Chris, Torsten,
Thank you both for responding. I did some reading on DER after sending the email. And you are right, my question was flawed. Let me try to explain the full picture. I am given a file and the following instruction on how to decode/decrypt this file: 1. Decrypt the wrapped session key with the Private key of customer using RSA. 2. Decrypt the Signed Data with the unwrapped session key using 3DES EDE CBC. 3. Generate a hash of the data file using SHA1. 4. Decrypt the digital signature with the Public Key using RSA. 5. Verify hash. According to the instruction I have to decrypt the session key first. But I can't tell which part of the binary file is the encrypted session key. I tried to use .NET APIs to decrypt the entire file using the PFX I have but ran into error "length exceed 128" or something like that. I think (I could be wrong) that this file is DER encoded. So I am trying to decode it first, see if I can separate the encrypted session key and the encrypted payload. If instead, this is a CMS (more readings for me.) file as you suspected, how do I go about decrypt it? How can I tell if this is DER file, or a CMS file? (I have asked my source and they don't know). I guess I could try using openssl but ultimately I need to do this programmatically as an automated process. Any pointers you can offer is appreciated. - Hai From: Christoph Hannebauer [mailto:[email protected]] Sent: Sunday, January 13, 2013 4:12 AM To: [email protected] <mailto:[email protected]> Cc: [email protected] <mailto:[email protected]> Subject: Re: [dev-crypto-csharp] DER decoding in .NET Hello Hai, PFX aka PKCS#12 is a format specified in ASN.1 for storing data like private keys. DER specifies how to encode data whose format is specified as ASN.1. Almost all X.509 related data can be stored with DER encoding. For example, your PFX file is also DER encoded. Thus, with the information you have told us, we do not know the actual format of your binary file. Therefore we need more information to tell how to decode this binary file. Maybe you have a file extension? Encoding and decoding is also something completely different than encryption and decryption. For the former, you just have to know the specific format used and for the latter, you have to have a cryptographic key. Since you have a private key and it is related to your "binary file", this file is probably encrypted with an asymmetric encryption algorithm like RSA. Maybe it's a CMS file? If you just want to decrypt a single file, I suggest you use openssl with the cms command. This is easier than writing your own application with Bouncy Castle. Best, Christoph On 12.01.2013 00:22, Hai Ning wrote: I have a binary file someone sent me. I am told it is DER encoded and I have the private key in a PFX format. How do I use BC to decode this file using C#? Is there any sample code? Thanks. - Hai
