Home
ASP.NET Forums » General ASP.NET » Security » RSA problem

RSA problem

Last post 01-22-2007 10:04 AM by p1000. 2 replies.

Sort Posts:

  • RSA problem

    01-20-2007, 12:17 PM
    • Member
      91 point Member
    • p1000
    • Member since 03-16-2006, 5:10 PM
    • Posts 106

    Hi,

     I am trying to implement some RSA security for a WebForm which receives files from clients. The clients all have the server's public key. They use this to encrypt a string and then they send this string to the webserver, where it is automatically decrypted using the server's private key. My problem is that RSA.Encrypt takes a byte[] as input and returns an encrypted byte[]. But for the sake of versatility, I would like the files just to be regular text files so I want to take the encrypted byte[] and turn it into a string. Then I want to write this string to a file. Then I want the server to read the string, convert it back to a byte[] and then decrypt it. I use then UnicodeEncoding class to convert between byte[] and string.

     My problem is that UnicodeEncoding seems to be changing the data!!!! I have put together the following demonstration. If you look at the code, clearly you'd think encryptedData and encryptedData2 would hold the same information... But they don't even have the same length... And the final decryption will therefore not work. What is going on here? Can someone help out. I can easily work around this problem by converting the byte[] to an int[] and then to a string[] where I pad each integer with 0s if needed so each has exactly 3 digits, and then concatenate the string[] to one big string and then do the same process in reverse to get the original byte[] back, but I want to know why the easy, obvious thing doesn't work...

     Thanks.

     P1000

    You must be using System.Text and System.Security.Cryptography for this code snippet to work.

    //---------------------------------------------------

    UnicodeEncoding ByteConverter = new UnicodeEncoding();

    RSACryptoServiceProvider

     RSA = new RSACryptoServiceProvider(4096);

    byte[] dataToDecrypt = ByteConverter.GetBytes("This is the string I want to encrypt. But it seems like it has to be long enough for this effect to happen.");

    byte[] encryptedData = RSA.Encrypt(dataToEncrypt, true);

    byte[] encryptedData2 = ByteConverter.GetBytes(ByteConverter.GetString(encryptedData));

     

    Console.WriteLine("encryptedData.Length: " + encryptedData.Length);

    Console.WriteLine("encryptedData2.Length: " + encryptedData2.Length);

    for (int i = 0; i < encryptedData.Length; i++) {

      Console.Write((int)encryptedData[i] + " ");

    }

    Console.WriteLine("\n\n");

    for (int i = 0; i < encryptedData2.Length; i++) {

      Console.Write((int)encryptedData2[i] + " ");

    }

    byte[] decryptedData = RSA.Decrypt(encryptedData2,

    true);

    //---------------------------------------------------

  • Re: RSA problem

    01-21-2007, 9:02 PM
    Answer
    • Contributor
      4,792 point Contributor
    • KaziManzurRashid
    • Member since 03-09-2003, 3:04 PM
    • Dhaka, Bangladesh
    • Posts 882

    First of All I like to mention that RSA has a limitation that it cannot Encrypt/Decrypt data which size is more than 117 byte.  Check http://www.codeproject.com/useritems/SecureDataExchange.asp

    Having that in your mind here is a simple example of RSA Encrypt/Decrypt:

    string Encrypt(string publicKey, string plainString)
    {
     byte[] plainByte = System.Text.Encoding.Default.GetBytes(plainString); // Converting it to byte array

     using(RSACryptoServiceProvider rsa = CreateRSA(publicKey))
     {
      byte[] cipherByte = rsa.Encrypt(plainByte, false); //passing false to support Windows 2000.
      string cipherString = Convert.ToBase64String(cipherByte); // Converting to string

      return cipherString;
     }
    }


    string Encrypt(string privateKey, string cipherString)
    {
     byte[] cipherByte = Convert.FromBase64String(cipherString); // Converting it to byte array

     using(RSACryptoServiceProvider rsa = CreateRSA(privateKey))
     {
      byte[] plainByte = rsa.Decrypt(cipherByte, false); //passing false to support Windows 2000.
      string plainString = System.Text.Encoding.Default.GetString(plainByte); // Converting to string

      return plainString;
     }
    }

     

    RSACryptoServiceProvider CreateRSA(string key)
    {
     CspParameters parms = new CspParameters();

     parms.Flags = CspProviderFlags.UseMachineKeyStore;

     RSACryptoServiceProvider csp = new RSACryptoServiceProvider(parms);

     csp.FromXmlString(key);

     return csp;
    }

    Long Live .NET
    Kazi Manzur Rashid (Amit)
    _________________________
    Web: http //dotnetshoutout.com
    Blog: http://weblogs.asp.net/rashid
    Twitter: http://twitter.com/manzurrashid

  • Re: RSA problem

    01-22-2007, 10:04 AM
    • Member
      91 point Member
    • p1000
    • Member since 03-16-2006, 5:10 PM
    • Posts 106

    The whole point of my question is that the code snippet I gave works to encrypt and then decrypt the original String, if I decrypt encryptedData at the end and not encryptedData2. This is not a problem with understanding how RSA works or how Microsoft's implementation of RSA works. This is a problem with understanding why the UnicodeEncoding object seems to be altering data when it converts between byte[] and String and back. I see that you use Convert.FromBase64String instead of the UnicodeEncoding object. Since every byte in my byte[] array is <= 255, would this work while the UnicodeEncoding object doesn't?

     

     
Page 1 of 1 (3 items)
RSS Available

Contact | Advertise | Issue Management by Axosoft's OnTime | Running IIS7
All Rights Reserved. | Terms of Use | Trademarks | Privacy Statement
© 2009 Microsoft Corporation.