I'll return to ASN.DER afterwards but now I want to dig into .NET format.
>> I did keypair file with sn.exe end extracted public key from it to file.
>> Now I can read it and make the hash of it with next :
>>
>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",
>> FileMode.Open, FileAccess.Read));
>>
>> ...
>>
>> byte []pk;
>>
>> pk = myAssembly.GetName().GetPublicKey();
>>
>> SHA1Managed sha = new SHA1Managed() ;
>>
>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.
>>
>> byte []pt;
>>
>> pt = myAssembly.GetName().GetPublicKeyToken();
>>
>> And I see that reversed 8 last bytes of p[] are the same as
>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key
>> .Net struct used for hash .
>>
>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3
>> is length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+
>> PUBLICKEYBLOB.
>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &
>> 0x8004 in my case.
>>
>> TIA
>> Arkady
>>
>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...
>>> Tnx Valery , I'm out of office and have take some to learn the stuff
>>> Arkady
>>>
>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...
>>>> Well, that was the first time you actually revealed some of your
>>>> requirements :-).
>>>> in that case - you need to hash ASN1.DER encodded public key structure
>>>> as it is specified in PKCS#1. This is the same form of public key as
>>>> publickey blob stored inside X509 certificates and you can do it with
>>>> managed code only. In case if you can use interop to CAPI, or use .Net
>>>> 2.0. - it would spare you some low-level conversion work.
>>>> Check Mitch Gallant's web site for good description of ASN1 encoding
>>>> from .Net framework:
>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html
>>>>
>>>> For a sample aplication that uses a lot of C# to CAPI interop and does
>>>> lots of public key related processing you can check my old PPC
>>>> Certificate Manager sample:
>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957
>>>>
>>>> -Valery.
>>>> http://www.harper.no/valery
>>>>
>>>>
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
>>>>> No , I can't do it on my own .
>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP
>>>>> device and other devices ( not mine obviously like PC can be UPnP
>>>>> device too , WiFi , cameras and so on ) receive that hashed value as
>>>>> identification ID due to UPnP security spec, so I can't do on my own
>>>>> but at least as MSFT do that and in managed code ( so can't use
>>>>> (C)API ).
>>>>>
>>>>> Arkady
>>>>>
>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>>>>>I answered you several times you can hash your public key in many
>>>>>>different ways - all depends on your needs. Ex:
>>>>>> 1. Calculate hash on concatenation of little endian modulus with
>>>>>> little endian exponent without conversions (little endian is
>>>>>> presentation used by CAPI);
>>>>>> 2. Calculate hash on concatenation of little endian exponent with
>>>>>> little endian modulus without conversions;
>>>>>> 3. Calculate hash of little endian modulus and state that you are
>>>>>> expecting standard recommended public exponent only 0x1001 and fail
>>>>>> processing if exponent is different.
>>>>>> 4. Do as in 1, but convert both values to big endian;
>>>>>> 5. Do as in 2, but convert both values to big endian;
>>>>>> 6. Do as in 3, but convert modulus to big endian;
>>>>>> 7. Do as in 1, but convert both values to ASN1;
>>>>>> 8. Do as in 2, but convert both values to ASN1;
>>>>>> 9. Do as in 3, but convert modulus to ASN1;
>>>>>> 7. Do as in 1, but pack both values into xml format;
>>>>>> 8. Do as in 2, but pack both values into xml format;
>>>>>> 9. Do as in 3, but pack modulus into xml format;
>>>>>> 10. any variation of all above;
>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>>>>>> encoded structure of public key as specified in PKCS#1 and calculate
>>>>>> hash on that blob;
>>>>>> 14. In case if your public key is stored in certificate it is already
>>>>>> in the form as in 13 - retrieve public key blob and calculate hash on
>>>>>> that blob;
>>>>>>
>>>>>> I can add a hundred more practical suggestions on how to hash public
>>>>>> key. You didn't provide us with concrete requirements to make a
>>>>>> single practical suggestion. I have tried to explain that to you
>>>>>> several times. I did write that public key could be hashed in many
>>>>>> different ways depending on your requirements in several of my posts
>>>>>> to that thread.
>>>>>>
>>>>>> -Valery.
>>>>>> http://www.harper.no/valery
>>>>>>
>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>>>>>I ask very simple question and really want to read practical advice :
>>>>>>>how to calculate hash from public key , if you ( Valery ) want to
>>>>>>>think as I have to calculate public key token ( really I don't need
>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to
>>>>>>>receive all hash and that is my simple question. Do I need to send
>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which
>>>>>>>is 3 ( that I wrote about ) in the case of RSA? I don't need theories
>>>>>>>of security algorithms and their output , just practical answer on
>>>>>>>my simple question.
>>>>>>> I have ( C# code ):
>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>>>>>
>>>>>>> RSAParameters rsaresult = new RSAParameters();
>>>>>>>
>>>>>>> rsaresult = rsa.ExportParameters(false);
>>>>>>>
>>>>>>> Now I have public key in the rsaresult and want to know if modulus
>>>>>>> will be enough for hash of public key , that's all I need . Like to
>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.
>>>>>>>
>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*
>>>>>>> probably or something else + rsaresult.Exponent.GetLength(0) */];
>>>>>>>
>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>>>>>
>>>>>>> // probably or something else
>>>>>>>
>>>>>>> //
>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>>>>>
>>>>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>>>>
>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>>>>>
>>>>>>> All I want to know what have to be in PKbytes array to receive hash
>>>>>>> of
>>>>>>>
>>>>>>> public key.
>>>>>>>
>>>>>>> All I want practical answer on practical question ( please no theory
>>>>>>> , I have enough books around me )
>>>>>>>
>>>>>>> Arkady
>>>>>>>
>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128 bytes
>>>>>>>>> used to calculate hash of public key not 131 and not 132.But both
>>>>>>>>> of you didn't answer my simple question what is algorithm of
>>>>>>>>> callculation hash from public key so I see I have to try other
>>>>>>>>> group, indirectly I see both in Windows and open source ( free
>>>>>>>>> ssl ) modulus used only but I'm not sure 100%
>>>>>>>>> Arkady
>>>>>>>>>
>>>>>>>> Hmm,
>>>>>>>> at first you are asking a completely meaningless question. We've
>>>>>>>> tried to clarify your requirements hoping that would show you the
>>>>>>>> answers that you were looking for. Instead you simply repeat your
>>>>>>>> meaningless question with extra mumbling about some number that you
>>>>>>>> taken from somewhere...
>>>>>>>> How to hash a public key? You take a hash function, send public key
>>>>>>>> as a parameter to a hash function and get the result. That's at
>>>>>>>> least how it is usually done.
>>>>>>>> And your "That not correct..." is in fact completely wrong.
>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You
>>>>>>>> are referring to 1024 bit modulus that becomes less and less used
>>>>>>>> due to simple fact that is providing less than 80 bits of security
>>>>>>>> (and just a couple of weeks ago 740 bits modulus 200 decimal digits
>>>>>>>> was successfully factored).
>>>>>>>> Public exponent could be any number from 3 up to large integer that
>>>>>>>> takes a half of bits of modulus (not bigger than that, since small
>>>>>>>> private exponents are vulnerable to Weiner's attack). The only
>>>>>>>> requirement for public and private exponents in rsa is that e*d=1
>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is
>>>>>>>> (p-1)*(q-1).
>>>>>>>> In fact, on other platforms than Windows it's quite usual to have
>>>>>>>> public exponent of the same size as private exponent and about
>>>>>>>> half-size of modulus, because in this case you actually can use
>>>>>>>> public key and private key interchangeably...
>>>>>>>>
>>>>>>>> But you know, what? I think that you were not really asking for
>>>>>>>> help....
>>>>>>>>
>>>>>>>> -Valery.
>>>>>>>> http://www.harper.no/valery
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>>
>

Arkady Frenkel
07-09-2005, 10:52 PM
I show that because I can't show you byte array returned by
myAssembly.GetName().GetPublicKey() and it , as I wrote , exactly the same
array blob as publickey.snk I extracted with
sn.exe from pair key , OTOH I set assembly to that same pair key with :
myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",
FileMode.Open, FileAccess.Read));

so I see those absolutely the same BLOB as you can see on attached file
TIA
Arkady
P.S. Just when writting I understand that I do can send you array returned
by myAssembly.GetName().GetPublicKey()
printing it in dos box ( file attached too ).So reverse ( as I understand in
security that called big-endian , in computer architecture so in networking
only each word or dword can be big/little endian ) last 8 bytes of hash of
that blob are exactly
Public Key tokey received with
myAssembly.GetName().GetPublicKeyToken() in this case




"Valery Pryamikov" <valery@harper.no> wrote in message
news:OSelY73XFHA.1152@tk2msftngp13.phx.gbl...
> ?????????
> Why do you show me content of SNK file? Snk file is completely irrelevant.
> myAssembly.GetName().GetPublicKey() doesn't use snk file, but retrieves
> public key from the assembly.
> Read my comment about content of snk file in my prev. post.
>
> -Valery.
> http://www.harper.no/valery
>
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:%23nWEc72XFHA.2128@TK2MSFTNGP15.phx.gbl...
>> Hi , Valery !
>> What I received is next array in debugger
>> ( exact copy of byte array of PublicKey.snk opened in VS and attached )
>> that
>> include unencoded 3 DWORDs ( I ask before about them ) and afterwards
>> BLOBHEADER,RSAPUBKEY( which include exponent obviously ) and BLOB of
>> modulus
>> ( all in little-endian as shown ) .
>>
>> Wait for your comments
>> Arkady
>>
>> P.S. I read, I'm reading and will (I'll promise ):) about ASN DER BER and
>> all the siblings but up now I didn't decide what solution to recommend to
>> UPnP committee.
>>
>> "Valery Pryamikov" <valery@harper.no> wrote in message
>> news:eLhL0qwXFHA.228@TK2MSFTNGP12.phx.gbl...
>>> myAssembly.GetName().GetPublicKey() returns you ASN1 DER encoded public
>>> key
>>> as
>>> RSAPublicKey ::= SEQUENCE {
>>> modulus INTEGER,
>>> publicExponent INTEGER
>>> }
>>> it means - it contain sequence's tag, size of the content, and
>>> big-endian
>>> integers for modulus and publicExponent. Modulus is prepended 0x0 byte
>>> for
>>> ensuring that leading bit will always be 0. Check your pk array to see
>>> binary presentation. snk file contains information recorded in different
>>> way
>>> that is proprietary and undocumented (except for code that comes with
>>> Rotor). Strongname.h only contains definition of PublicKeyBlob that
>>> consist
>>> of some extra information, but PublicKey inside of this structure is
>>> ASN1.DER encoded structure. For playing with public keys (and other ASN
>>> structures) you can use ASNDump utility (just Google for it).
>>> Arkady, I've told you about ASN1. from my first post to that thread. Can
>>> you, please, check the information I already gave you before asking any
>>> further questions...
>>>
>>> -Valery.
>>> http://www.harper.no/valery
>>>
>>>
>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>> news:%23ejRPZiXFHA.3140@TK2MSFTNGP14.phx.gbl...
>>>> Let's continue:)..
>>>> I'll return to ASN.DER afterwards but now I want to dig into .NET
>>>> format.
>>>> I did keypair file with sn.exe end extracted public key from it to
>>>> file.
>>>> Now I can read it and make the hash of it with next :
>>>>
>>>> myAssemblyName.KeyPair = new StrongNameKeyPair(File.Open("KeyPair.snk",
>>>> FileMode.Open, FileAccess.Read));
>>>>
>>>> ...
>>>>
>>>> byte []pk;
>>>>
>>>> pk = myAssembly.GetName().GetPublicKey();
>>>>
>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>
>>>> byte[] p = sha.ComputeHash(pk,0,pk.Length ) ;.
>>>>
>>>> byte []pt;
>>>>
>>>> pt = myAssembly.GetName().GetPublicKeyToken();
>>>>
>>>> And I see that reversed 8 last bytes of p[] are the same as
>>>> GetPublicKeyToken() return , so I see that all 160 bytes of Public key
>>>> .Net struct used for hash .
>>>>
>>>> I want to ask what is 3 dwords before PUBLICKEYSTRUCT ? The last from 3
>>>> is
>>>> length ( 148 ) of BLOBHEADER(PUBLICKEYSTRUC)+RSAPUBKEY+
>>>> PUBLICKEYBLOB.
>>>> Are first and second are : ALG_ID & CALG_SHA1 ?They are 0x2400 &
>>>> 0x8004
>>>> in my case.
>>>>
>>>> TIA
>>>> Arkady
>>>>
>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>> news:%23NVeFhHXFHA.3348@TK2MSFTNGP14.phx.gbl...
>>>>> Tnx Valery , I'm out of office and have take some to learn the stuff
>>>>> Arkady
>>>>>
>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>> news:OHiMnPGXFHA.3716@TK2MSFTNGP12.phx.gbl...
>>>>>> Well, that was the first time you actually revealed some of your
>>>>>> requirements :-).
>>>>>> in that case - you need to hash ASN1.DER encodded public key
>>>>>> structure
>>>>>> as it is specified in PKCS#1. This is the same form of public key as
>>>>>> publickey blob stored inside X509 certificates and you can do it with
>>>>>> managed code only. In case if you can use interop to CAPI, or use
>>>>>> .Net
>>>>>> 2.0. - it would spare you some low-level conversion work.
>>>>>> Check Mitch Gallant's web site for good description of ASN1 encoding
>>>>>> from .Net framework:
>>>>>> http://www.jensign.com/JavaScience/dotnet/JKeyNet/index.html
>>>>>>
>>>>>> For a sample aplication that uses a lot of C# to CAPI interop and
>>>>>> does
>>>>>> lots of public key related processing you can check my old PPC
>>>>>> Certificate Manager sample:
>>>>>> http://www.gotdotnet.com/Community/UserSamples/Details.aspx?SampleGuid=68b9e2f2-7c36-417f-a218-e80557ae2957
>>>>>>
>>>>>> -Valery.
>>>>>> http://www.harper.no/valery
>>>>>>
>>>>>>
>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>> news:e6l23zFXFHA.584@TK2MSFTNGP15.phx.gbl...
>>>>>>> No , I can't do it on my own .
>>>>>>> I need the way MSFT use it ( at least ) because I do it for UPnP
>>>>>>> device
>>>>>>> and other devices ( not mine obviously like PC can be UPnP device
>>>>>>> too
>>>>>>> ,
>>>>>>> WiFi , cameras and so on ) receive that hashed value as
>>>>>>> identification
>>>>>>> ID due to UPnP security spec, so I can't do on my own but at least
>>>>>>> as
>>>>>>> MSFT do that and in managed code ( so can't use (C)API ).
>>>>>>>
>>>>>>> Arkady
>>>>>>>
>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>>>> news:ulQr0ZFXFHA.3712@TK2MSFTNGP09.phx.gbl...
>>>>>>>>I answered you several times you can hash your public key in many
>>>>>>>>different ways - all depends on your needs. Ex:
>>>>>>>> 1. Calculate hash on concatenation of little endian modulus with
>>>>>>>> little endian exponent without conversions (little endian is
>>>>>>>> presentation used by CAPI);
>>>>>>>> 2. Calculate hash on concatenation of little endian exponent with
>>>>>>>> little endian modulus without conversions;
>>>>>>>> 3. Calculate hash of little endian modulus and state that you are
>>>>>>>> expecting standard recommended public exponent only 0x1001 and fail
>>>>>>>> processing if exponent is different.
>>>>>>>> 4. Do as in 1, but convert both values to big endian;
>>>>>>>> 5. Do as in 2, but convert both values to big endian;
>>>>>>>> 6. Do as in 3, but convert modulus to big endian;
>>>>>>>> 7. Do as in 1, but convert both values to ASN1;
>>>>>>>> 8. Do as in 2, but convert both values to ASN1;
>>>>>>>> 9. Do as in 3, but convert modulus to ASN1;
>>>>>>>> 7. Do as in 1, but pack both values into xml format;
>>>>>>>> 8. Do as in 2, but pack both values into xml format;
>>>>>>>> 9. Do as in 3, but pack modulus into xml format;
>>>>>>>> 10. any variation of all above;
>>>>>>>> 11. Use CAPI's CryptExportKey and calculate hash on PLAINTEXTBLOB;
>>>>>>>> 12. Use CAPI's CryptExportKey and calculate hash on PUBLICKEYBLOB;
>>>>>>>> 13. Use CAPI's CryptEncodeObjectEx to pack public key into ASN1.DER
>>>>>>>> encoded structure of public key as specified in PKCS#1 and
>>>>>>>> calculate
>>>>>>>> hash on that blob;
>>>>>>>> 14. In case if your public key is stored in certificate it is
>>>>>>>> already
>>>>>>>> in the form as in 13 - retrieve public key blob and calculate hash
>>>>>>>> on
>>>>>>>> that blob;
>>>>>>>>
>>>>>>>> I can add a hundred more practical suggestions on how to hash
>>>>>>>> public
>>>>>>>> key. You didn't provide us with concrete requirements to make a
>>>>>>>> single
>>>>>>>> practical suggestion. I have tried to explain that to you several
>>>>>>>> times. I did write that public key could be hashed in many
>>>>>>>> different
>>>>>>>> ways depending on your requirements in several of my posts to that
>>>>>>>> thread.
>>>>>>>>
>>>>>>>> -Valery.
>>>>>>>> http://www.harper.no/valery
>>>>>>>>
>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>>> news:OZbLClEXFHA.1508@tk2msftngp13.phx.gbl...
>>>>>>>>>I ask very simple question and really want to read practical advice
>>>>>>>>>:
>>>>>>>>>how to calculate hash from public key , if you ( Valery ) want to
>>>>>>>>>think as I have to calculate public key token ( really I don't need
>>>>>>>>>that ) , but before to receive last 8 bytes ( token ) I have to
>>>>>>>>>receive all hash and that is my simple question. Do I need to send
>>>>>>>>>array of bytes of Modulus only or both ( Modulus and Exponent which
>>>>>>>>>is
>>>>>>>>>3 ( that I wrote about ) in the case of RSA? I don't need theories
>>>>>>>>>of
>>>>>>>>>security algorithms and their output , just practical answer on my
>>>>>>>>>simple question.
>>>>>>>>> I have ( C# code ):
>>>>>>>>> RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
>>>>>>>>>
>>>>>>>>> RSAParameters rsaresult = new RSAParameters();
>>>>>>>>>
>>>>>>>>> rsaresult = rsa.ExportParameters(false);
>>>>>>>>>
>>>>>>>>> Now I have public key in the rsaresult and want to know if modulus
>>>>>>>>> will be enough for hash of public key , that's all I need . Like
>>>>>>>>> to
>>>>>>>>> extract token ( last reverced 8 bytes ) afterwards e.g.
>>>>>>>>>
>>>>>>>>> byte[] PKbytes = new byte [ rsaresult.Modulus.GetLength(0)/*
>>>>>>>>> probably
>>>>>>>>> or something else + rsaresult.Exponent.GetLength(0) */];
>>>>>>>>>
>>>>>>>>> rsaresult.Modulus.CopyTo(PKbytes,0);
>>>>>>>>>
>>>>>>>>> // probably or something else
>>>>>>>>>
>>>>>>>>> //
>>>>>>>>> rsaresult.Exponent.CopyTo(PKbytes,rsaresult.Modulus.GetLength(0));
>>>>>>>>>
>>>>>>>>> SHA1Managed sha = new SHA1Managed() ;
>>>>>>>>>
>>>>>>>>> byte[] b = sha.ComputeHash(PKbytes,0,PKbytes.Length ) ;
>>>>>>>>>
>>>>>>>>> All I want to know what have to be in PKbytes array to receive
>>>>>>>>> hash
>>>>>>>>> of
>>>>>>>>>
>>>>>>>>> public key.
>>>>>>>>>
>>>>>>>>> All I want practical answer on practical question ( please no
>>>>>>>>> theory
>>>>>>>>> , I have enough books around me )
>>>>>>>>>
>>>>>>>>> Arkady
>>>>>>>>>
>>>>>>>>> "Valery Pryamikov" <valery@harper.no> wrote in message
>>>>>>>>> news:eH09eNDXFHA.1044@TK2MSFTNGP10.phx.gbl...
>>>>>>>>>> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
>>>>>>>>>> news:u9T$di%23WFHA.1796@TK2MSFTNGP15.phx.gbl...
>>>>>>>>>>> That not correct , exponent is 3 not 4 bytes. OTOH only 128
>>>>>>>>>>> bytes
>>>>>>>>>>> used to calculate hash of public key not 131 and not 132.But
>>>>>>>>>>> both
>>>>>>>>>>> of you didn't answer my simple question what is algorithm of
>>>>>>>>>>> callculation hash from public key so I see I have to try other
>>>>>>>>>>> group, indirectly I see both in Windows and open source ( free
>>>>>>>>>>> ssl ) modulus used only but I'm not sure 100%
>>>>>>>>>>> Arkady
>>>>>>>>>>>
>>>>>>>>>> Hmm,
>>>>>>>>>> at first you are asking a completely meaningless question. We've
>>>>>>>>>> tried to clarify your requirements hoping that would show you the
>>>>>>>>>> answers that you were looking for. Instead you simply repeat your
>>>>>>>>>> meaningless question with extra mumbling about some number that
>>>>>>>>>> you
>>>>>>>>>> taken from somewhere...
>>>>>>>>>> How to hash a public key? You take a hash function, send public
>>>>>>>>>> key
>>>>>>>>>> as a parameter to a hash function and get the result. That's at
>>>>>>>>>> least how it is usually done.
>>>>>>>>>> And your "That not correct..." is in fact completely wrong.
>>>>>>>>>> Modulus and exponent are not measured in bytes, but in bits. You
>>>>>>>>>> are
>>>>>>>>>> referring to 1024 bit modulus that becomes less and less used due
>>>>>>>>>> to
>>>>>>>>>> simple fact that is providing less than 80 bits of security (and
>>>>>>>>>> just a couple of weeks ago 740 bits modulus 200 decimal digits
>>>>>>>>>> was
>>>>>>>>>> successfully factored).
>>>>>>>>>> Public exponent could be any number from 3 up to large integer
>>>>>>>>>> that
>>>>>>>>>> takes a half of bits of modulus (not bigger than that, since
>>>>>>>>>> small
>>>>>>>>>> private exponents are vulnerable to Weiner's attack). The only
>>>>>>>>>> requirement for public and private exponents in rsa is that e*d=1
>>>>>>>>>> mod phi(m), where phi(m) is Euler's phi function and is
>>>>>>>>>> (p-1)*(q-1).
>>>>>>>>>> In fact, on other platforms than Windows it's quite usual to have
>>>>>>>>>> public exponent of the same size as private exponent and about
>>>>>>>>>> half-size of modulus, because in this case you actually can use
>>>>>>>>>> public key and private key interchangeably...
>>>>>>>>>>
>>>>>>>>>> But you know, what? I think that you were not really asking for
>>>>>>>>>> help....
>>>>>>>>>>
>>>>>>>>>> -Valery.
>>>>>>>>>> http://www.harper.no/valery
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>>
>

Valery Pryamikov
07-09-2005, 10:52 PM
Ok, my bad, sorry. :(
It was some time ago when I looked at binary presetnation of Microsoft
CAPI/.Net public keys for the last time - I'm strating to forget things:-).
( must be my negative week :(
Michel I. Gallant wrote in his dotnet keyinfo article
(http://www.jensign.com/JavaScience/dotnet/keyinfo/):
....
(1)The CryptoAPI PUBLICKEYBLOB
is NOT an ASN.1 encoded key structure. Key modulus and exponent
are stored in little-endian order within a PUBLICKEYBLOB.
....

here is MSDN documentation of publickeyblob (with good explanation of all
fields including blobheaders and "magic"):
http://msdn.microsoft.com/library/en-us/seccrypto/security/public_key_blobs.asp
privatekey blob (also used in snk file) is documented here:
http://msdn.microsoft.com/library/en-us/seccrypto/security/private_key_blobs.asp

Mixup is caused by the fact that some CAPI functions (like
CryptImportPublicKeyInfo), while as others are using PUBLIKEYBLOB.

-Valery.
http://www.harper.no/valery

Michel Gallant
07-09-2005, 10:52 PM
This is exactly why I spent a lot of time documenting this massive
confusion of public key formats! I forget this all the time myself,
and refer to my own articles! LOL
- Mitch

"Valery Pryamikov" <valery@harper.no> wrote in message news:eQKdOi7XFHA.612@TK2MSFTNGP12.phx.gbl...
> Ok, my bad, sorry. :(
> It was some time ago when I looked at binary presetnation of Microsoft
> CAPI/.Net public keys for the last time - I'm strating to forget things:-).
> ( must be my negative week :(
> Michel I. Gallant wrote in his dotnet keyinfo article
> (http://www.jensign.com/JavaScience/dotnet/keyinfo/):
> ...
> (1)The CryptoAPI PUBLICKEYBLOB
> is NOT an ASN.1 encoded key structure. Key modulus and exponent
> are stored in little-endian order within a PUBLICKEYBLOB.
> ...
>
> here is MSDN documentation of publickeyblob (with good explanation of all
> fields including blobheaders and "magic"):
> http://msdn.microsoft.com/library/en-us/seccrypto/security/public_key_blobs.asp
> privatekey blob (also used in snk file) is documented here:
> http://msdn.microsoft.com/library/en-us/seccrypto/security/private_key_blobs.asp
>
> Mixup is caused by the fact that some CAPI functions (like
> CryptImportPublicKeyInfo), while as others are using PUBLIKEYBLOB.
>
> -Valery.
> http://www.harper.no/valery
>

Valery Pryamikov
07-09-2005, 10:52 PM
"Michel Gallant" <neutron@istar.ca> wrote in message
news:%23ytmEm7XFHA.2128@TK2MSFTNGP15.phx.gbl...
> This is exactly why I spent a lot of time documenting this massive
> confusion of public key formats! I forget this all the time myself,
> and refer to my own articles! LOL
LOL

-Valery
http://www.harper.no/valery

Arkady Frenkel
07-09-2005, 10:52 PM
Thanks , guys!
I understand that I have to add request to device which format it use to
calculate hash and meanwhile I support for modulus + exponent ( because they
exchanged through xml as 2 separated tokens due to spec ) and maybe .NET
( with wishlist for ASN1 for future ).
Tnx for time and patience :) , Valery.

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message
news:u3IQjE8XFHA.712@TK2MSFTNGP14.phx.gbl...
> "Michel Gallant" <neutron@istar.ca> wrote in message
> news:%23ytmEm7XFHA.2128@TK2MSFTNGP15.phx.gbl...
>> This is exactly why I spent a lot of time documenting this massive
>> confusion of public key formats! I forget this all the time myself,
>> and refer to my own articles! LOL
> LOL
>
> -Valery
> http://www.harper.no/valery
>

Valery Pryamikov
07-09-2005, 10:52 PM
"Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
news:O7MwYPHYFHA.4032@tk2msftngp13.phx.gbl...
> Thanks , guys!
> I understand that I have to add request to device which format it use to
> calculate hash and meanwhile I support for modulus + exponent ( because
> they exchanged through xml as 2 separated tokens due to spec ) and maybe
> .NET ( with wishlist for ASN1 for future ).
> Tnx for time and patience :) , Valery.
>
> Arkady


It's my pleasure :-). It was mutually useful conversation for us both - for
me it was great to refresh memory about all that stuff. ;-)

-Valery.
http://www.harper.no/valery

Arkady Frenkel
07-09-2005, 10:52 PM
Me too , that only my beginning in this field,so I believe in soon to
continue to refresh you memory :)

Arkady

"Valery Pryamikov" <valery@harper.no> wrote in message
news:ei8e%23SPYFHA.2588@TK2MSFTNGP14.phx.gbl...
>
> "Arkady Frenkel" <arkadyf@hotmailxdotx.com> wrote in message
> news:O7MwYPHYFHA.4032@tk2msftngp13.phx.gbl...
>> Thanks , guys!
>> I understand that I have to add request to device which format it use to
>> calculate hash and meanwhile I support for modulus + exponent ( because
>> they exchanged through xml as 2 separated tokens due to spec ) and
>> maybe .NET ( with wishlist for ASN1 for future ).
>> Tnx for time and patience :) , Valery.
>>
>> Arkady
>
>
> It's my pleasure :-). It was mutually useful conversation for us both -
> for me it was great to refresh memory about all that stuff. ;-)
>
> -Valery.
> http://www.harper.no/valery
>


Hash of Public key