CryptographicException in RSA.ImportParameters() -

2020-07-19 05:35发布

站内问答 / C#
591 1 6

We have a C#/.Net 4.0 application which imports RSA Private Keys from a String in Base64 received in a WebService.

This application works perfectly for RSA-Keys in 1024 bits, but doesn't with a special kind of rsa private keys (around 1% of keys).

Here are the byte lengths:

Working-Key:

  • Modulus => 128 Bytes
  • Exponent => 3 Bytes
  • D => 128 Bytes
  • P => 64 Bytes
  • Q => 64 Bytes
  • DP => 64 Bytes
  • DQ => 64 Bytes
  • IQ => 64 Bytes

Not-Working-Key:

  • Modulus => 128 Bytes
  • Exponent => 3 Bytes
  • D => 127 Bytes
  • P => 64 Bytes
  • Q => 64 Bytes
  • DP => 64 Bytes
  • DQ => 64 Bytes
  • IQ => 64 Bytes

The difference is in the lenght of D (128 working, 127 not working). The not-working key is 1 byte shorter than the working key.

The parameters are set but when doing RSA.ImportParameters(rsaParams) it throws a CryptographicException with a "Bad Data" Message.

What should be included to solve this problem?

1条回答
神经病院院长
2楼-- · 2020-07-19 06:20

RSACryptoServiceProvider has some assumptions on the data lengths which are:

  • Modulus: any even size, let's call the length n
  • Exponent: (<= 4 bytes; though RSACng allows "any size"), let's call the length e
  • D: n
  • P: n/2
  • Q: n/2
  • DP: n/2
  • DQ: n/2
  • InverseQ: n/2

So, assuming that your second key is actually Modulus: 128 bytes (because a 64-byte P times a 64-byte Q isn't a 256 byte number), you just need to left-pad the D array with a zero to bring it up to the proper length.

byte[] newD = new byte[modulus.Length];
Buffer.BlockCopy(d, 0, newD, newD.Length - d.Length, d.Length);

.NET Core has the source code available showing that relationship. In .NET Framework it's buried inside the CLR, so not available on referencesource.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(6)