从BouncyCastle的导入RSA密钥有时会抛出"坏数据" [英] Import RSA key from bouncycastle sometimes throws "Bad Data"
问题描述
有时,(通常足以成为.NET和充气城堡的一个严重的问题),由BouncyCastle的产生不会导入到DOTNET RSA加密提供的关键。
它只是抛出最近搜索Incorrectes没有更多的信息。 (坏数据)。因为有罪功能的实现似乎被隐藏在CLR(Utils._ImportKey();参考源RSACryptoServiceProvider.cs:297)我无法调试的问题。
我试过,改变了提供者,但没有成功。
有同样的问题在这里..某种程度上的解决的改变键或密钥长度:的 BouncyCastle的RSAPrivateKey到.NET RSAPrivateKey ;它失败在我与主要尺寸范围从512位到2048位单元测试。
如何要解决/调试这样的问题?这是什么的坏数据的意思
下面是一个测试用例失败的值:
[TestCase的(
3130061425891827008704201520933220266588903615593292093008732204896232681270200769431823371565724812996700795538563485957721923348815282268698793938491993,//mod
65537,// PE
3130061425891827008704201520933220266588903615593292093008732204896232681270200769431823371565724812996700795538563485957721923348815282268698793938491993 //私法E
108172619413453999338304010966268975159507181290909920458641813606026415083917,// p
75249617574313725168879024231390763478340191084309820124417146187514704207891,// q
46308055148448439895562160789624828220320330169183342667312429963694967752481,// DP
237677507940292370873826357872619864199100043554818389089435727311526981263,// DQ
4755193289666548078142536433103759575424135202658906348751587662200087509503// QINV
)
公共无效TestBadKeyForMicrosoft(串月,串PE,串PRIVE,串p,串q,串DP,DQ字符串,字符串QINV)
{
变种K =新RsaPrivateCrtKeyParameters(
新的BigInteger(MO),//模
新的BigInteger(PE),// PE
新的BigInteger(PRIVE)// PRIV Ë
新的BigInteger(p),// p
新的BigInteger(q),// q
新的BigInteger(DP),// DP
新的BigInteger(DQ), // DQ
新的BigInteger(QINV)// QINV
);
VAR dotNetRsa = Org.BouncyCastle.Security.DotNetUtilities.ToRSAParameters(K);
// VAR rsaCsp =新的RSACryptoServiceProvider(新CspParameters(24 / * * PROV_RSA_AES /)){PersistKeyInCsp = FALSE};
变种rsaCsp =新的RSACryptoServiceProvider(){PersistKeyInCsp = FALSE};
rsaCsp.ImportParameters(dotNetRsa);
}
我想这仅仅是一个。填充问题
快活 - 城堡最新GIT版本具有以下代码:
注意:这是不固定在的NuGet版(2011年)
公共静态RSAParameters ToRSAParameters(RsaPrivateCrtKeyParameters的privKey)
{
RSAParameters RP =新RSAParameters();
rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
rp.P = privKey.P.ToByteArrayUnsigned();
rp.Q = privKey.Q.ToByteArrayUnsigned();
rp.D = ConvertRSAParametersField(privKey.Exponent,rp.Modulus.Length);
rp.DP = ConvertRSAParametersField(privKey.DP,rp.P.Length);
rp.DQ = ConvertRSAParametersField(privKey.DQ,rp.Q.Length);
rp.InverseQ = ConvertRSAParametersField(privKey.QInv,rp.Q.Length);
返回RP;
}
私人静态的byte [] ConvertRSAParametersField(BigInteger的N,INT大小)
{
的byte [] BS = n.ToByteArrayUnsigned();
如果(bs.Length ==大小)
返回BS;
如果(bs.Length>大小)
抛出新的ArgumentException(指定的尺寸过小,大小);
字节[] =填充新的字节[大小]
Array.Copy(BS,0,填充,大小 - bs.Length,bs.Length);
返回填充;
}
此代码从代码不同,你可以看到其他地方基本上复制/粘贴的关键参数,并且不执行额外的填充步骤
Sometimes, (frequently enough to be a serious problem between .NET and bouncy castle), a key generated by bouncycastle won't import into the dotnet RSA crypto provider.
It only throws "Données Incorrectes" ; no more details. ("Bad data"). I cannot debug the problem since the guilty function implementation seems to be hidden in the CLR (Utils._ImportKey() ; reference source RSACryptoServiceProvider.cs:297).
I tried changing the "provider" but without success.
There is the same problem here.. somewhat solved by changing key or keysize : BouncyCastle RSAPrivateKey to .NET RSAPrivateKey ; It fails on my unit test with key sizes ranging from 512 bits to 2048 bits.
How to workaround/debug such a problem ? What does bad data means ?
Here is a test case with a value that fails :
[TestCase(
"3130061425891827008704201520933220266588903615593292093008732204896232681270200769431823371565724812996700795538563485957721923348815282268698793938491993",//mod
"65537",//pe
"3130061425891827008704201520933220266588903615593292093008732204896232681270200769431823371565724812996700795538563485957721923348815282268698793938491993",//priv e
"108172619413453999338304010966268975159507181290909920458641813606026415083917",//p
"75249617574313725168879024231390763478340191084309820124417146187514704207891",//q
"46308055148448439895562160789624828220320330169183342667312429963694967752481", //dp
"237677507940292370873826357872619864199100043554818389089435727311526981263", //dq
"4755193289666548078142536433103759575424135202658906348751587662200087509503"//qinv
)]
public void TestBadKeyForMicrosoft(string mo, string pe, string prive, string p, string q, string dp, string dq, string qinv)
{
var k = new RsaPrivateCrtKeyParameters(
new BigInteger(mo),//mod
new BigInteger(pe),//pe
new BigInteger(prive),//priv e
new BigInteger(p),//p
new BigInteger(q),//q
new BigInteger(dp),//dp
new BigInteger(dq),//dq
new BigInteger(qinv)//qinv
);
var dotNetRsa = Org.BouncyCastle.Security.DotNetUtilities.ToRSAParameters(k);
//var rsaCsp = new RSACryptoServiceProvider(new CspParameters(24 /*PROV_RSA_AES */)) { PersistKeyInCsp = false };
var rsaCsp = new RSACryptoServiceProvider() {PersistKeyInCsp = false};
rsaCsp.ImportParameters(dotNetRsa);
}
I guess this is just a padding issue.
Bouncy-castle latest GIT version has the following code :
nb: It was not fixed in the "Nuget" version (2011)
public static RSAParameters ToRSAParameters(RsaPrivateCrtKeyParameters privKey)
{
RSAParameters rp = new RSAParameters();
rp.Modulus = privKey.Modulus.ToByteArrayUnsigned();
rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned();
rp.P = privKey.P.ToByteArrayUnsigned();
rp.Q = privKey.Q.ToByteArrayUnsigned();
rp.D = ConvertRSAParametersField(privKey.Exponent, rp.Modulus.Length);
rp.DP = ConvertRSAParametersField(privKey.DP, rp.P.Length);
rp.DQ = ConvertRSAParametersField(privKey.DQ, rp.Q.Length);
rp.InverseQ = ConvertRSAParametersField(privKey.QInv, rp.Q.Length);
return rp;
}
private static byte[] ConvertRSAParametersField(BigInteger n, int size)
{
byte[] bs = n.ToByteArrayUnsigned();
if (bs.Length == size)
return bs;
if (bs.Length > size)
throw new ArgumentException("Specified size too small", "size");
byte[] padded = new byte[size];
Array.Copy(bs, 0, padded, size - bs.Length, bs.Length);
return padded;
}
This code is different from the code you can see anywhere else which basically copy/paste the key parameters, and does not perform the extra padding step.
这篇关于从BouncyCastle的导入RSA密钥有时会抛出"坏数据"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
