RSACryptoServiceProvider decrypt with public key

From: Martin M?ller (mav.northwind_at_web.de)
Date: 05/19/04 

Date: 19 May 2004 05:03:22 -0700

Dear community, please help:
For several days now I've been trying to implement something that
should be possible according to all the sources you find on asymmetric
encryption but just can't get it to work.

The main idea behind asymmetric encryption is that there's a public
and a private key and that the public key can be derived from the
private key, but not the other way round.
Data encrypted with the public key can be decrypted using the private
key.
Data encrypted with the private key can be decrypted using the public
key.

The first way (encrypt with public, decrypt with private) is shown in
several examples you can find, but the other one (encrypt with
private, decrypt with public) doesn't seem to work and I can't find a
working example for it either.

I'm using .NET 1.0 on a WinXP machine and tried the following:
Create a new RSACryptoServiceProvider, save each key to a separate
file using ToXmlString().

For encryption I read the private key file, use a new
RSACryptoServiceProvider's FromXmlString() method to set the
parameters just read and encode the data to a Base64 string.
The data encrpyted is very short (about 20 bytes) and key length is
sufficient (1024, but you get the same result with other key lengths).
Encryption works fine.

Now I create a new CSP like before, read the public key file, convert
the Base64 string to a byte array again and try to decrypt it and I
always get a CryptographicException stating "invalid key", if I don't
use OAEP padding and "Error occurred while decoding OAEP padding."
when using padding.

The other way (encrypt with public and decrypt with private) does
work, as does encryption and decryption both with the private key, but
if I always need the private key what's the point of asymetric
encryption ?

Can anyone enlighten me? Is it a bug in .NET 1.0? Does 1.1 behave
differently? What other options do I have?

Here are the code fragments I described above:
---------------- Create a key pair -------------------------------
RSACryptoServiceProvider csp = new RSACryptoServiceProvider(1024);

string s = csp.ToXmlString(true);
StreamWriter sw = new StreamWriter("KeyPriv.xml");
sw.WriteLine(s);
sw.Close();

s = csp.ToXmlString(false);
sw = new StreamWriter("KeyPub.xml");
sw.WriteLine(s);
sw.Close();

csp.Clear();
------------------------------------------------------------------
---------------- Encrypt with private key ------------------------
RSACryptoServiceProvider csp = new RSACryptoServiceProvider(1024);

StreamReader sr = new StreamReader("KeyPriv.xml");
string s = sr.ReadToEnd();
sr.Close();
csp.FromXmlString(s);

byte[] inp = System.Text.Encoding.Unicode.GetBytes(clearText);
byte[] outp = csp.Encrypt(inp, false);
cypherText = Convert.ToBase64String(outp);
csp.Clear();
------------------------------------------------------------------
---------------- Decrypt with public key -------------------------
RSACryptoServiceProvider csp = new RSACryptoServiceProvider(1024);

StreamReader sr = new StreamReader("KeyPub.xml");
string s = sr.ReadToEnd();
sr.Close();
csp.FromXmlString(s);

byte[] inp = Convert.FromBase64String(cypherText);
// This always throws an exception "invalid key" :(((
byte[] outp = csp.Decrypt(inp, false);
clearText = System.Text.Encoding.Unicode.GetString(outp);
csp.Clear();
------------------------------------------------------------------

Relevant Pages

  • Re: Byte array to string and back - newbie question
    ... // Create a symmetric algorithm. ... This is done to make encryption more ... // Encrypt a string into a string using a password ... // Decrypt a byte array into a byte array using a key and an IV ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: CryptAPI(encryption/decryption)
    ... since symmetric encryption is faster than public key encryption. ... As per your reply I could get the handle of the private key. ... possible for B to decrypt the data using his Private Key. ... The PFX format encrypts the private key with the user supplied password ...
    (microsoft.public.pocketpc.developer)
  • How do I Use DPAPI to Encrypt and Decrypt Data (C#/VB.NET)?
    ... Use DPAPI to Encrypt and Decrypt Data ... The code below demonstrates how to call Data Protection API (DPAPI) ... In addition to encryption and decryption, ... public static string Encrypt ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: No way to encrypt with private key in C#?
    ... 1)if a file is encrypted with the private key, ... 2)if a file is encrypted with the public key, ... The two ways are usually called encryption and signing, from public to private and back again. ... There is nothing prohibiting an application using RSA to "encrypt" the entire file using the private key and release it, so that everyone that wants to use it must first decrypt it with the public key. ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: DRA is Decrypting Files when it shouldnt be!!!
    ... > EFS is allowing the RA to decrypt 200 files that were encrypted BEFORE an RA ... > encryption to get the RA to decrypt encrypted files. ... the default RA certificate was used. ... certificate and private key only when needed). ...
    (microsoft.public.windowsxp.security_admin)
Quantcast