tags:

views:

1615

answers:

4
+1  Q: 

how to store/retreieve RSA public/private key

I want to use RSA public key encryption, and I'm wondering what is the best way to store or retrieve private and public key. Is XML a good idea here?

How to get the keys?

RSAParameters privateKey = RSA.ExportParameters(true);
RSAParameters publicKey = RSA.ExportParameters(false);

Because RSAParameters have the following members: D, DP, DQ, Exponent, InverseQ, Modulus, P, Q

Which one is the key?

A: 

The public key is identified by Modulus and Exponent. The private key is identified by the other members.

Tommy Carlier  2009-07-28 11:42:46
+1  A: 

Use a existing standard format, like PEM. Your crypto library should provide functions to load and save keys from files in PEM format.

Exponent and Modulus are the Public key. D and Modulus are the Private key. The other values allow faster computation for the holder of the Private key.

caf  2009-07-28 11:43:18
so public-key = exponent + modulus (concatenated together?)
ala  2009-07-28 12:02:39
Exponent and Modulus as two independent values, stored in whatever way makes sense. The PEM format uses ASN1 to store these values (defined in the PKCS#1 standard as the "SubjectPublicKeyInfo" format), then base64 encodes the result.
caf  2009-07-28 12:11:15
+2  A: 

What I have done successfully is to store the keys as XML. There are two methods in RSACryptoServiceProvider: ToXMLString and FromXMlString . The ToXMLString will return an XML string containing either just the public key data or both the public and private key data depending on how you set it's parameter. The FromXMLString method will populate the RSACryptoServiceProvider with the appropriate key data when provided an XML string containing either just the public key data or both the public and private key data.

Joe Kuemerle  2009-07-28 13:08:28
A: 

I am just wondering whether is it safe to store private keys in XML file?

Normally Private keys are stored in HSM's/smart card. This provides a good security.

Raj  2009-07-30 13:02:57
you're probably right, but I need to implement private/public key using software, what do you think is the best way is?
ala  2009-07-31 08:40:52
This is one of the requirements for my future project. In my current one, we used HSM. My initial readings shows that MS has secure stores to store keys. You can access keys from these secure stores. Other alternatives to MS are [Link][1] [1]: http://trac.opendnssec.org/wiki/HSM/SoftTokens
Raj  2009-08-05 10:43:00

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?