How can I use a key generated with sn.exe to sign a string in php?

Question

This is another question in the line of getting C# and PHP to exchange signed pieces of data. In my scenario, I have a signed C# assembly on the client side with a public key. I also have a PHP page on the server with a private key. I want to be able to sign some data in PHP with the private key and check the signature against the public key in C# on the client.

I've figured out how to generate a public/private key file with sn.exe (duh). This is the format I need for .NET to sign assemblies etc. Once signed, the assembly can provide the public key as a property (something like Assembly.GetName().PublicKey)

Also, I've figured out, that I probably want to use the openssl_sign() function to create a signature for the data. The example shows reading in a fixed length of bytes from a .pem file. This file I don't have.

I guess the .pem file is just a way of storing the public / private key information, comparable to the XML and CspBlob stuff I can generate with the RSACryptoServiceProvider. What is the relation between these formats? How can I convert one to the other?

Answer 1

To exchange secure information, you should not to use private/public pair generated by sn.exe as that meant to be used to sign a .NET assembly. Assuming both languages implemented cryptography algorithm correctly, you just need to use same keys (string values) and same algorithm. Can't be that hard =)

Please, take a look here: Generating Keys for Encryption and Decryption as it contains more information about how you can use public/private keys in .NET side.