'Re: Direct RSA and Padding'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ms-cryptoapi
Subject:    Re: Direct RSA and Padding
From:       Jeff Spelman <jeffspel () MICROSOFT ! COM>
Date:       1999-06-26 0:31:51
[Download RAW message or body]


Sanjay
   The MS CSP does not support straight RSA encryption, by default it will
use PKCS #1 Type 2 padding and if the CRYPT_OAEP flag is used in the dwFlags
parameter it will use OAEP padding (PKCS #1 Type 2 Version 2).
Thanks Jeff

-----Original Message-----
From: Sanjay Beri [mailto:Sanjay.Beri@ESTAMP.COM]
Sent: Friday, June 25, 1999 4:49 PM
To: CryptoAPI@DISCUSS.MICROSOFT.COM
Subject: Re: Direct RSA and Padding


Thanks for the information Jeff.

However, I have a question concerning the implementation of the direct
RSA support in this new CSP.  I want to be able to pass a raw data
stream and simply RSA encrypt it.  In this new CSP I assume this would
be done with CryptEncrypt using the server private key handle and null
for the hash handle.   But, I don't want the encrypt algorithm to
package it in a PKCS#1 formatted block first, and then apply the RSA
algorithm to it.  I just want it to perform the RSA encryption (i.e.
octet-string-to-integer algorithm, RSA computation and
integer-to-octet-string algorthm) without the first "encryption-block
formatting" step which is specified in RSA's PKCS#1 doc.

Correspondingly, on decryption (CryptDecrypt), I don't want the
decryption function to do the last step of encryption-block parsing (as
detailed in PKCS#1) since the encrypted data was never block
formatted/padded before the encryption was performed (I guess one could
say it was truly "raw").

I am wondering if the MS CryptoAPI and the new MS CSP that supports
direct RSA works this way (or can work this way), or will I be unable to
encrypt without block formatting first and decrypt without the
corresponding block parsing?

Thanks for any help in advance.

Sanjay.

                -----Original Message-----
                From:   Jeff Spelman [mailto:jeffspel@MICROSOFT.COM]
                Sent:   Friday, June 25, 1999 1:55 PM
                To:     CryptoAPI@DISCUSS.MICROSOFT.COM
                Subject:

                Sanjay
                The below URL is the site where you can get the high
encryption pack for
                Windows 2000 Beta 3 (this includes the Microsoft
Enhanced Cryptographic
                Provider).


http://www.microsoft.com/Windows/server/beta/downloads/default.asp

                Thanks Jeff

                -----Original Message-----
                From: Sanjay Beri [mailto:Sanjay.Beri@ESTAMP.COM]
                Sent: Wednesday, June 23, 1999 2:55 PM
                To: CryptoAPI@DISCUSS.MICROSOFT.COM
                Subject:


                I need to use direct RSA encryption/decryption on data.

                Currently, from what I understand the Microsoft Base
Provider does not
                allow one to encrypt directly with RSA  public keys and
decrypt with RSA
                private keys.  Instead, you are forced to hash the data
and then allowed
                to RSA encrypt it (as I understand it, you cannot avoid
the first step
                of hashing no matter how small your packet is).  This
would be done with
                CryptEncrypt and CryptDecrypt.  Encryption of symmetric
keys in a
                digital envelope is of course also supported.
                However, I need to be able to take a stream of data and
apply RSA
                encryption/decryption directly on it.

                From what I have read on MSDN, in Windows 2000, the
Microsoft Enhanced
                RSA Provider is supposed to be able to support direct
encryption with
                RSA public keys and decryption with RSA private keys.  I
currently have
                Beta 3 of Windows 2000 and was wondering how I get the
CSP (i.e. dll)
                that supports direct RSA encryption/decryption.  My
understanding is
                that I would then be able to call CryptEncrypt with a
NULL value for the
                hash handle to perform the needed direct RSA encryption.

                Furthermore, since I am looking at using a crypto board
(like Atalla), I
                was wondering if anyone knows which vendor's CSPs
support direct RSA
                encryption/decryption (for NT 4.0) as I described above.

                Any help or information would be greatly appreciated.

                Thanks.

                Sanjay.
                mailto:Sanjay.Beri@estamp.com


----------------------------------------------------------------
                Users Guide
http://msdn.microsoft.com/workshop/essentials/mail.asp
                contains important info including how to unsubscribe.
Save time, search
                the archives at
http://discuss.microsoft.com/archives/index.html


----------------------------------------------------------------
                Users Guide
http://msdn.microsoft.com/workshop/essentials/mail.asp
                contains important info including how to unsubscribe.
Save time, search
                the archives at
http://discuss.microsoft.com/archives/index.html

----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://discuss.microsoft.com/archives/index.html

----------------------------------------------------------------
Users Guide http://msdn.microsoft.com/workshop/essentials/mail.asp
contains important info including how to unsubscribe.  Save time, search
the archives at http://discuss.microsoft.com/archives/index.html

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic