Managed SIMPLEBLOB blob doesn't match Unmanaged SIMPLEBLOB (RSA -Cryptography)

Question

The simple blob that is generated using

CryptExportKey(hKey, hPublicKey, SIMPLEBLOB, 0, lpData, &nSize);

does not match the one generated from the following code (note that client.key is the plain text key value of hKey found using http://www.codeproject.com/KB/security/plaintextsessionkey.aspx )

CspParameters cspParams = new CspParameters();            
cspParams.KeyContainerName = "Container Name";            
cspParams.KeyNumber = (int)KeyNumber.Exchange;
cspParams.ProviderType = 1;            
cspParams.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0";            cspParams.Flags = CspProviderFlags.UseMachineKeyStore;            

RSACryptoServiceProvider rsaClient = new RSACryptoServiceProvid(cspParams);               

    rsaClient.ImportCspBlob(File.ReadAllBytes(@"C:\client.key"));//Generate a SIMPLEBLOB session key

byte[] session = GetRC4SessionBlobFromKey(keyMaterial, rsaClient);//Encrypt a key using public key and write it in a SIMPLEBLOB format


   public byte[] GetRC4SessionBlobFromKey(byte[] keyData, RSACryptoServiceProvider publicKey)        
{              
using(MemoryStream ms = new MemoryStream())              
using(BinaryWriter w = new BinaryWriter(ms))            
{                   
w.Write((byte) 0x01); // SIMPLEBLOB                    
w.Write((byte) 0x02); // Version 2                    
w.Write((byte) 0x00); // Reserved                    
w.Write(0x00006801);  // ALG_ID = RC4 for the encrypted key.                
w.Write(0x0000a400);  // CALG_RSA_KEYX                    
w.Write(publicKey.Encrypt(keyData, false));                
w.Flush();                

return ms.ToArray();              
}        
}

Why is that?

Answer 1

1. The code in my original answer was not correct. You have to reverse the encrypted bytes. I have updated the answer to fix that problem.

2. The code above is missing a "w.Write((byte) 0x00); // Reserved". It was not a mistake that my original answer had that line repeated.

3. RSA PKCS#1 encryption (which is used inside the SIMPLEBLOB) is not deterministic. I.E. You will not get the same result by encrypting the same data twice.

So to sum up: Change the code above to:

public byte[] GetRC4SessionBlobFromKey(byte[] keyData, RSACryptoServiceProvider publicKey)        
{              
  using(MemoryStream ms = new MemoryStream())              
  using(BinaryWriter w = new BinaryWriter(ms))            
  {                   
    w.Write((byte) 0x01); // SIMPLEBLOB                    
    w.Write((byte) 0x02); // Version 2                    
    w.Write((byte) 0x00); // Reserved                    
    w.Write((byte) 0x00); // Reserved                    
    w.Write(0x00006801);  // ALG_ID = RC4 for the encrypted key.                
    w.Write(0x0000a400);  // CALG_RSA_KEYX                    
    byte[] encryptedKey = publicKey.Encrypt(key.Key);
    byte[] reversedEncryptedKey = new byte[encryptedKey.Length];
    for(int i=0;i<encryptedKey.Length;i++){
      reversedEncryptedKey[i] = encryptedKey[encryptedKey.Length - 1 - i];
    }
    w.Write(reversedEncryptedKey); // encrypted key in LSB byte order

    w.Flush();                

    return ms.ToArray();              
  }        
}

and then check that it works by using CryptImportKey() to import the SIMPLEBLOB instead of trying to compare the result with CryptExportKey().

Answer 2

Hi Ramsmus,

I am unable to edit my own quesiton and therefore I am putting the content that you wanted me to attach here in this answer, I have screen capture of the images from the binary editor /immediate window in visual studio below

CryptExportKey - SIMPLEBLOB

KeyMaterial value in Debug Window

Key Material value that is saved in file using the code project article

Session key value from GetRC4SessionBlobFromKey() (integer value of individual bytes separated by a comma)

Thank you very much for looking into this and please let me know if there is any further info I can provide.