I am trying to create an online database application using PHP for the server and C# form application for the client.
On the server I encrypt a simple string using a public RSA key with the PHPSecLib. Then the C# application receives the string and tries to decrypt it using the corresponding private key.
The bytes are base64 encoded on the server and decoded to bytes again by C#. I created the key pair using the PHPSecLib.
This is the code I use on the client application:
public string rsa_decrypt(string encryptedText, string privateKey) {
byte[] bytesToDecrypt = Convert.FromBase64String(encryptedText);
Pkcs1Encoding decrypter = new Pkcs1Encoding(new RsaEngine());
//the error occurs on this line:
AsymmetricCipherKeyPair RSAParams = (AsymmetricCipherKeyPair)new PemReader(new StringReader(privateKey)).ReadObject();
decrypter.Init(false, RSAParams.Private);
byte[] decryptedBytes = decrypter.ProcessBlock(bytesToDecrypt, 0, bytesToDecrypt.Length);
string decryptedString = Convert.ToBase64String(decryptedBytes);
return decryptedString;
}
But, I get the following error on the line specified above^.
An unhandled exception of type 'System.IO.IOException' occurred in
BouncyCastle.Crypto.dll
Additional information: -----END RSA PRIVATE KEY not found
I believe there's nothing wrong with the key pair combo as I get an error before I even try to decrypt anything.
The privateKey parameter is currently hardcoded into the script using this format:
string privateKey = "-----BEGIN RSA PRIVATE KEY-----XXXXXXXX-----END RSA PRIVATE KEY-----";
So it seems to me the footer actually is included in the string... I have debugged and googled everywhere but I can't seem to solve it. I'm pretty new to RSA&Bouncycastle so maybe I'm just using wrong methods.
Hope you can help, thanks!
- G4A
P.S. This is my first Stackoverflow question, I just created an account, so if you could also give me some feedback on the way I formulated this question; great!
You need to add a new line between the pre/post encapsulation boundary text and the Base64 data, so:
string privateKey = "-----BEGIN RSA PRIVATE KEY-----\r\nXXX\r\n-----END RSA PRIVATE KEY-----";
This is because the pem specification allows for the existence of other textual headers between the two.
If this doesn't work
"-----BEGIN RSA PRIVATE KEY-----\r\nXXXXXXXX\r\n-----END RSA PRIVATE KEY-----"
please try this
"-----BEGIN RSA PRIVATE KEY-----
XXXXXXXX
-----END RSA PRIVATE KEY-----"
We converted the BOX Private Key to Base64 Format and stored the same in Azure Vault.
Convert key to Base64 using Base64Encode method, store in Azure Key Vault.
Retrieve the encoded string in code, decoded back using Base64Decode Method.
public static string Base64Encode(string plainText)
{
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText);
return System.Convert.ToBase64String(plainTextBytes);
}
public static string Base64Decode(string base64EncodedData)
{
var base64EncodedBytes = System.Convert.FromBase64String(base64EncodedData);
return System.Text.Encoding.UTF8.GetString(base64EncodedBytes);
}
I recommend use \x0A instead of \r\n and
.
Because only this option worked for me.
So :
"-----BEGIN RSA PRIVATE KEY-----\x0AXXXXXXXX\x0A-----END RSA PRIVATE KEY-----"
Related
I have a private key that was generated by running:
openssl req -new -sha384 -x509 -days 63524 -subj "/C=CA/ST=State/L=City/O=Org/CN=Org-CA" -extensions v3_ca -keyout Org-CA.key -out Org-CA.pem -passout pass:pass1234
I need to use this private key and certificate to sign client CSRs. I used to use OpenSSL to do this, but I need to do this in C# instead.
I've found examples of what I want to do online, but those examples are using bouncy castle and an un-encrypted private key.
The key file looks like this:
-----BEGIN ENCRYPTED PRIVATE KEY-----
....
-----END ENCRYPTED PRIVATE KEY-----
And I'm trying to load it by doing this:
var privatekey = File.ReadAllBytes(#"Org-CA.key");
var rsaKeyParameters = PrivateKeyFactory.DecryptKey("pass1234".ToArray(), privatekey);
But thats not working. I get an error saying Wrong number of elements in sequence (Parameter 'seq')'
Is this how I'm supposed to be decrypting and loading the private key?
Depending on your .NET version, you may not need BouncyCastle at all. As of .NET Core 3.1 there is RSA.ImportEncryptedPkcs8PrivateKey() for DER encoded encrypted private PKCS#8 keys and as of .NET 5.0 there is even RSA.ImportFromEncryptedPem() for PEM encoded encrypted keys.
Otherwise with C#/BouncyCastle the import of an encrypted private PKCS#8 key is available e.g. with:
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.OpenSsl;
...
string encPkcs8 = #"-----BEGIN ENCRYPTED PRIVATE KEY-----
...
-----END ENCRYPTED PRIVATE KEY-----";
StringReader stringReader = new StringReader(encPkcs8);
PemReader pemReader = new PemReader(stringReader, new PasswordFinder("<your password>"));
RsaPrivateCrtKeyParameters keyParams = (RsaPrivateCrtKeyParameters)pemReader.ReadObject();
...
with the following implementation of the IPasswordFinder interface:
private class PasswordFinder : IPasswordFinder
{
private string password;
public PasswordFinder(string pwd) => password = pwd;
public char[] GetPassword() => password.ToCharArray();
}
If necessary, a conversion from keyParams to System.Security.Cryptography.RSAParameters is possible with:
using Org.BouncyCastle.Security;
...
RSAParameters rsaParameters = DotNetUtilities.ToRSAParameters(keyParams);
which can be imported directly e.g. with RSA.ImportParameters().
Edit:
After digging through the C#/BouncyCastle source code, your way is also possible (which I didn't know before).
DecryptKey() has several overloads, one of which can handle the DER encoded encrypted key as already suspected by Maarten Bodewes in his comment. The latter can be easily generated with the Org.BouncyCastle.Utilities.IO.Pem.PemReader() class.
Note that this PemReader is different from the one in the first implementation (different namespaces), which is why I use the namespace explicitly in the following code snippet. With this approach, the RsaPrivateCrtKeyParameters instance can be generated as follows:
using Org.BouncyCastle.Security;
using Org.BouncyCastle.Crypto.Parameters;
...
StringReader stringReader = new StringReader(encPkcs8);
Org.BouncyCastle.Utilities.IO.Pem.PemReader pemReader = new Org.BouncyCastle.Utilities.IO.Pem.PemReader(stringReader);
Org.BouncyCastle.Utilities.IO.Pem.PemObject pem = pemReader.ReadPemObject();
RsaPrivateCrtKeyParameters keyParams = (RsaPrivateCrtKeyParameters)PrivateKeyFactory.DecryptKey("<your password>".ToCharArray(), pem.Content);
...
pem.Content contains the DER encoded encrypted private PKCS#8 key.
I have this code in .net:
RSACryptoServiceProvider cipher = new RSACryptoServiceProvider();
cipher.FromXmlString(publicKey);
byte[] data = Encoding.UTF8.GetBytes(input);
byte[] cipherText = cipher.Encrypt(data, false);
result = Convert.ToBase64String(cipherText);
and this code in python:
from Crypto.PublicKey import RSA
from Crypto.Cipher import PKCS1_v1_5
from base64 import b64encode
key = open(public_key_loc, "r").read()
rsakey = RSA.importKey(key)
encrypted_data = rsakey.encrypt(input, 32)[0]
result = b64encode(encrypted_data)
When I run this codes with a public key, I get different answers on the same input!
I've searched and found out that both Crypto (python) and RSACryptoServiceProvider (.net) are using the RSA algorithm.
EDIT:
The public key used in .net is created by removing -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- from the key and converting it to XML.
Example:
PublicKey:
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCETtzC9pZ+dnQ0z0pXL6pNrkn4vGdbLTf3fhH5
MsVYsFIPuuaUSC9EnbTa8G9p1AIKNsjQaBbzfkvgdu5Tz8qEXZfYQV2bnSCtl/87M7Xn0raAmGTr
jSliTdsxMyJHObzAPkamjHemAxHd9VkwXfZOPAh00ueag+buTAkbzL1MlQIDAQAB
-----END PUBLIC KEY-----
Input:
"6000306"
.net output: SpDXp/KCea8DlIuhow6k8+uyfGFe93r9+w39ROoSRAggF9dBU3boK5zRareOQo2//7LyMZZVVklvDCFPo/irJtgbxjn6c0C7gHrL7ubKRG7iVaa9iSF1u13gdRZvLGy/MKOxiz9G+FKLZfJYtkiOSLkJHXXMWTGSNedQsdraJZc=
Python output:
Q3H0NTJYZzymWhWDtMCSzcqZ0D/Nvumq3VqvFCvQRlib82pth48DbVcKwjrmSjT0F/ipi7mnSq8M7BLX/7wo4tQFqul9+avyI/eAW5LKbuFZiiD8eP0GMwEZZyHGurFKhxu+1Qa0dftCIeiIMVJsVaHcUD254BSkYQC04Fflvfc=
What is the problem? Am I missing something?
For the python code, you have neglected to use the PKCS1_v1_5 module you imported. As a result, you're getting plain vanilla RSA encryption with no padding. This is not what you want. If instead your code is:
key = open(public_key_loc, "r").read()
rsakey = RSA.importKey(key)
cipher = PKCS1_v1_5.new(rsakey)
encrypted_data = cipher.encrypt(input)
result = b64encode(encrypted_data)
Then you'll see that the cipher changes every time, even with the same input, just like the C# side does. PKCS1 version 1.5 type 2 padding includes a random component, so the output should never be the same.
The PKCS1_OAEP module is the more modern choice, and is supported by .NET simply by change the false to true in the RSACryptoServiceProvider.Encrypt() method.
I'm trying to decrypt a cipher, which has been encrypted in PHP, using RSA in C#. Here is my C# code:
public byte[] Decrypt(byte[] dataToDecrypt)
{
byte[] plain;
using (var rsa = new RSACryptoServiceProvider(2048))
{
rsa.PersistKeyInCsp = false;
rsa.ImportParameters(PrivateKey);
plain = rsa.Decrypt(dataToDecrypt, false);
}
return plain;
}
And the PHP code is:
public static function encrypt($dataToEncrypt, $userPublicKey) {
if (openssl_public_encrypt($dataToEncrypt, $encrypted, $userPublicKey, OPENSSL_PKCS1_PADDING)) {
return $encrypted;
} else {
throw new Exception('Unable to encrypt data. Perhaps it is bigger than the key size?');
}
}
I get no exceptions or errors in C#. The problem is that if I convert the byte array output of the Decrypt function to a string (i.e. using System.Text.UTF8Encoding.GetString()) the decrypted string is very different from the original plain text passed to 'encrypt' function in PHP.
Any idea why they are different? What am I missing?
p.s. I'd like to add that I have code to encrypt data in C# and decrypt it back in PHP, in a very similar fashion with no problems. I cannot just get it to work the other way around, as I explained above. Thanks
=== UPDATE ===
The input data - i.e. $dataToEncrypt is:
$sessionKey = mcrypt_create_iv(32, MCRYPT_DEV_URANDOM);
The public and private keys are:
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAzMzT6e4CVC11E1w9bXhnIVgZIAfs5McBeewW3bZtS8NBelHs
HyxiZjkHgMZp6BGSsux0gl0e+DkeISHe5dOQEX7WJBaARxiGJxTzhEo556rrmSXz
7h5TSht/ivTWPZTYfAaYwLC71C/IKWfRPGSVuqHTlflVc0JSUF3M6dgWPqLRF7G3
qqYFdx3+2CoVyCQkNogvkICZNbGGtx7RlGHJ1LCeCyEdC+6AIyNItBbXGtBOf/IZ
bdL+QioWCV/VzQAhm01QVn8g6CHiCMvAIMMj2RXUg/1tL2vw0QNS2ZJgfsM3x67s
M47T1zHj/OTaX6lAp77FHkof1tKmTwlV1RSj7wIDAQABAoIBAGHMbmYHgpUwH/he
0/ayyIzjxRvGrRmS7uGKHGFD/G1xkJMZC+jXCSZHlY2pMmnf+m32/KxES8W9gOXR
ht+5Z9Ly/s+87wUEcQu4tZE24PAAbwFzXkkXsi5xczaoNKazra2MeOWLgCaTqsIb
EZAFeHrnTGMR7fxcb3JxWKlSx0yhGDzt4bF6rNokN6928d2Y77QdqD280XNsEP1r
RpXfHchTPPUUVpzTXEt/tVMzpsE12oMxPbwVkmCAtDYQsFhreSeWsJzFuXk1wXbR
9JkJ0BoU30KP2HxdxVZjD/+2TzJFphceW+YMXc/w/9tanR3234xjgQcE6PncuKuV
gVmEmgECgYEA0kNaMG3YAa3Xmc2KfiZuFVvH8xrCOaKufBle4uh0fQ+S0w6t8R8N
MJ9futVS9maW6aNKCXNb687cy2/8+7QGXqjgRVbni7Tgj/YaDHralIWO0UL5zl04
eZFPuSthdTAkx4F2m+lfPvooIGh5U6lX7PvX3TmaP+KkGJH+KWDQAdMCgYEA+VlD
6Frvy5l+yetavSgqsY/HVV1b0+yNvMvZjUm4ho7LCLFyB2aELkfalQtz1DsOwybm
Wnh5kkUTiPkmVU+3p5FyFIY3Etpk9p3KebWggF/KE9CYmgJxwB1Xq7gWGQtwK3VM
1kYxHtcohbQjV6gE6eTwvjAGYtfdhMVN0Po9Z/UCgYBzyomRX/xzuEOiPJIHNKys
8HVliJfrW46RYvthJDh6YqgtuMjLn5kI7MuwPShJ72cuVTFBkRjO/IWVNx/vkU1s
tb2EEf7DbiG4xgPEWaej4QUscqDVJ3shX4ey5pPuEExA3ifuZo+ARAzzA/XEv95e
8LYI617pzasmqMd6DAmg5wKBgQD3SVr6fe0g6xp94CZ+P+6PZ/sVIuBl/UzX9wbL
g1g4QjcDaQ+gXUArseEKPXBjAyrxyYtcH+zZbh4gko88vjFyQuFzj2PhE6xblENw
jvsdNWJwYkhlPJVZJQCEca2gquJUhyFrw/MFFfa/GtaOITi2SfGjfHdo4ZJ0EUTK
QtJRXQKBgQC8nppgSxh0yy0zXOj04URAt2NLBrBWZVh6kHFgaNPIsLNXqyFQQ+Sy
EX/w3HADQI4PRE90iauZ0DYGJyxY1jHqa0X64W/5nZqH/uv58+Hf6uv47l3n3n0T
58WFfKgXY5AaLCbi1UERdeHKPXNXDFkTKuuOb190M+RNbGgzwN9fcQ==
-----END RSA PRIVATE KEY-----
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA498EWxuZK/KsUgIEusEt
QOJulgTHwb8C4avtzJnzhosTeKooXvyGFPpex6HcQGSRqrWpNr2yhw1BvJvH2UyE
Jisl5BJA5Za+ofmbGifCFwCllZ37U1YpOmqpB2Yt+yYElGh5dp+lqs5Q3u3nPknd
nLS3bxH7qlZBvR9YPWj9x7IuSXJyopAmdJato8xeNHzmBxWD8FgQKICFpLtGsPXq
XRwT0imTs6/EcMqq6fdlp0OyBKyZjw6t47gMeqiuSYz6k41Nf/SbtIC4snUyoUgI
TvnHjWe1cY7js4kY62A9ZpHX0NpG7JXctxVb+aZOv1rS36bUjcP+bug1W3ZKrTG6
hwIDAQAB
-----END PUBLIC KEY-----
So for example if the input ($dataToEncrypt) in base64 string is :
VPA13tGd8HMlaB3yKxlFBb8/dAXlCjX5Rr1SzE4L6TY=
I get this output (plain) in base64 string is:
UTgfMQfl82FV4D4HfHPiwmo7jOygBmtXBap0Hn+fAoT4zZcGmLXiY1rGIhmEr90tNxzTGHhknx6PhgJ5eZDK2c9aWi/gD3FJz8MksRjbOkX09GMabcdekdwcyvu9JEWJZi2wOSaRLTRkf90uOArq7pG1g8CPwPLkghj39nUF+XYdGyAB4SXmKkPHshg+dk1acEaXhj9mnAF2fluDEJnfQEU=
Encrytped text is:
wMXLjsRSfO1VngHqotJXoxygP1eTktr3gc3tuhdzXpqOy1N1V8/wflJuHkn1PX7Rf3/ccvL5vzPYYaKIm3s4IMhshrwVH3p4euprwRyNTvlBPLLmZ/b/wuTXkKqRdK81V9oHocIfxerivS4oIJfA4J6fMbtKom6IoE4GVhiAsJs=
My Private Key is:
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDIlsvQQVhLQsmRFr/KUcAjOE/nlCNPS+0Q+Q8sIhEZFmT9f2qR
3d/9gtaxGY/WYgFwFplMArtaMzqcQSwntH296E1CdDj2U/v1AhTVCupeyNdz7//E
hIWrmlHjkrFynghRBFEEkACDtAV96VdtDvk10Knzl2CZ2kPklGz39sQsgQIDAQAB
AoGBAKVEwYbD4CiaTZNSaBEdTC54njVSs8kI6Ll8S4j0RJwj/G90xOyMH5ozbAqc
4gsj0sV0iTe8ZHsMDHVjqSrJpnMU6wDHhKQpr+zITJUxbTPjxgJf/2tKtsvFIMnb
2ghjTS/lMMzMPyeMhUcsLjPpoK9c+SDkl/PWU9Ay/pYvCCf1AkEA77JrZzn4gdJ3
VqtXUlV/y249frMPwYh+dS+aahyUUw0QW9BVa65Ume2iO5gGFVC3eJBZYxALFGai
ih06j0HOlwJBANY7bvp/2UfM2XWHYXvKXfasq/UzOMnc7jQvGJV6aFvch6mVxuTi
+ah7CCqGPVEbn8ZK92FwtsHYd5EvQO+R2KcCQCDfe1Ng4/AKCUvdm9Ay4Z/oso5Z
yGNmcNFpgefjm4P4WrH81Ho8ImYp7QH3S35I36CtS1UGsj5OBSSj9ZAIGmkCQDI/
xowjKMfamLckhg0PLnMJlVvyI8PVelnrIg0NpSTG2VtBsmFFi+Gk2gl/ayp3HEba
lqPYWEWnjIQVXVnUD8kCQQDJpHSBSFQWRBRGHl2Oyy1SXiBYFdW2FH7+2c1WzN4P
iKkmgOXqC2RfMD0aE/xtMe8F2zFhPKcARIvEvfneVjmT
-----END RSA PRIVATE KEY-----
I am using Bouncy Castle in c# , when i decrypt using the encrytedtext and private key using below code:
keyPair = (AsymmetricCipherKeyPair)new PemReader(reader).ReadObject();
IAsymmetricBlockCipher cipher = new RsaEngine();
RsaKeyParameters privateKey = (RsaKeyParameters)keyPair.Private;
cipher.Init(false, keyPair.Private);
byte[] deciphered = cipher.ProcessBlock(bytesl, 0, bytesl.Length);
string decipheredText = utf8enc.GetString(deciphered);
I am getting decipheredText as
☻♣?????U??`?u????|???^H?|???☺????♦M>?→?&↔.0p?J??a?▼?S←$*▬T☼? xQ??-??Ai9;??siqD??_??? ♥↓§?k?Ny??kr?U??↔z Mazher Ul Haq
but my actual string was "Mazher Ul Haq" , How to get actual string
Your "encrypted text" is actually base64 text. I suspect that if you convert that into non-base64 data first, you should be fine. If you've already got it as a string, that's as simple as:
byte[] binaryData = Convert.FromBase64String(base64Text);
If you need to convert it to a string first:
string base64Text = Encoding.ASCII.GetString(base64Binary);
byte[] binaryData = Convert.FromBase64String(base64Text);
I got a module which RSA encrypts the data and passes on to the C#.
C# needs to decrypt it based on the public key (64 bit encoded) and the passed token.
I have token , 64 bit encoded public key, can some help me get with the sample to get started.
All I know from Java end is, it is using. I have got the result from Java end and need to write a parser in C# to decrypt this. I get both public key and token as a string value.
Cipher cipher = Cipher.getInstance(ALGORITHM); //Algorithm = "RSA"
cipher.init(Cipher.DECRYPT_MODE, key);
Thanks
To get started, you'll need the private key to decrypt the message. By "public key (64 bit encoded)", I'm guessing what you really have is a Base-64–encoded certificate, with a header line that says "----- BEGIN CERTIFICATE-----" and a footer that says "-----END CERTIFICATE-----".
If that's correct, you'll need to find the private key. This is sometimes stored in a PKCS #12 format file, with a ".p12" or ".pfx" extension. You'll need a password to access the private key if it is stored in such a file.
Alternatively, OpenSSL and other utilities use private key files that can be Base-64–encoded or binary. These have a variety of extensions, and may or may not be password-protected. If the file that you have has a header line of "-----BEGIN RSA PRIVATE KEY-----" or "-----BEGIN PRIVATE KEY-----", that is actually the private key.
Finally, Windows can store private keys in its internal key store.
When you clarify the location of the private key, please update your question.
If the private key is used on the Java side, it may be an attempt to perform a digital signature. While all of several Java providers I've tested produce correct results when (ab)used this way, if you are doing a signature, the Signature class should be used. The C# code should use a signature object to "verify" the signature as well.
Encryption is performed with the private key. Since the public key is public, anyone can decrypt the message; i.e., the message is not confidential. Public keys are used by recipients to verify signed messages.
Check this code out.
public static string Decrypt(string inputText)
{
RijndaelManaged rijndaelCipher = new RijndaelManaged();
byte[] encryptedData = Convert.FromBase64String(inputText.Replace(" ","+"));
PasswordDeriveBytes secretKey = new PasswordDeriveBytes(ENCRYPTION_KEY, SALT);
using (ICryptoTransform decryptor = rijndaelCipher.CreateDecryptor(secretKey.GetBytes(32), secretKey.GetBytes(16)))
{
using (MemoryStream memoryStream = new MemoryStream(encryptedData))
{
using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
{
byte[] plainText = new byte[encryptedData.Length];
int decryptedCount = cryptoStream.Read(plainText, 0, plainText.Length);
return Encoding.Unicode.GetString(plainText, 0, decryptedCount);
}
}
}