Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Hi all,
One customer of mine wanted to import a public key he got from a partner. That public key had a 2048 bits modulus and a 5 bytes exponent.
The problem was that CryptoAPI's RSAPUBKEY structure doesn't allow a 5 bytes exponent because it defines the public exponent with a DWORD (4 bytes max):
typedef struct _RSAPUBKEY {
DWORD magic ;
DWORD bitlen ;
DWORD pubexp ;
} RSAPUBKEY;
CryptoAPI only supports 4 byte exponents with MS CSPs (Cryptographic Service Providers). CNG overcomes this limitation on Vista and later:
Key Storage and Retrieval
"
CNG is more flexible with regard to RSA key pairs. For example, CNG supports public exponents larger than 32-bits in length, and it supports keys in which p and q are different lengths.
"
Please, note that the restriction of 4 byte exponents are for MS CSPs only. CryptoAPI should be able to work with 5 byte exponents if using a third-party CSP.
Regards,
Alex (Alejandro Campos Magencio)