EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Using The ElMessageEncryptor class without a certificate

Also by EldoS: RawDisk
Access locked and protected files in Windows, read and write disks and partitions and more.
#8861
Posted: 02/11/2009 20:03:22
by Justin Cook (Standard support level)
Joined: 02/10/2009
Posts: 4

Hi,

Am I right in assuming that you cannot use the ElMessageEncryptor class without having to supply a certificate storage?
I cannot seem to find a method of associating a public key generated using the ElRSAPublicKeyCrypto class



#8862
Posted: 02/12/2009 01:10:20
by Eugene Mayevski (EldoS Corp.)

ElMessageEncryptor class processes the data according to PKCS#7 and CMS specifications. These specifications are part of certificate-based infrastructure and they require that you use X.509 certificates. So yes, you can't use this class without having a certificate.


Sincerely yours
Eugene Mayevski
#8864
Posted: 02/12/2009 01:45:52
by Ken Ivanov (EldoS Corp.)

You actually can. Please use the overloaded Encrypt() method that accept a generic key parameter. However, this method will encrypt a file with a symmetric key, i.e. no public key cryptography will be used.
#8865
Posted: 02/12/2009 02:45:47
by Eugene Mayevski (EldoS Corp.)

...which is not RSA-based encryption, that the question was about.


Sincerely yours
Eugene Mayevski
#8866
Posted: 02/12/2009 03:21:59
by Ken Ivanov (EldoS Corp.)

Well, the name of the topic sounds as "Using The ElMessageEncryptor class without a certificate", so I just gave a hint about how this can be achieved :).
#8880
Posted: 02/12/2009 15:29:56
by Justin Cook (Standard support level)
Joined: 02/10/2009
Posts: 4

Hi Guys,

Thanks for the feedback, I know my thread topic and content somewhat contradicted.

Ultimately I wanted to know if it was possible to just supply an RSA public key, define a symmetric key and create a PKCS#7 compatible message.

I've seen examples using the .Net framework to generate a PKCS#7 message without specifically using a certificate ( [URL=http://pages.infinit.net/ctech/20031101-0151.html]Source Code Example[/URL] ) and wondered if it was possible with the Eldos classes.

Thanks,
Richard

#8886
Posted: 02/13/2009 00:33:47
by Ken Ivanov (EldoS Corp.)

The code snippet available under the link you have provided has nothing to do with PKCS#7. It separately encrypts a message with symmetric key, and then encrypts the latter with raw RSA PKCS#1 encryption method.

PKCS#7 PKI is based on X.509 certificates, so there's no way to create a public-key encrypted message with non-certificate-based public key.
#8888
Posted: 02/13/2009 01:22:14
by Eugene Mayevski (EldoS Corp.)

So while it is possible to do the things similar to what's described, this is done not with TElMessageEncryptor


Sincerely yours
Eugene Mayevski
#8924
Posted: 02/16/2009 21:58:59
by Justin Cook (Standard support level)
Joined: 02/10/2009
Posts: 4

Thanks for the information,

I misread the paragraph from that article

Quote
PKCS#7 describes a, ASN.1 based, data format that support encryption (and signature). The new v2 framework will include a namespace, System.Security.Cryptography.Pkcs to handle such structures.


Which I read as that, that code snippet would produce a PKCS#7 file. But as you say PKCS#7 is based on certificates :)

Again, thank you for the help.

Thanks,
Richard
#8925
Posted: 02/17/2009 00:36:19
by Eugene Mayevski (EldoS Corp.)

It's the author of that article, who didn't express well (or just didn't understand) what he was writing about.


Sincerely yours
Eugene Mayevski
Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.

Reply

Statistics

Topic viewed 2034 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!