c# - Is there a limit for RSA key exponents in .NET?

Question

Using C# I cannot import a public RSA key with an exponent of {1, 0, 0, 0, 15}: There is an exception:

System.Security.Cryptography.CryptographicException was caught
  HResult=-2146893819
  Message=Bad Data.

  Source=mscorlib
  StackTrace:
       at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr)
       at System.Security.Cryptography.Utils._ImportKey(SafeProvHandle hCSP, Int32 keyNumber, CspProviderFlags flags, Object cspObject, SafeKeyHandle& hKey)
       at System.Security.Cryptography.RSACryptoServiceProvider.ImportParameters(RSAParameters parameters)
       at TestRSA.Form1.buttonTest_Click(Object sender, EventArgs e) in c:UsersThomasDocumentsVisual Studio 2010ProjectsModulesTestRSAForm1.cs:line 32

Used code:

RSACryptoServiceProvider rsaAlg = new RSACryptoServiceProvider();
RSAParameters key = new RSAParameters();
key.Exponent = new byte[5] { 1, 0, 0, 0, 15 };
key.Modulus = GetModulus(); // byte Array with length 256...
rsaAlg.ImportParameters(key); // <<== this call will throw the exception

Is there a limit for RSA key exponents in .NET? (With Exponent == { 1, 0, 1 } the import will succeed.

Regards Thomas

Answer 1

The default provider by Microsoft only supports public key exponents of a specific size, as CodesInChaos mused:

CNG is more flexible with regard to RSA key pairs. For example, CNG supports public exponents larger than 32-bits in length, and it supports keys in which p and q are different lengths.

and

Please, note that the restriction of 4 byte exponents are for MS CSPs only. CryptoAPI should be able to work with 5 byte exponents if using a third-party CSP.

Sources:

• http://blogs.msdn.com/b/alejacma/archive/2010/07/28/cryptoapi-and-5-bytes-exponent-public-keys.aspx
• source of source: http://msdn.microsoft.com/en-us/library/bb204778%28VS.85%29.aspx