wrap and unwrap key

You must sign in to post in the forums.
3/14/2011 2:16:27 PM
soojendi
Gravatar
Total Posts 22
View Posts

Re: wrap and unwrap key

Right now i wrote a simple decryption method to decrypt the wrapped key withoud PKCS#11 module and im getting byte array from there. Have no ide what to do with it next.
I am sorry that this topic is going little out of the NCyproki topic but i dont know anywhere else to ask these questions..

(Why the forum is showing my post as double post on the 1 and 2 page? :P)
 

3/14/2011 2:24:01 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: wrap and unwrap key

Don't worry about the topic. it may interest other developers.

The byte array you got is the plaintext (decrypted) of the wrapped key. What is the type of the wrapped key? RSA, ECC or something else?

Usually, in the most of PKCS#11 modules, a wrapped key is in ASN.1 DER encoding. to check that open you key in an hex editor and check whether it starts with 0x30 0x81 0xXX ... if so it is ASN.1 DER encoding.

The usual format for RSA and some other keys is defined in PKCS#n specifications (PKCS#12 for RSA key pairs, and so on)

3/14/2011 2:33:35 PM
soojendi
Gravatar
Total Posts 22
View Posts

Re: wrap and unwrap key

The wrapped key is a RSA privatekey. When i look at the array from debugger then it starts with 0x30 0x82 0x02 ... So it should be ANS.1 DER format then.

3/14/2011 2:42:17 PM
Ugo Chirico
Gravatar
Total Posts 300
View Posts
Ugo Chirico http://www.ugochirico.com

Re: wrap and unwrap key

Very good.

it is DER format of PKCS#8: http://www.rsa.com/rsalabs/node.asp?id=2130

3/14/2011 2:47:11 PM
soojendi
Gravatar
Total Posts 22
View Posts

Re: wrap and unwrap key

Little more offtopic here. When i try now to load the key to the keystore with keytool I get error: DerInputStream.getLength(): lengthTag=111, too big. So i think i have to check my decryption method again and see if the problem is there.
Right now my simple decrypt method looks like this:

EDIT: Ok, it was a problem of mine decryption code.

        public static byte[] Decrypt(byte[] cipherData)
        {
            MemoryStream ms = new MemoryStream(cipherData);

            DESCryptoServiceProvider cryptoProvider = new DESCryptoServiceProvider();
            cryptoProvider.Key = bytes;
            cryptoProvider.Padding = PaddingMode.None;
            cryptoProvider.Mode = CipherMode.ECB;

            CryptoStream cs = new CryptoStream(ms, cryptoProvider.CreateDecryptor(), CryptoStreamMode.Read);
            StreamReader sr = new StreamReader(cs);
            byte[] decryptedTextBytes = new Byte[cipherData.Length];
            cs.Read(decryptedTextBytes, 0, cipherData.Length);
            cs.Close();
            ms.Close();

            return decryptedTextBytes;
        }

You must sign in to post in the forums.