That helps alot actually.
In my case I am actually encrypting a very trivial amount of data. Basically I'm exchanging a 10 character identifier over the web and want to take advantage of the benefits of digital signatures by using a PKI solution.
"- RSA use big numbers and some libraries use them as big or little
numbers (yep, it's not limited to under 64bits integers ;-). Simply
reversing the array normally solves that;"
That's actually pretty enlightening, I've noticed the unmanaged Windows crypto libraries require an array reverse before I can work with them in .NET. Now I have an idea why.
So it seems like interop with .NET can be achieved when using the same padding and structure standards. That's good to know. it was what I was hoping for. I will take a closer look at the two libraries you mentioned (OpenSSL and NSS) and see what I can find. NSS in particular looks like it supports a wide variety of standards.
Thanks again.
On 5/9/06, Sebastien Pouliot <[EMAIL PROTECTED]> wrote:
Hello Dan,
On Tue, 2006-05-09 at 17:01 -0400, Dan Dombrowsky wrote:
> Hey, this isn't exactly a mono question but
IMO it's enough of a mono question, but anyway it's an interesting
interop question.
> does anyone know of a unix/linux program or library that is compatible
> with the .NET RSACryptoServiceProvider class?
The devil is in the details... most of them should be (e.g. OpenSSL,
NSS) but:
- it's possible some libraries will allows stuff not easily done with
RSACryptoServiceProvider, like directly [en|de]crypting unpadded (raw)
data (there are good reasons not to do that);
- RSA use big numbers and some libraries use them as big or little
numbers (yep, it's not limited to under 64bits integers ;-). Simply
reversing the array normally solves that;
- padding and structures (or lack of) may also vary. It's more a matter
of matching properties and acronyms;
- some only offers the cryptographic primitives and often _look_ much
easier to use. However they are a _lot_harder_ to use securely and,
IMHO, not worth the extra time (as people are supposed to use them for
security, not simplicity ;-);
> Basically I just need to know if I receive a string encrypted with a
> unix library with RSA,
Now you should know that while many people use RSA to (directly) encrypt
data (bad), but it isn't really built for that (i.e. RSA should be used
for key exchange). This is often easy to "fool" but can come back to
haunt you later (e.g. maximum string length wrt to key size and
padding);
> can I decrypt it with .NET out of the box
Mono, just like .NET, supports most of current (and older) standards so
you should be able to do just about anything (standard-wise). So yes it
should work out-of-the-box if done correctly.
> or do I need to write a compatibility layer, and if a layer is needed
> then what is involved, etc.
The most likely issue is the big integer endianess. Other issue can show
up if you don't have a crypto library supporting the same standards (or
don't use the right API, when multiple level are offered).
> I'm hoping someone developing Mono's System.Security.Cryptography
> namespace can help me here...
I hope it helped a bit :)
--
Sebastien Pouliot <[EMAIL PROTECTED]>
Blog: http://pages.infinit.net/ctech/
_______________________________________________ Mono-devel-list mailing list Mono-devel-list@lists.ximian.com http://lists.ximian.com/mailman/listinfo/mono-devel-list
