CODEWITHSUNDEEP
c#windowsrsa
keape
keape

Reputation: 161

RSACryptoServiceProvider failed to verify on windows

I am trying to sign with RSA private key in java and verify it in C#. The verify code works well on my iMac with VS (xamarin) but always returns false on Windows 10. The C# code is here:

RSAParameters rsaPars = new RSAParameters();

rsaPars.Modulus = Convert.FromBase64String("AKZXGikjSCLZT2CfhPguEA4ZDVEmCBwNvSVagkPFDnz3kLvbSXus51stJ7iUedocrGWgeilbVJoKP9cTqtZ8dyRwpokU55Kixk5JFf+5wS/SZtPs84eHPDfTC9C9Gg97/krFyGq7fikdoJpuRQBaBh1qqxGA6C+vzO49xGIiWeUA0+u9M2/PA/y7EhgZngKhhzGiU+KWhawctFAokCFX9kBhgmxVxM6EyJdD3RppEnhsza6VORHcnTnOgetZJML9WE7FX8sDO82DvnCv4UIR5YzN8W8nqLLp/RZyZkzmRGXIItUYW2VEvTV6/I2SVLNrKJNgKIYD2SOOSHXw/+RD5RcGFf1jsLP/ZF8JxAayywjDwCY0FsvyWHrWJMPPWQWPw30+Nk6pqY9OIiD/Z7xCTdmO6H8xV/SRyKRe8YdAS6Wuro6l/MnoPv+eqh/gc958RkC7BQmWtzN/UDbx/bqU4nJ2YLF37ZeKjMjqea7n3aOO/pwMQSqp96E/CImprm5lXdso+/RPzAslktMaTom++/4wtr4mxynDy+KPml9qDFCxHpvuIxF1w8fBaBKTpBXQlgi5o0ZdbXl5kalYjnkMbZ903bcSC1tEbhMVQCSJ5qvCulKWMWmbB5HWSx1QRcVkz0fUVuYfrm20m0MXSpgpZkGSU7gouI7W/Q9nMN9HCLUj");
rsaPars.Exponent = Convert.FromBase64String("AQAB");
string signature = "doBEnIGZXCtzI7Iwfl3akr2Jk+jtDloXjZeB8aeEmpoElpqPNevC3z9tNRC1yCsmECx9a92hj9E5Z2QXY5bvHxsxf9uH2INcdN4ORBQxWH5znI3qLIMVjXMJ7NM2g+5S64weCV3YDH8+93q2zUX/dvoJNYuUTn4ZeTZIoIuuIdHssZn+tRQt8smYX1FIbLnS+2catX76hfpgJPrAQE2eukDdnJ5S/mIN09+G4mI9a3n9FNUVr2b7+uUGfX9RabUQwHjZK64kUTWui+j1GEDKXf2Lb0TjTwM+AuAAwKcOHttoX8Np3z+AQsRQfQe8XFxyEWaVwgf77R+Xru0e+z2ASF392xpuDQDdDQoMuaKpFn6FvFgs5FHM1v/YGm3QD1IgJfslZ7DmHZh25g6kg5scj3D2nQtnM8CfPdQNIA8r4cjLgESgx5O30s/K5liNeTlGdIj+mhZZ8ZHldi+Kps5Tk/rtkWSkdKylzFb6p6JVZRRa7Ks0Z52oKoGVcPWQbALYu08I1KILynGwVIWy4fgf9BzvbAWhCnfkVynl5gfNaDKSuuysTEOM1l08YfeSnpR8D4NZeOJuKnZT1dKbHqNGpCK7sXpLaaP0UZhCcBfW55wBADE7vhbX5HcL3bXLbFbsrA5/CO9AHrz7f8Xx+VQdv+qS1YixzHb1o741c6EK6qw=";

byte[] dataToSign = Encoding.UTF8.GetBytes("Data to Sign");
using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(4096))
{
    RSA.ImportParameters(rsaPars);
    Console.WriteLine(RSA.VerifyData(dataToSign, "SHA1", Convert.FromBase64String(signature)));
}

I ran the exact code on both mac and windows. At the beginning I thought it's encoding issue. I compared those raw data on mac and windowns and they were the same. If I generated the keys in the C# code, it worked fine on windows.

privateKey = RSAalg.ExportParameters(true);
publicKey = RSAalg.ExportParameters(false);

Any idea what it could be the problem?

Thanks

Upvotes: 2

Views: 308

Answers (2)

bartonjs
bartonjs

Reputation: 33098

Your Modulus value begins with an 0x00, presumably because Xamarin/Mono exported it improperly.

If you re-encode your modulus value to remove the leading 0x00 (or do something like

if (rsaPars.Modulus[0] == 0)
{
    byte[] tmp = new byte[rsaPars.Modulus.Length - 1];
    Buffer.BlockCopy(rsaPars.Modulus, 1, tmp, 0, tmp.Length);
    rsaPars.Modulus = tmp;
}

) then your problem should go away.

Presumably something changed in Windows 10 where it doesn't realize the leading byte is 0x00, so it thinks the keysize is 4104 (vs 4096), and since the signature is 512 bytes (instead of 513) it's "automatically not correct".

Theoretically an alternative fix would be to add a padding byte to the signature, too; but making the Modulus value be platform-correct seems better.

Upvotes: 2

keape
keape

Reputation: 161

If I parse the same public key in xml format, it works on both mac and windows

RSAParameters rsaPars;
using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(4096))
{
    RSA.FromXmlString(@"<RSAKeyValue><Modulus>AKZXGikjSCLZT2CfhPguEA4ZDVEmCBwNvSVagkPFDnz3kLvbSXus51stJ7iUedocrGWgeilbVJoKP9cTqtZ8dyRwpokU55Kixk5JFf+5wS/SZtPs84eHPDfTC9C9Gg97/krFyGq7fikdoJpuRQBaBh1qqxGA6C+vzO49xGIiWeUA0+u9M2/PA/y7EhgZngKhhzGiU+KWhawctFAokCFX9kBhgmxVxM6EyJdD3RppEnhsza6VORHcnTnOgetZJML9WE7FX8sDO82DvnCv4UIR5YzN8W8nqLLp/RZyZkzmRGXIItUYW2VEvTV6/I2SVLNrKJNgKIYD2SOOSHXw/+RD5RcGFf1jsLP/ZF8JxAayywjDwCY0FsvyWHrWJMPPWQWPw30+Nk6pqY9OIiD/Z7xCTdmO6H8xV/SRyKRe8YdAS6Wuro6l/MnoPv+eqh/gc958RkC7BQmWtzN/UDbx/bqU4nJ2YLF37ZeKjMjqea7n3aOO/pwMQSqp96E/CImprm5lXdso+/RPzAslktMaTom++/4wtr4mxynDy+KPml9qDFCxHpvuIxF1w8fBaBKTpBXQlgi5o0ZdbXl5kalYjnkMbZ903bcSC1tEbhMVQCSJ5qvCulKWMWmbB5HWSx1QRcVkz0fUVuYfrm20m0MXSpgpZkGSU7gouI7W/Q9nMN9HCLUj</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>");
    rsaPars = RSA.ExportParameters(false);
}

it looks setting modulus and exponent directly to public key on windows doesn't work

Upvotes: 0

Related Questions