D
Dur
Hi all,
I am facing one problem while doing cryptographic operations(creating
digital signature and verify it) on smartcard application in ASP.NET. i
created a smartCard application. In that sender sends some messege which has
to be verfied by the reciever to ensure that message is correct and not
modified.
So followed steps are shown below
1.Taken the sender message and found the SHA1 hash to that message. It
should be 20 byte array.
2.I have to pad that hash value. The padded algorithm should be PKCS #1. I
found that there are no classes in .NET which provides only padding(Some
methods like encrypt of Cryptoserviceprovider class doing not only padding
but also encrypting the data)
3.So i found the PKCS #1 alogarithm then i implimented it in the following
way.
public byte[] Createpaddedhash(string Message)
{
byte[] arrInput;
byte[] arrDigitalSignature;
arrInput = Convert2ByteArray( Message);
SHA1 objSha = new SHA1Managed();
arrDigitalSignature = objSha.ComputeHash(arrInput);
byte[] arr = {0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a};
RSA rsa = new RSACryptoServiceProvider();
byte[] padhash = RsaPkcs1Padding(rsa,arr,arrDigitalSignature);
return padhash;
}
public byte[] RsaPkcs1Padding(RSA rsa,byte[] oid, byte[] hash)
{
int num1 = rsa.KeySize /8;
byte[] buffer1 = new byte[num1];
byte[] buffer2 = new byte[(oid.Length + 8) + hash.Length];
buffer2[0] = 0x30;
int num2 = buffer2.Length - 2;
buffer2[1] = (byte) num2;
buffer2[2] = 0x30;
num2 = oid.Length + 2;
buffer2[3] = (byte) num2;
Buffer.BlockCopy(oid, 0, buffer2, 4, oid.Length);
buffer2[4 + oid.Length] = 5;
buffer2[(4 + oid.Length) + 1] = 0;
buffer2[(4 + oid.Length) + 2] = 4;
buffer2[(4 + oid.Length) + 3] = (byte) hash.Length;
Buffer.BlockCopy(hash, 0, buffer2, oid.Length + 8, hash.Length);
int num3 = num1 - buffer2.Length;
if (num3 <= 2)
{
throw
CryptographicUnexpectedOperationException("Cryptography_InvalidOID");
}
buffer1[0] = 0;
buffer1[1] = 1;
for (int num4 = 2; num4 < (num3 - 1); num4++)
{
buffer1[num4] = 0xff;
}
buffer1[num3 - 1] = 0;
Buffer.BlockCopy(buffer2, 0, buffer1, num3, buffer2.Length);
return buffer1;
}
Finally i created padded hash and i sent it to the smartcart through APDU
calls and created a keypair and a signature with in the card through APDU
calls and sent signature(contains 1024 bits) and publickey to the receiver.
In the receiver side i constructed RSACryptoService provider object by using
card publickey and exponent in the following way
byte[] Exponent = {0x01,0x00,0x01};
RSAKeyInfo.Modulus = publickey ;
RSAKeyInfo.Exponent = Exponent;
objRSA1.ImportParameters(RSAKeyInfo);
Up to now every thing is working fine. Now started a problem while
decrypting the signature.
For decryption i used Microsoft decrypt method of RSACryptoServiceProvider
class.The main problem of this method is i am thinking that while decryting
it removes the padding.
Finaly i got a badKey error while running the following statement
decryptSignature = objRSA1.Decrypt(arrDigitalSignature,false);
Can u please give me some idea to solve this problem
"One thing remember is Signature is created by the card"
Thank you very much
Srihari.k
RichMond
Bangalore
India
I am facing one problem while doing cryptographic operations(creating
digital signature and verify it) on smartcard application in ASP.NET. i
created a smartCard application. In that sender sends some messege which has
to be verfied by the reciever to ensure that message is correct and not
modified.
So followed steps are shown below
1.Taken the sender message and found the SHA1 hash to that message. It
should be 20 byte array.
2.I have to pad that hash value. The padded algorithm should be PKCS #1. I
found that there are no classes in .NET which provides only padding(Some
methods like encrypt of Cryptoserviceprovider class doing not only padding
but also encrypting the data)
3.So i found the PKCS #1 alogarithm then i implimented it in the following
way.
public byte[] Createpaddedhash(string Message)
{
byte[] arrInput;
byte[] arrDigitalSignature;
arrInput = Convert2ByteArray( Message);
SHA1 objSha = new SHA1Managed();
arrDigitalSignature = objSha.ComputeHash(arrInput);
byte[] arr = {0x06,0x05,0x2b,0x0e,0x03,0x02,0x1a};
RSA rsa = new RSACryptoServiceProvider();
byte[] padhash = RsaPkcs1Padding(rsa,arr,arrDigitalSignature);
return padhash;
}
public byte[] RsaPkcs1Padding(RSA rsa,byte[] oid, byte[] hash)
{
int num1 = rsa.KeySize /8;
byte[] buffer1 = new byte[num1];
byte[] buffer2 = new byte[(oid.Length + 8) + hash.Length];
buffer2[0] = 0x30;
int num2 = buffer2.Length - 2;
buffer2[1] = (byte) num2;
buffer2[2] = 0x30;
num2 = oid.Length + 2;
buffer2[3] = (byte) num2;
Buffer.BlockCopy(oid, 0, buffer2, 4, oid.Length);
buffer2[4 + oid.Length] = 5;
buffer2[(4 + oid.Length) + 1] = 0;
buffer2[(4 + oid.Length) + 2] = 4;
buffer2[(4 + oid.Length) + 3] = (byte) hash.Length;
Buffer.BlockCopy(hash, 0, buffer2, oid.Length + 8, hash.Length);
int num3 = num1 - buffer2.Length;
if (num3 <= 2)
{
throw
CryptographicUnexpectedOperationException("Cryptography_InvalidOID");
}
buffer1[0] = 0;
buffer1[1] = 1;
for (int num4 = 2; num4 < (num3 - 1); num4++)
{
buffer1[num4] = 0xff;
}
buffer1[num3 - 1] = 0;
Buffer.BlockCopy(buffer2, 0, buffer1, num3, buffer2.Length);
return buffer1;
}
Finally i created padded hash and i sent it to the smartcart through APDU
calls and created a keypair and a signature with in the card through APDU
calls and sent signature(contains 1024 bits) and publickey to the receiver.
In the receiver side i constructed RSACryptoService provider object by using
card publickey and exponent in the following way
byte[] Exponent = {0x01,0x00,0x01};
RSAKeyInfo.Modulus = publickey ;
RSAKeyInfo.Exponent = Exponent;
objRSA1.ImportParameters(RSAKeyInfo);
Up to now every thing is working fine. Now started a problem while
decrypting the signature.
For decryption i used Microsoft decrypt method of RSACryptoServiceProvider
class.The main problem of this method is i am thinking that while decryting
it removes the padding.
Finaly i got a badKey error while running the following statement
decryptSignature = objRSA1.Decrypt(arrDigitalSignature,false);
Can u please give me some idea to solve this problem
"One thing remember is Signature is created by the card"
Thank you very much
Srihari.k
RichMond
Bangalore
India