[MONGOCRYPT-264] Add crypto RSAES-PKCS1-v1_5 (Windows) Created: 23/Aug/20  Updated: 28/Oct/23  Resolved: 08/Oct/20

Status: Closed
Project: Libmongocrypt
Component/s: None
Affects Version/s: None
Fix Version/s: 1.1.0-beta1

Type: Task Priority: Major - P3
Reporter: Kevin Albertson Assignee: Mark Benvenuto
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
is related to MONGOCRYPT-263 Add crypto RSAES-PKCS1-v1_5 (macOS) Closed
is related to MONGOCRYPT-265 Add crypto RSAES-PKCS1-v1_5 (OpenSSL) Closed
Epic Link: MONGOCRYPT-250

 Description   

Add support for signature with RSAES-PKCS1-v1_5 to src/crypto/cng.c. This is required for GCP oauth. Since libmongocrypt won't do file I/O, expect the key to be passed through as bytes.



 Comments   
Comment by Githook User [ 08/Oct/20 ]

Author:

{'name': 'Mark Benvenuto', 'email': 'markbenvenuto@users.noreply.github.com', 'username': 'markbenvenuto'}

Message: MONGOCRYPT-264 Add crypto RSAES-PKCS1 SHA256 signing for Windows (#115)
Branch: master
https://github.com/mongodb/libmongocrypt/commit/ccfc731a75f77b3a0fa498a93c8a08b025e9c3cf

Comment by Mark Benvenuto [ 06/Oct/20 ]

PR: https://github.com/mongodb/libmongocrypt/pull/115

Comment by Mark Benvenuto [ 23/Sep/20 ]

Example from MSDN - https://docs.microsoft.com/en-us/windows/win32/seccrypto/example-c-program-signing-a-hash-and-verifying-the-hash-signature

Example code from C driver to load a PEM private key:  https://github.com/mongodb/mongo-c-driver/blob/master/src/libmongoc/src/mongoc/mongoc-secure-channel.c#L123-L222

Using the CryptoAPI is necessary since BCrypt has no CryptDecodeObjectEx like function. It is simpler to only use CryptoAPI and not try to convert from a decoded PKCS#1 into a format that BCrypt understands.

Generated at Thu Feb 08 09:08:20 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.