Use big endian buffers instead of BigInteger for RSA ASN types #117851
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
There was a problem hiding this comment.
Pull Request Overview
This PR optimizes RSA key parsing by replacing BigInteger intermediary types with big endian byte buffers in RSA ASN.1 types. The change eliminates unnecessary endianness conversions (BigInteger is little endian, but RSA parameters are big endian in PKCS1/ASN.1 and RSAParameters). The refactoring introduces callback-based APIs for better memory management and consolidates RSA key format handling logic.
Key Changes:
- Modified RSA ASN.1 types (
RSAPrivateKeyAsn,RSAPublicKeyAsn) to useReadOnlyMemory<byte>instead ofBigInteger - Introduced callback-based APIs in
RSAKeyFormatHelperfor efficient parameter extraction - Removed duplicate RSA parsing logic from
CompositeMLDsaManaged.RSA.csby leveraging the centralized helper methods
Reviewed Changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| RSAPrivateKeyAsn.xml | Updated ASN.1 schema to use ReadOnlyMemory backing type |
| RSAPrivateKeyAsn.xml.cs | Generated code changes for ReadOnlyMemory-based integer fields |
| RSAPublicKeyAsn.xml | Updated ASN.1 schema to use ReadOnlyMemory backing type |
| RSAPublicKeyAsn.xml.cs | Generated code changes for ReadOnlyMemory-based integer fields |
| RSAKeyFormatHelper.Pkcs1.cs | Added callback-based APIs for RSA parameter extraction |
| RSAKeyFormatHelper.cs | Simplified existing methods to use new callback APIs |
| KeyBlobHelpers.cs | Updated helper methods to work with ReadOnlyMemory instead of BigInteger |
| CompositeMLDsaManaged.RSA.cs | Replaced custom parsing logic with centralized helper methods |
| RSA.cs | Simplified ImportRSAPrivateKey to use callback-based API |
| System.Security.Cryptography.csproj | Added PinAndClear.cs to Browser target |
| Microsoft.Bcl.Cryptography.csproj | Added RSA ASN.1 types to project |
Comments suppressed due to low confidence (1)
|
Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones |
This was referenced Jul 19, 2025
Open
bartonjs
approved these changes
Jul 21, 2025
src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj
Outdated
Show resolved
Hide resolved
src/libraries/Common/src/System/Security/Cryptography/RSAKeyFormatHelper.Pkcs1.cs
Outdated
Show resolved
Hide resolved
|
/ba-g wasm timeouts |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
RSA parameters are big endian in PKCS1/ASN.1 and in
RSAParametersfor Windows. Currently we use theRSAPrivateKeyAsnintermediary type to go between the two. However,RSAPrivateKeyAsnusesBigIntegerwhich is little endian and thus causes 2 endianness switches during the conversion. This PR changesRSAPrivateKeyAsnto be big endian and makes the various RSA implementations consume it.