Reading RSA private key from X509-certificate results in different output on Windows Server 2016 vs. Windows Server 2019

Question

here is my issue:

In C#/.NET-4.8, I use a P12 certificate with RSA private key on 2 servers. One server runs Windows Server 2016, the other Windows Server 2019. When I compare the RSA private keys of the same certificate on both servers, the output is not the same. The “private exponent” (found in the “D” property) is not the same.

Does anyone know why this happens?

Extra info: The code keeps outputting the same key (per system), every time it runs (which of course is good). The code outputs the same private key on Windows 10, Windows 11, and Windows Server 2019 but on Windows Server 2016 it is different.

The code to read out the certificates key is:

using (var rsaPrivateKey = _certificate.GetRSAPrivateKey())
{
   var parameters = rsaPrivateKey.ExportParameters(true);
   privateExponent = BitConverter.ToString(parameters.D); // privateExponent (parameters.D) is the components which is not the same on each system.

   privateKeyXml = rsaPrivateKey.ToXmlString(true); // In privateKeyXml, only the privateExponent changes.
}

Thanks in advance for any help!

Answer 1

Two pieces of background knowledge that you need for the answer to make sense:

• RSA private keys are encoded redundantly. (n, e, d, p, q, dp, dq, qInv) could really just be (n, e, p, q).
  • Back in the day computing d/dp/dq/qInv was "hard", and so the file format was "save yourself the effort of recomputing this" -- though that left a possibility that the values aren't consistent.
• There are two different ways to compute d ("lambda" and "phi"), both values work.

Windows CNG, from Vista until ~2019, discarded the d/dp/dq/qInv values when importing a key and recomputed them using (I believe) the lambda approach.

For some reason, in ~2019, they either changed to forcing the computation with phi, or they started saving the import values and faithfully reporting them on export.

Either way, it doesn't really matter, as the true key is just (n, e, p, q). As long as those 4 don't change, you have the same key.