EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Load Public Key into Keyring using Certificates

Posted: 12/13/2013 06:13:24
by Ganesh B (Basic support level)
Joined: 12/13/2013
Posts: 3


I have a requirement to encrypt a string using a SSO certificate. I tried using TElX509Certificate for this purpose. I was able to load the certificate using TElX509Certificate.LoadFromStream.

The certificate does not have the private key and has the public key but I am not able to load it into the Keyring. I tried using TElX509Certificate.GetPublicKeyBlob and then load the resulting byte[] using TElPGPKeyring.Load. At this point I am getting an error that the public key sequence is invalid.

Please advise.

TElX509Certificate telxCertificate = new TElX509Certificate();

telxCertificate.LoadFromStream(new FileStream(".\\Keys\\msKey060.cer",FileMode.Open), 0);
telxCertificate.GetPublicKeyBlob(out pubKeyBuff);

MemoryStream publicKeyStream = new MemoryStream(publicKeyBuff);


keyring.Load(publicKeyStream, null, false);
Posted: 12/13/2013 06:17:06
by Eugene Mayevski (Team)

Are you sure that you need to encrypt using OpenPGP and x.509 certificate? Is this a requirement imposed by some standard or it is your invention?

Sincerely yours
Eugene Mayevski
Posted: 12/13/2013 08:38:43
by Ganesh B (Basic support level)
Joined: 12/13/2013
Posts: 3

Hi Eugene,

Initially we were required to encrypt the data with the public key that was shared with us but the client for some reason could not decrypt it. It was then they asked us to use their certificate and encrypt the data.

Posted: 12/13/2013 08:55:20
by Eugene Mayevski (Team)

You need to figure out what technology you need to use.

X.509 certificates are used in PKCS#7 / CMS . They are almost never used in OpenPGP. So you need to determine what *exactly* the client expects, i.e. what format is to be used, how the data is expected to be decrypted (using which tools/technologies). Then you can choose the right tool. Until you have exact specification your experiments are waste of your and our time.

Sincerely yours
Eugene Mayevski
Posted: 12/13/2013 09:15:17
by Ganesh B (Basic support level)
Joined: 12/13/2013
Posts: 3

Thank you for the direction Eugene. Being new to encryption, it was difficult to figure out the exact requirement initially. But now I feel even the regular .net encryption methods would suffice the requirement and trying out anything with OpenPGP would be an overkill.

Thanks again!




Topic viewed 808 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!