All Questions
Tagged with cryptography .net
792 questions
0
votes
1
answer
111
views
Unpad/decode OAEP padded decrypted data
I decrypt a byte array on a smartcard and receive data back from the smartcard. This decrypted data is still in the OAEP padding. Is there a simple way in C# to "unpad" decrypted data? The ...
0
votes
0
answers
25
views
Data Protection API (DPAPI) : what algorithm is used to encrypt the data [duplicate]
In document only mentioned that "It provides protection using the user or machine credentials to encrypt or decrypt data." but there is no explanation about what algorithm is used to encrypt ...
2
votes
1
answer
160
views
C# - AES-GCM decryption will null IV
I'm taking a look at some Apple Keychain backup stuff, and I've reached a point where I need to decrypt some data with AES-GCM.
I have the decryption key, GCM auth tag, and ciphertext.
I do not have ...
0
votes
0
answers
65
views
How to read relative Distinguished Names if OID friendly names can't be parsed
I have to work with digital signatures, and part of it is reading relative distingushed names.
The problem is that Subject Name contains names that are not common, because they are related to country ...
1
vote
1
answer
190
views
Validate ECDsa with SHA256 Signature in .NET
For a project I'm working on, I need to verify signatures of data records. We have a legacy project that makes use of an imported DLL of which the source code is no longer available. We are now ...
2
votes
1
answer
151
views
c# Digital signature generation and verification
using System;
using System.Security.Cryptography;
class Helo
{
private static string GetPemPrivateKey()
{
string privatekey = @"-----BEGIN PRIVATE KEY-----
.....
-----END PRIVATE KEY-----&...
0
votes
0
answers
104
views
Deterministic AES encryption implementation without using external libraries
I want to encrypt some data in the database. I want it to be as secure as possible with one caveat - I need to search for ciphers that encode the same data, hence I need the ciphers for any given ...
0
votes
1
answer
39
views
How to create universal model to deserialize response from external API
I'm creating an endpoint to get prices from crypto markets for specific cryptocurrency.
I'm using API of Kucoin and Binance. When I get a response, in both responses there are bids and asks fields. ...
0
votes
0
answers
97
views
Comparing .NET RSA and ECDSA signature algorithms
In System.Security.Cryptography, the RSA and ECDsa classes both implement SignData and SignHash methods.
Aligning with cryptographic standards, the SignData methods require a HashAlgorithmName, since ...
0
votes
1
answer
169
views
AESCryptoServiceProvider encryption PKCS7 padding inconsistencies
I have inherited some legacy code originally built in .NET 4.6 which is something as follows:
static void Main(string[] args)
{
Console.WriteLine(Encrypt("B9519163&...
2
votes
0
answers
138
views
RSA ImportEncryptedPkcs8PrivateKey on Windows Server 2019 doesn't work
I have an API in .NET 6 for validating that .cer and .Key files are correlated and validating that the password corresponds to the .KEY. The code I am using is:
public static bool ...
1
vote
1
answer
103
views
How to convert CryptAcquireContext to .NET 8 using System.Security.Cryptography methods
I am needing to decrypt a file that was encrypted using the advapi32.dll. I am needing to write a decryption method using .NET 8 and the in built System.Security.Cryptography methods using C# as this ...
0
votes
1
answer
166
views
Change Executable Hash Algorithm
We have an application build in .NET Framework 4.8, and for security issue we need to change the Hash Algorithm from SHA-1 to SHA-256.
We find this hash algorithm trough ILSPY( as you can see on the ...
0
votes
1
answer
171
views
How to correctly CryptoConfig.AddAlgorithm for ECDsa in C# .NET?
I have a XMLDocument that was signed with edcsa-sha384, out of the box .NET SignedXml does not support that algorithm, so I followed this article (https://www.scottbrady91.com/c-sharp/ecdsa-xml-dotnet)...
0
votes
1
answer
109
views
Password Hash function port from python to .net 8
we have an old software system written in python which uses the following password hash functions:
import hashlib, binascii, os
def hash_password(password):
"""Hash a password for ...
2
votes
1
answer
309
views
How to build certificate chain with BouncyCastle in .net (not with Portable.BouncyCastle)
Based on the posting Build certificate chain in BouncyCastle in C# I was using the Portable.BouncyCastle (v. 1.9.0) to create a certificate chain from primary and some additional certificates in .net (...
0
votes
1
answer
546
views
Verify PKCS7 (CMS) Signature with only a hash of the original data
I am trying to verify a detached pkcs7 CMS signature with System.Security.Cryptography or the bouncycastle library and still cannot get it to work after hours and hours of testing.
My problem is that ...
0
votes
0
answers
101
views
Why is RsaCryptoServiceProvider.FromXmlString throwing a WindowsCryptographicException about a file being in use?
I am using the RSACryptoServiceProvider class from .NET 6 to do some signing operations and am running into an unknown WindowsCryptoGraphicException when loading key information from an XML string.
...
0
votes
0
answers
91
views
How should I hash passwords on .NET?
I've made a class that hashes a password to store in the database, and it is a singleton, since I do not want to make an instance of it every time I'm going to use, because it does not change. I've ...
-2
votes
1
answer
482
views
AES Decrypt in .NET Framework fails
I am trying to send a username through an HTTP header to my service, and I want it encrypted with AES. (Yes, this could be done in a better way)
The final decrypted string is always empty.
Encript:
...
0
votes
1
answer
271
views
Reproducible Elliptic Curve Digital Signature algorithm parameters in C#
Using the following code, I can generate the Elliptic Curve Digital Signature Algorithm (ECDSA) parameters (i.e., public and private keys).
using var ecdsa = ECDsa.Create(ECCurve.NamedCurves.nistP384);...
1
vote
0
answers
69
views
Is it possible to compute a HMAC in .NET using a key that has been persisted as a CNGkey object?
Is it possible to compute a HMAC in .NET using a key that has been persisted as a CNGkey object?
There are a variety of encryption algorithms supported in .NET and .NET Framework that support this - ...
0
votes
1
answer
345
views
Working Rfc2898DeriveBytes.Pbkdf2 in Java
I have some passwords hashed with C# using Rfc2898DeriveBytes.Pbkdf2(bytes,src,5000,HashAlgorithmName.SHA1,24) (an older implementation) and would like to port this code to java.
However I don't seem ...
-1
votes
3
answers
2k
views
How to digital signature and sign xml
I am working on zatca simplified invoice using asp.net core 2.2, now i am facing problem in sign xml.
private key is generated from zatca sdk using below command
(fatoora -csr -csrconfig csr-config-...
-1
votes
1
answer
676
views
Extract RSA Public key from x509 C#
I am trying to extract the RSA public key PKCS#1 from X509Certificate base64. to generate 8 tag for zatca phase 2 but output of my code is incorrect any one can help me with it. what i'm missing here ?...
1
vote
1
answer
1k
views
How to add Subject Alternative Name (SAN) To a CSR Using BouncyCastle C#
I'm trying to generate a Certificate Signing Request (CSR) using the BouncyCastle library in C#. My goal is to include Subject alternative names in the CSR, but I'm encountering an error related to ...
0
votes
2
answers
133
views
Why does RSACng.SignHash() have a HashAlgorithmName parameter?
Why does RSACng.SignHash() have a HashAlgorithmName parameter? It makes sense for the sister method SignData but why do we need it for already hashed data?
Consequently, why does ECDsaCng.SignHash() ...
0
votes
0
answers
170
views
How do I set CRYPT_FORCE_KEY_PROTECTION_HIGH to enforce high-level strong private key protection for RSACryptoServiceProvider?
EDIT: I was passing CRYPT_FORCE_KEY_PROTECTION_HIGH to the wrong function as pointed out by Luke. I also had an incorrect value for the flag. After making both these corrections the user gets a pop-up ...
1
vote
1
answer
498
views
How to import public key From X.509 SubjectPublicKeyInfo format?
I serialize the ECDiffieHellmanPublicKey key BLOB to a byte array by ToByteArray() method but this method is obsolete.
ECDiffieHellmanPublicKey.ToByteArray() and the associated constructor
do not ...
0
votes
0
answers
347
views
Curve25519 exchange between BouncyCastle and .NET
I wrote X25519 curve parameters in .NET and thought to cross-check it between this piece and BouncyCastle. The following is the code. But it fails to export the BouncyCastle key.
There will be an ...
1
vote
0
answers
232
views
Private Key Doesn't Match X509 Certificate After Converting to CNG
I'm trying to use CNG through PInvoke to work with x509 certificates. My goal is to import a certificate with its private key, set the flag NCRYPT_UI_FORCE_HIGH_PROTECTION_FLAG(forces a password to be ...
0
votes
0
answers
439
views
TLS 1.3 C# Client Implementation - Decryption Failure
I am implementing my own TLS 1.3 client in c#.
Currently I am struggle with Handshake messages decryption.
When I look at packages in Wireshark the "Application Data" after ServerHello is ...
1
vote
1
answer
669
views
Signing Algorithm in identity server
I am using Duende Identity Server, and I want to specify the signing algorithm for the access token of a particular API resource. By default, Duende Identity Server uses RSA 256 for signing the access ...
1
vote
2
answers
1k
views
Encrypting a stream with ChaCha20Poly1305
I was wondering, how should I encrypt a lot of data using ChaCha20Poly1305 or AesGcm. My project is running .NET 7.
I need to encrypt a data from 100 MB to 1 GB using one of these algorithms (...
0
votes
1
answer
719
views
Error occurred while decoding OAEP padding in C# .Net RSA app
I created this C# .Net Framework 4.7 console app to test Encrypt and Decrypt a text file using RSA. I have created one key pair and exported them to xml files and then they were imported to decrypt ...
0
votes
1
answer
1k
views
Encrypting and Decrypting with AES GCM from Angular to C#
How can I implement encryption and decryption methods in C# that are compatible with my existing Angular encryption and decryption methods? Currently, I have two methods in Angular for encryption and ...
1
vote
1
answer
2k
views
How to export private key from ePass3003 usb token in C#?
I have a USB sign token that it is contains public key and private key with RSA Encryption Algorithm, I could export public key file with command
openssl x509 -pubkey -noout -in mystamp.cer > ...
1
vote
0
answers
215
views
.NET 7 supports JWT-signature verification against PUK ECDsa and Brainpool P256R1 alg?
EDIT: Issue solved.I am able to validate jwts signature against the public key of the x5c cert chain. Thank you, Topaco, your comment lead me to check my data once again. Solution on the bottom.
Im ...
0
votes
1
answer
485
views
How to calculate SHA512/256 in .Net 6?
How to calculate SHA512/256 or SHA512/224 without using external library?
In .Net 6, SHA512 hash can be calculated(documentation). Here is my example:
public string GetHashStringSHA512(string data)...
0
votes
1
answer
124
views
How can Rfc2898DeriveBytes be both "based on HMACSHA1" and accept a hash algorithm?
The docs for Rfc2898DeriveBytes say:
Implements password-based key derivation functionality, PBKDF2, by
using a pseudo-random number generator based on HMACSHA1.
but the constructors that are not ...
2
votes
1
answer
361
views
.NET XAdES Signing throws CryptographicException
I'm trying to sign XML with XAdES with certificate stored on Smart Card.
First of all, it is worth to mention, that when I'm signing the same XML document with software added to this smart card, ...
1
vote
1
answer
683
views
Decryption using azure keyvault client old key version
I encrypt data using azure key vault client and cryptography client, I able to encrypt data, now I change the key version, and try to decrypt the data, but new version unable to decrypt data,
var ...
0
votes
1
answer
230
views
.NET inconsistent hash output
I have a class representing a unique real-world object, its name is personally identifiable information (a vehicle license plate if you're interested) so as a basic first step I am hashing the name ...
0
votes
1
answer
437
views
Diffie-Hellman: How To Load the Generator and Prime values from .pem file in .Net
I generated a .pem file that contains Diffie-Hellman parameters. I used this command line:
openssl dhparam -outform PEM 2048 -out dhparam.pem
The file looks like this:
-----BEGIN DH PARAMETERS-----
...
0
votes
0
answers
330
views
How to verify the signature (generated by using padding methods) using shell script?
Our server team is generating the signature for the given checksum by using the code below (.net code).
Convert.ToBase64String(rsap.SignHash(SHA256.HashData(Convert.FromHexString(strHash)), ...
0
votes
0
answers
548
views
How to specify different padding methods while generating signature using openssl?
Our server team is generating the signature for the given checksum by using the code below (.net code).
Convert.ToBase64String(rsap.SignHash(SHA256.HashData(Convert.FromHexString(strHash)), ...
0
votes
0
answers
113
views
How to use a key generated with the .net RSACryptoServiceProvider class with the browser SubtleCrypto module?
I have written the following C# code:
static void createSHA256KeyFile(string publicKeyPath, string privateKeyPath)
{
using (RSACryptoServiceProvider rsa = new ...
3
votes
2
answers
232
views
Symmetric Encryption with large strings returns same string but a loss of 1-5 bytes
I have been playing around with an old code I wrote using SHA1 to work with SHA256 or SHA512.
I am fairly new in the cryptography world and I wondered if someone can tell me why my input value in the ...
2
votes
1
answer
330
views
RSACryptoServiceProvider.VerifyData doesn't work properly on different Windows versions
Introduction
I have a digital code signing logic in my application. I use custom signing tool which signs dll files and create .sig text files with signed hash values. This tool runs on .NET 6, gets ...
0
votes
2
answers
246
views
Decrypt data using private key fails when code running under IIS
I have a code which runs under IIS as a web service. So, on message receipt, I load certificate from database, check it(to make sure cert is valid and with a private key) and call following function. ...