EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Load Public Key into Keyring using Certificates

Also by EldoS: CallbackRegistry
A component to monitor and control Windows registry access and create virtual registry keys.
#27649
Posted: 12/13/2013 06:13:24
by Ganesh B (Basic support level)
Joined: 12/13/2013
Posts: 3

Quote
Hi,

I have a requirement to encrypt a string using a SSO certificate. I tried using TElX509Certificate for this purpose. I was able to load the certificate using TElX509Certificate.LoadFromStream.

The certificate does not have the private key and has the public key but I am not able to load it into the Keyring. I tried using TElX509Certificate.GetPublicKeyBlob and then load the resulting byte[] using TElPGPKeyring.Load. At this point I am getting an error that the public key sequence is invalid.

Please advise.


Code
TElX509Certificate telxCertificate = new TElX509Certificate();

telxCertificate.LoadFromStream(new FileStream(".\\Keys\\msKey060.cer",FileMode.Open), 0);
            
telxCertificate.GetPublicKeyBlob(out pubKeyBuff);

MemoryStream publicKeyStream = new MemoryStream(publicKeyBuff);

telxCertificate.LoadKeyFromBuffer(pubKeyBuff);

keyring.Load(publicKeyStream, null, false);
#27650
Posted: 12/13/2013 06:17:06
by Eugene Mayevski (EldoS Corp.)

Are you sure that you need to encrypt using OpenPGP and x.509 certificate? Is this a requirement imposed by some standard or it is your invention?


Sincerely yours
Eugene Mayevski
#27652
Posted: 12/13/2013 08:38:43
by Ganesh B (Basic support level)
Joined: 12/13/2013
Posts: 3

Hi Eugene,

Initially we were required to encrypt the data with the public key that was shared with us but the client for some reason could not decrypt it. It was then they asked us to use their certificate and encrypt the data.

Regards,
Ganesh
#27654
Posted: 12/13/2013 08:55:20
by Eugene Mayevski (EldoS Corp.)

You need to figure out what technology you need to use.

X.509 certificates are used in PKCS#7 / CMS . They are almost never used in OpenPGP. So you need to determine what *exactly* the client expects, i.e. what format is to be used, how the data is expected to be decrypted (using which tools/technologies). Then you can choose the right tool. Until you have exact specification your experiments are waste of your and our time.


Sincerely yours
Eugene Mayevski
#27655
Posted: 12/13/2013 09:15:17
by Ganesh B (Basic support level)
Joined: 12/13/2013
Posts: 3

Thank you for the direction Eugene. Being new to encryption, it was difficult to figure out the exact requirement initially. But now I feel even the regular .net encryption methods would suffice the requirement and trying out anything with OpenPGP would be an overkill.

Thanks again!

Ganesh
Also by EldoS: CallbackFilter
A component to monitor and control disk activity, track file and directory operations (create, read, write, rename etc.), alter file data, encrypt files, create virtual files.

Reply

Statistics

Topic viewed 690 times

Number of guests: 1, registered members: 0, in total hidden: 0




|

Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!