ailon's DevBlog: Development related stuff in my life

Online Tool to Get RSA Public Key in XML Signature format

5/24/2010 6:14:01 PM

Last month I’ve posted a short how-to about getting XML Signature foramatted public key from Base64 encoded certificate. Now that I’ve launched a sub-site for my online tools I thought there’s no reason to leave that post as a how-to only, when most people just need to use it once.

So I’ve made a simple online tool that does just that – you paste your base64 encoded RSA public key into a form and get XML signature formatted version. No need to implement this yourself.

What's that for?

If you need to say verify data in .NET signed with private key and you don't have/want the public key (certificate) installed on your machine, the easiest way to go is to load public key data from XML string using RSACryptoServiceProvider.FromXmlString() method.

Problem is that it accepts key information in XML Signature format (the one with <RSAKeyValue><Modulus> etc.) and there is no easy way to get it in that format. Most of the time you get the key in base64 encoded form or in binary form from which you can get the base64 version.

This tool lets you get the XML Signature version from that base64 representation.

Tags: ,

Get RSAKeyValue from Base64 Encoded Public Key

4/27/2010 6:54:55 PM

Note: I don’t know much about encryption and certificates. This is not a tutorial or good explanation of things. It’s just a note to myself for future reference.

I needed to verify data sent to my ASP.NET app signed by 3rd party using their private RSA key. They’ve sent me their public key in base64 encoded form. You’ve probably seen it many times. It looks something like this:

-----BEGIN CERTIFICATE-----
MIIECTCCA3KgAwIBAgIBADANBgkqhkiG9w0BAQUFADCBujELMAkGA1UEBhMCTFQx
EDAOBgNVBAgTB1ZpbG5pdXMxEDAOBgNVBAcTB1ZpbG5pdXMxHjAcBgNVBAoTFVVB

-----END CERTIFICATE-----

Problem is (as far as I understand) to verify data using RSACryptoServiceProvider you either need the key installed on your system or have it in XML Signature format. I’ve searched high and low for a way to convert that encoded key to XML equivalent but couldn’t find a simple way. Most likely I wasn’t searching for the right thing and I admit I’m not an expert in this area. I guess this can be done some other way but after combining some breadcrumbs I found here and there I came up with only 3 lines needed to to get <RSAKeyValue> representation of the key:

   1: byte[] binaryCertData = Convert.FromBase64String(mimeKey);
   2: X509Certificate2 cert = new X509Certificate2(binaryCertData);
   3: string xmlKey = cert.PublicKey.Key.ToXmlString(false);

And that was it. Does the trick.

Update: I’ve created an online tool to convert Base64 encoded public key to XML Signature format.

Tags: ,

Parental Control: Windows Live Family Safety

5/7/2008 3:24:14 PM

My daughter is 8 (soon to be 9). She has her own PC for a couple years now. Until recently she only played the games I installed, painted with Wacom/ArtRage and played online flash games on a couple of sites. But some time ago she started "discovering the web" on her own and question that interested me theoretically for more than a year became really practical: how do I protect her (read "control") from the evil sides of the Internet?

After some research (not much actually) I came to conclusion that no one provides such an end-to-end solution like Microsoft's Windows Live Family Safety.

What is it?

Basically it's a small app you install on XP or Vista PC and a web application to control it. You can limit what sites your child can visit, approve/filter her Live Mail/Hotmail contacts, Live Messenger Contacts, etc.

fss_settings

It also integrates to some extent with Windows Live Spaces so your child can blog, share photos with friends, etc.

How does it work?

You need to have LiveIDs (Microsoft's accounts) for all the parents and children and add them in appropriate roles.

Then you set up what your child sees by default. In my case recommended settings (for children 0 to 10) were to block all the sites except kids friendly sites and those explicitly allowed by parents. Now when Daniela wants to visit a site that is neither known to be kids friendly nor in her allowed list she is presented with a page informing here about that and 2 options to ask parents permission. She can ask by filling a request and then you can approve or reject it in web interface or, in case you are at home, she can just call you and ask to approve the site simply by logging in with your LiveID and clicking "Approve". You can also monitor what your child browsed and what attempted to browse but was blocked.

I haven't played with contacts management yet but I assume it's done in similar manner.

What I like so far

  • the system is easy to use and well integrated;
  • all the main bases are covered: surfing, email, IM, social networking;
  • I didn't meet any major resistance from my child (unlike expected) :)

What I didn't like so far

  • there's no Russian or Lithuanian GUI (and probably not many other languages are covered, if any). It's not a major problem since there aren't many things for the child to read and it could be even good for learning English, but anyway I think the fact is worth mentioning. And, btw, when you go to download Windows Live apps it tries to play smart and detects your browser's desired language and shows you Live apps in that language only. And Family Safety is not included in the package if it's not in English. So make sure you download the English version;
  • all of the features are obviously tied in Microsoft's Live services. This is not unexpected but I wish there was some open standard (or is there?) to connect such filters and web services. Anyway now my child is stuck with Windows Live Messenger and I'll have to use it too (well, I'll still use Miranda, but with one more protocol). Good move, Microsoft :)
  • while FS blocks general search engines there's no kids friendly search engine by Microsoft (or I couldn't find it). There's no such thing by Google, too. Yahoo has kids.yahoo.com so this is what we'll use for now.
  • I'm not sure if this is related to FS or this is just a Spaces feature, but you can't make your child's blog public at all. I understand that this is related to child's inability to understand everything about privacy issues and stuff but I think an option for pre-moderated public blog would be really nice to have. Cause now even I can't subscribe to my daughter's RSS feed.

Though the cons section looks much bigger than pros, but in reality I'm really satisfied with the solution so far and we'll see how it rolls.

Tags: , ,

Copyright © 2003 - 2017 Alan Mendelevich
Powered by BlogEngine.NET 2.5.0.6