EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Using The ElMessageEncryptor class without a certificate

Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
#8861
Posted: 02/11/2009 20:03:22
by Justin Cook (Standard support level)
Joined: 02/10/2009
Posts: 4

Hi,

Am I right in assuming that you cannot use the ElMessageEncryptor class without having to supply a certificate storage?
I cannot seem to find a method of associating a public key generated using the ElRSAPublicKeyCrypto class



#8862
Posted: 02/12/2009 01:10:20
by Eugene Mayevski (EldoS Corp.)

ElMessageEncryptor class processes the data according to PKCS#7 and CMS specifications. These specifications are part of certificate-based infrastructure and they require that you use X.509 certificates. So yes, you can't use this class without having a certificate.


Sincerely yours
Eugene Mayevski
#8864
Posted: 02/12/2009 01:45:52
by Ken Ivanov (EldoS Corp.)

You actually can. Please use the overloaded Encrypt() method that accept a generic key parameter. However, this method will encrypt a file with a symmetric key, i.e. no public key cryptography will be used.
#8865
Posted: 02/12/2009 02:45:47
by Eugene Mayevski (EldoS Corp.)

...which is not RSA-based encryption, that the question was about.


Sincerely yours
Eugene Mayevski
#8866
Posted: 02/12/2009 03:21:59
by Ken Ivanov (EldoS Corp.)

Well, the name of the topic sounds as "Using The ElMessageEncryptor class without a certificate", so I just gave a hint about how this can be achieved :).
#8880
Posted: 02/12/2009 15:29:56
by Justin Cook (Standard support level)
Joined: 02/10/2009
Posts: 4

Hi Guys,

Thanks for the feedback, I know my thread topic and content somewhat contradicted.

Ultimately I wanted to know if it was possible to just supply an RSA public key, define a symmetric key and create a PKCS#7 compatible message.

I've seen examples using the .Net framework to generate a PKCS#7 message without specifically using a certificate ( [URL=http://pages.infinit.net/ctech/20031101-0151.html]Source Code Example[/URL] ) and wondered if it was possible with the Eldos classes.

Thanks,
Richard

#8886
Posted: 02/13/2009 00:33:47
by Ken Ivanov (EldoS Corp.)

The code snippet available under the link you have provided has nothing to do with PKCS#7. It separately encrypts a message with symmetric key, and then encrypts the latter with raw RSA PKCS#1 encryption method.

PKCS#7 PKI is based on X.509 certificates, so there's no way to create a public-key encrypted message with non-certificate-based public key.
#8888
Posted: 02/13/2009 01:22:14
by Eugene Mayevski (EldoS Corp.)

So while it is possible to do the things similar to what's described, this is done not with TElMessageEncryptor


Sincerely yours
Eugene Mayevski
#8924
Posted: 02/16/2009 21:58:59
by Justin Cook (Standard support level)
Joined: 02/10/2009
Posts: 4

Thanks for the information,

I misread the paragraph from that article

Quote
PKCS#7 describes a, ASN.1 based, data format that support encryption (and signature). The new v2 framework will include a namespace, System.Security.Cryptography.Pkcs to handle such structures.


Which I read as that, that code snippet would produce a PKCS#7 file. But as you say PKCS#7 is based on certificates :)

Again, thank you for the help.

Thanks,
Richard
#8925
Posted: 02/17/2009 00:36:19
by Eugene Mayevski (EldoS Corp.)

It's the author of that article, who didn't express well (or just didn't understand) what he was writing about.


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 2039 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!