I have a string. That encrypted with java. Now I have to decrypt it in c sharp.
I use RSA algorithm with same public/private keys in c sharp and java.
But in decryption with c sharp I got a "Bad Data" error.
and an important notice is that: I can decrypt this string in java! and I can encrypt with c sharp and decrypt with c sharp !! But when I try to encrypt with one of them(c sharp or java) and decrypt with the other one it raise an error !
this is my c sharp code :
string privateKey = "<RSAKeyValue><Modulus>rFsMn+idg8jmVMk249DzJc7AFft3+/jcnYDTh9wHee3tgFu1gBRh7e+ao+MWq7NEN0N7kUHa7O4c/ND2Ahcx/h4mXD5KDoixFRBUsxYqCJVA68qYJ7vozVPMjNr4jeOo1xt+oevO5+mUWtcaib5Iw51u1Jq/6qCqLsm8Eq3cnsE=</Modulus><Exponent>AQAB</Exponent><P>5aqTyz3GH655H+vO/BzJvFzpILpxLwXZEvqp3l3NYXKqP0tdkY1g36o6M9YodI3h8ho4VFYofIqA1+V0qPkuDQ==</P><Q>wB45uljBS8Z+WGRE1cRdpZb5aKUv76uLlCp6agtPBBhjXNIQrN8MpOCTvZM2cOsuYpYhDtnwsTY9KKXdBmv6hQ==</Q><DP>KB474uzPhwk7L1BJv9BnjPfN4WGwE765xI70zVslXThidNv9ZEeF/IwHzrZCKtn99gSOgmzqdZbcGtqCHmIooQ==</DP><DQ>eLnFrvsdJJ/sP2Fq/CX0bx0rR34eXG6hPI9g84h9s+YbcnWy8t8LVASn8oYyvMydDminB20e2k1qK0PnW6S4/Q==</DQ><InverseQ>rlPpLse8LJ0KRglnu2D1xzJT90QqzS3o80P0WTpUvm95mF5d8YaVj/d9W7FBdgZ98y6Q7of+wLCmYGKLg56wYQ==</InverseQ><D>Gs8mzZDPP3p2aWXLBfCwgYcBVeoBpc318wHg5VcSSqL5uGeLedqxyOLmOOvP0PFXgQkcJWIK/aOkGqcePQECo3TNiK+uLSwc97V3spZah70FFJVyh23Y+o0wlRGHAm5Nj9QieHlVwhgJPkNUJYgH9qkwB9aCpl+rdAG3da2fQ2E=</D></RSAKeyValue>";
string publicKey = "<RSAKeyValue><Modulus>rFsMn+idg8jmVMk249DzJc7AFft3+/jcnYDTh9wHee3tgFu1gBRh7e+ao+MWq7NEN0N7kUHa7O4c/ND2Ahcx/h4mXD5KDoixFRBUsxYqCJVA68qYJ7vozVPMjNr4jeOo1xt+oevO5+mUWtcaib5Iw51u1Jq/6qCqLsm8Eq3cnsE=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";
public string EncryptData(string data2Encrypt )
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(publicKey);
byte[] plainbytes = System.Text.Encoding.UTF8.GetBytes(data2Encrypt);
byte[] cipherbytes = rsa.Encrypt(plainbytes, false);
return Convert.ToBase64String(cipherbytes);
}
public string DecryptData(string data2Decrypt)
{
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
rsa.FromXmlString(privateKey);
byte[] plainbytes = rsa.Decrypt(Convert.FromBase64String(data2Decrypt), false);
return System.Text.Encoding.UTF8.GetString(plainbytes);
}
and my java code is :
byte[] expBytes = Base64.decode("AQAB".getBytes("UTF-8"), Base64.DEFAULT);
byte[] modBytes = Base64.decode("rFsMn+idg8jmVMk249DzJc7AFft3+/jcnYDTh9wHee3tgFu1gBRh7e+ao+MWq7NEN0N7kUHa7O4c/ND2Ahcx/h4mXD5KDoixFRBUsxYqCJVA68qYJ7vozVPMjNr4jeOo1xt+oevO5+mUWtcaib5Iw51u1Jq/6qCqLsm8Eq3cnsE=".getBytes("UTF-8"), Base64.DEFAULT);
byte[] dBytes = Base64.decode("Gs8mzZDPP3p2aWXLBfCwgYcBVeoBpc318wHg5VcSSqL5uGeLedqxyOLmOOvP0PFXgQkcJWIK/aOkGqcePQECo3TNiK+uLSwc97V3spZah70FFJVyh23Y+o0wlRGHAm5Nj9QieHlVwhgJPkNUJYgH9qkwB9aCpl+rdAG3da2fQ2E=".getBytes("UTF-8"), Base64.DEFAULT);
BigInteger modules = new BigInteger(1, modBytes);
BigInteger exponent = new BigInteger(1, expBytes);
BigInteger d = new BigInteger(1, dBytes);
KeyFactory factory = KeyFactory.getInstance("RSA");
Cipher cipher = Cipher.getInstance("RSA");
String input = "test";
RSAPublicKeySpec pubSpec = new RSAPublicKeySpec(modules, exponent);
PublicKey pubKey = factory.generatePublic(pubSpec);
cipher.init(Cipher.ENCRYPT_MODE, pubKey);
byte[] encrypted = cipher.doFinal(input.getBytes());
String strEncrypted = Base64.encodeToString(encrypted, Base64.DEFAULT);
I can not decode strEncrypted value in c sharp.
and at the end encryption value in java is different with c sharp(same keys and algorithm and data) !!!
Second parameter of RSACryptoServiceProvider.Encrypt(plainbytes, false) means that PKCS#1 padding is used. true is for OAEP padding.
In Java the security provider you use maps "RSA" to "RSA/ECB/NoPadding", which is just encryption without any padding, hence an encryption result is always the same. So there is a need to specify "RSA/ECB/PKCS1Padding" to match C# behavior.
You should always specify the mode and padding otherwise the security provider will choose it's own defaults - and the defaults may differ for each provider.
I found it :)
I changed this line :
Cipher cipher = Cipher.getInstance("RSA");
to :
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING");
It worked well. But who knows what's different between these ?
Related
I have a publickey that is:
a383a2916281721498ff28226f851613bab6f89eb0536e9f237e158596d3b012e5707eba9f2a2963faca63fcb10f5de79caf246c1f587ee6e8f895fd848f2da5aba9d71af4dd8d06e99ff3729631626ed3f3202e56962957c0110a99d2b3893feb148291e09b54fe7df121751fb8bb589576542321b4f548be06b9845ebc6bbef1427741c00b632c05854146b597fdef5a89ace1556a769c5eaff8fc0589e7ad4adb2e2a929969c77f395b2f5a276a9389d1f43c061c9459a65b77bcd581c107aa8424223a0b44ee52582362cc96b90eea071a0dda5e9cb8fd5c9fd4ac86e177c07d79071788cb08231240dc1c9169af2629ecec31751069f0c7ccc1c1752303
(Not Base64)
and an exponent thats:
010001
(Again not base64)
and I need to convert this along with a small string to RSA PKCS#1.5
But im a bit confused, it keeps giving me errors when trying to do it
apparently the exponent is formatted wrong and the public key isnt base64?
Heres my code
string publicKey = "a383a2916281721498ff28226f851613bab6f89eb0536e9f237e158596d3b012e5707eba9f2a2963faca63fcb10f5de79caf246c1f587ee6e8f895fd848f2da5aba9d71af4dd8d06e99ff3729631626ed3f3202e56962957c0110a99d2b3893feb148291e09b54fe7df121751fb8bb589576542321b4f548be06b9845ebc6bbef1427741c00b632c05854146b597fdef5a89ace1556a769c5eaff8fc0589e7ad4adb2e2a929969c77f395b2f5a276a9389d1f43c061c9459a65b77bcd581c107aa8424223a0b44ee52582362cc96b90eea071a0dda5e9cb8fd5c9fd4ac86e177c07d79071788cb08231240dc1c9169af2629ecec31751069f0c7ccc1c1752303";
string exponant = "010001";
string toEncrypt = "Test123";
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
RSAParameters rsap = new RSAParameters {
Modulus = Encoding.UTF8.GetBytes(Convert.ToBase64String(Encoding.UTF8.GetBytes(publicKey))),
Exponent = Encoding.UTF8.GetBytes(Convert.ToBase64String(Encoding.UTF8.GetBytes(exponant)))
};
//Tried with and without the whole base64 thing
rsa.ImportParameters(rsap);
byte[] encryptedData = rsa.Encrypt(Encoding.UTF8.GetBytes(toEncrypt), false);
string base64Encrypted = Convert.ToBase64String(encryptedData);
x = x.Replace(match, text.Contains("(URLENCODE)") ? WebUtility.UrlEncode(base64Encrypted) : base64Encrypted);
}
CryptographicException: Bad Data.
Occuring On: rsa.ImportParameters(rsap);
I do have the finished result:
PV7v6F8AOJvIJA6yYJReUf3jRD8HL5LzNIIqs4ehKlwxt00xyvnCCy/MiSX/4ZP6+IZfXPGAs57kM2/KsUau+fgU4p0rxJM569MLZ+RFjBnI/ATE1Ru5v8D2ZcJ89Y0Z3xowVnNMaytwacRf/LZqxIAFpBr/E5G6KSHkSg+3zQIu6RrxbHPrWeiYYUWB5XfYDKlPcezW3QYi9lktGCp2Eqsg+ULX1GD6qIlHySslYlT3kqVZbQb1B5ak416Rq1RMLhUgpsBazuB50jr5I1zfrFdi4UeNlkBWxFcJaGOY8HScCKwvlGU7TqGbjucB1rA3mQhGvSTUmfDeGBnGrLwCdA==
(Got this from using the same data in a non c# non open-source application).
The public key string you have looks like the hexadecimal representation of a byte array to me. Therefore, I tested to convert it to a byte[] using the following conversion:
public static byte[] HexStringToByteArray(string hexString)
{
MemoryStream stream = new MemoryStream(hexString.Length / 2);
for (int i = 0; i < hexString.Length; i += 2)
{
stream.WriteByte(byte.Parse(hexString.Substring(i, 2), System.Globalization.NumberStyles.AllowHexSpecifier));
}
return stream.ToArray();
}
Also, the exponent probably has the same format (3 bytes, 0x01 0x00 0x01), therefore I am using the same approach to convert it to a byte[]
At the end, the code looks like:
string publicKey = "a383a2916281721498ff28226f851613bab6f89eb0536e9f237e158596d3b012e5707eba9f2a2963faca63fcb10f5de79caf246c1f587ee6e8f895fd848f2da5aba9d71af4dd8d06e99ff3729631626ed3f3202e56962957c0110a99d2b3893feb148291e09b54fe7df121751fb8bb589576542321b4f548be06b9845ebc6bbef1427741c00b632c05854146b597fdef5a89ace1556a769c5eaff8fc0589e7ad4adb2e2a929969c77f395b2f5a276a9389d1f43c061c9459a65b77bcd581c107aa8424223a0b44ee52582362cc96b90eea071a0dda5e9cb8fd5c9fd4ac86e177c07d79071788cb08231240dc1c9169af2629ecec31751069f0c7ccc1c1752303";
string exponant = "010001";
string toEncrypt = "Test123";
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
RSAParameters rsap = new RSAParameters
{
Modulus = HexStringToByteArray(publicKey),
Exponent = HexStringToByteArray(exponant)
};
//Tried with and without the whole base64 thing
rsa.ImportParameters(rsap);
byte[] encryptedData = rsa.Encrypt(Encoding.UTF8.GetBytes(toEncrypt), false);
string base64Encrypted = Convert.ToBase64String(encryptedData);
The import of the RSA parameters is successful, and the encryption too.
The output looks like the following. It does not have to be the same as yours (which you produced by using a non C#, non open source application, by the way with which I sensed some kind of reproach) because there are other factors like padding which affects the result, but the encryption is successful.
VXg8wRZz7SDnhg3T1GPs8CztjPsGwES+ngJAaBBVMSNkBiBOU+ju70pI5sAjvFS34+ztY8VLUZZ4vzf9
NkBNCgEn7Q2NezOwgP029yHY169Jc7Kqkwy0UbJLAwCwmqR+/G6B/S2hL2ADV+5EeaEn4ZmmKl/WRp+P
ruwWKDQx46/ih0itvh7uF5/OfKCqeIrcsqpZgQ4pByNQNOTs1sFlKB+/8TZ6Ey00lYU8c3bRLOef0Nh+
uivY0LI2ryOYI//EtmoZqfkeJH2ZqOQPy/I4R/OXHs1RcEZpnam8/OF1c/DlGVp3//RO8owmStxSj/eF
TD5arc3a1kiNma+/DDQYuQ==
I am trying to solve an encryption issue I am having between php and c#.
I have encrypted data using the following php and openssl operation.
$encrypt_method = "AES-256-CBC";
$secret_key = 'XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX';
$secret_iv = 'XXXXXXXXXXXXXXXX';
$key = hash ('sha256', $secret_key);
$iv = substr (hash ('sha256', $secret_iv), 0, 16);
$output = openssl_encrypt ($string, $encrypt_method, $key, 0, $iv);
$output = base64_encode ($output);
I have tried a couple of methods in C# to decrypt but this is what I am trying now.
public string Encrypt_Decrypt(string action, string value) {
string secretKey = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
string secretIV = "XXXXXXXXXXXXXXXX";
string key = Hash(secretKey);
string iv = Hash(secretIV).Substring(0,16);
string retValue = "";
if (action == "encrypt") {
retValue = EncryptString(value, key, iv);
}
else if (action == "decrypt") {
retValue = DecryptString(value, key, iv);
}
}
// Hash to match php hash function
public static string Hash(string unhashedString) {
return BitConverter.ToString(new SHA256CryptoServiceProvider().ComputeHash(Encoding.Default.GetBytes(unhashedString))).Replace("-", String.Empty).ToLower();
}
public static string DecryptString(string cipherData, string keyString, string ivString) {
byte[] key = Encoding.UTF8.GetBytes(keyString);
Console.WriteLine(key.Length);
byte[] iv = Encoding.UTF8.GetBytes(ivString);
Console.WriteLine(iv.Length);
byte[] cipherCrypt = Convert.FromBase64String(cipherData);
for (int i = 0; i < cipherCrypt.Length; i++) {
Console.Write(cipherCrypt[i] + " ");
}
try {
RijndaelManaged crypto = new RijndaelManaged();
crypto.Key = key;
crypto.IV = iv;
crypto.Mode = CipherMode.CBC;
crypto.KeySize = 256;
crypto.BlockSize = 128;
crypto.Padding = PaddingMode.None;
ICryptoTransform decryptor = crypto.CreateDecryptor(crypto.Key, crypto.IV);
using (MemoryStream memStream = new MemoryStream(cipherCrypt)) {
using (CryptoStream cryptoStream = new CryptoStream(memStream, decryptor, CryptoStreamMode.Read)) {
using (StreamReader streamReader = new StreamReader(cryptoStream)) {
return streamReader.ReadToEnd();
}
}
}
}
catch (CryptographicException e) {
Console.WriteLine("A Cryptographic error occurred: {0}", e.Message);
return null;
}
}
I have tried a couple different encoding types when getting the byte[] for the operation.
I keep getting the following error:
Specified key is not a valid size for this algorithm.
Not sure what I am missing. Any help is appreciated.
Also, I already read through this and tried what the solution suggestion recommended. I got the same resulting error.
UPDATE - 01
I have updated the code here to reflect the code I have changed.
The key length is 32,
The iv length is 16,
The data coming in at "cipherData" is length 32,
When "cipherData" goes through "FromBase64String(cipherData)" it comes out as a 24 byte array. This is causing an issue for the decryptor which wants a 32 byte array.
There are obviously problems with the key size. The code between PHP and C# seem to match. The problem seems to be that the code is wrong in both cases.
Let's see how long the key actually is:
Start with a 32 byte key (non-encoded).
Hash the key with SHA-256: 32 bytes (non-encoded).
Encode to hex (integrated into PHP's hash() function by default): 64 bytes.
AES only supports the following key sizes: 16, 24 and 32 bytes. openssl_encrypt() will only use the first 32 bytes of the hex key silently. So, you need to use the first 32 bytes in C#.
Note that openssl_encrypt() takes an options argument which denotes that the output is Base64 when OPENSSL_RAW_DATA is not set. It means that the PHP output was encoded twice with Base64. So you need to decode it twice in C#.
I made a simple script which load the RSA public key to encrypt a string in Python :
(P.S. I'm using this RSA library)
import rsa
rsa_key = "81474a6ab9a4b69aad47d8674e1de67130dd004eb532dcce7c1fc874e0b078ad2eeb88ae72066d018ad614e18f8e2d411e6ac0f483fb7b6877fe814583dfea02056f04db34185bc7ecfe31ef2297e5f282575300c3f7497823ace8e6240e6f611cf3b4c8bfabf9e4092dd00dc66d5fa35cdb14f3f0bcff2c6c0c9b4ecc3aea2822583fef359200580e8495a152e7cb7aca4de7da719f"
e = "10001"
pub_key = rsa.PublicKey(int(rsa_key,16), int(e,16))
crypto = rsa.encrypt("message", pub_key).encode("hex")
So how can I do the same thing in C# ?
You can use the RSACryptoServiceProvider from System.Security.Cryptography.
var rsa = new RSACryptoServiceProvider();
var enc = new ASCIIEncoding();
byte[] data = enc.GetBytes("message");
byte[] encrypted = rsa.Encrypt(data, true);
byte[] decrypted = rsa.Decrypt(encrypted, true);
Console.WriteLine(enc.GetString(decrypted));
For more info and an example setting the public key:
https://social.msdn.microsoft.com/Forums/en-US/67b50472-b23f-4191-b8f4-e4a696fca5e4/how-to-use-a-public-key-with-rsacryptoserviceprovider-class?forum=csharplanguage
I am trying to encrypt the same data using C# and Java. If the data is more than 7 bytes then Java and C#'s encrypted value are not identical.
Input 1: a
java output: FrOzOp/2Io8=
C# output: FrOzOp/2Io8=
Input 2: abc
j : H9A/ahl8K7I=
c#: H9A/ahl8K7I=
Input 3: aaaaaaaa (Problem)
j : Gxl7e0aWPd7j6l7uIEuMxA==
c#: Gxl7e0aWPd7sf1xR6hK4VQ==
Here is the implementation of C# and Java methods.
C# code:
public String saltTxt = "12345678";
public String Encrypt(String txt)
{
byte[] data = Encrypt(Encoding.UTF8.GetBytes(txt));
DESCryptoServiceProvider alg = new DESCryptoServiceProvider();
alg.Key = Encoding.UTF8.GetBytes(saltTxt.ToCharArray(), 0, cprovider.KeySize / 8);
alg.IV = new byte[8];
MemoryStream ms = new MemoryStream();
CryptoStream stem = new CryptoStream( ms, cprovider.CreateEncryptor(),CryptoStreamMode.Write);
stem.Write(txt, 0, txt.Length);
stem.FlushFinalBlock();
data = ms.ToArray();
return Convert.ToBase64String(data);
}
Java Code:
public String saltTxt = "12345678";
public String Encrypt(String str) {
try {
KeySpec myKey = new DESKeySpec(saltTxt.getBytes("UTF8"));
SecretKey key = SecretKeyFactory.getInstance("DES").generateSecret(myKey);
Cipher ecipher = Cipher.getInstance("DES");
ecipher.init(Cipher.ENCRYPT_MODE, key);
byte[] data = str.getBytes("UTF8");
byte[] crypt = ecipher.doFinal(data);
return new BASE64Encoder().encode(crypt);
} catch (Exception ex) {
}
return null;
}
Any idea why it's not working as expected?
The problem was in mode of encryption.
SunJCE provider uses ECB as the default mode, and PKCS5Padding as the default padding scheme for DES, DES-EDE and Blowfish ciphers. (JCA Doc)
and
In .Net, The default operation mode for the symmetric algorithm is CipherMode.CBC and default padding is PaddingMode.PKCS7. (msdn..SymmetricAlgorithm)
The following changes resolve the problem.
// in C#
DESCryptoServiceProvider alg = new DESCryptoServiceProvider();
alg.Mode = CipherMode.ECB; // specified
or
// in java
chiper = Cipher.getInstance("DES/CBC/PKCS5Padding");
don't change in both sides.
You're probably seeing ISO 10126 padding, which appends random bytes to the plaintext to fill it up t oa multiple of the block size.
This behavior is by design.
The code (Java/Android) bellow worke for me.
I used the same approach on C#.
public static String Cripto(String Password)
{
String PasswordCripto = "";
try
{
String encryptionKey = "anyEncryptionString";
MessageDigest messageDigest = MessageDigest.getInstance("MD5");
messageDigest.update(encryptionKey.getBytes("UTF-8"), 0, encryptionKey.length());
byte[] encryptionKeyBytes = messageDigest.digest();
SecretKeySpec Key = new SecretKeySpec(encryptionKeyBytes,"DESede");
Cipher cipher = Cipher.getInstance("DESEDE/ECB/PKCS5Padding");
cipher.init(Cipher.ENCRYPT_MODE, Key);
byte[] encryptedBytes = cipher.doFinal(Password.getBytes("UTF-8"));
PasswordCripto = new String(Base64.encode(encryptedBytes, Base64.DEFAULT), "UTF-8");
} catch(Exception e) { }
return PasswordCripto ;
}
I am trying to decrypt data that is encrypted using the Bouncy Castle library in Java with a C#. The data that is encrypted in Java (again with the Bouncy Castle Libraries) can be decrypted with Java. I am using the same keys and parameters but when I reach DoFinal I get the error "pad block corrupted".
Here is the Java:
KeyParameter keyParam = new KeyParameter(key);
CipherParameters param = new ParametersWithIV(keyParam, initVector);
BlockCipherPadding padding = new PKCS7Padding();
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()), padding);
cipher.reset();
cipher.init(true, param);
byte[] fileBytes = Base64.decodeBase64(decryptedStringData);
byte[] encrypted = new byte[cipher.getOutputSize(fileBytes.length)];
int l = cipher.processBytes(fileBytes, 0, fileBytes.length, encrypted, 0);
l += cipher.doFinal(encrypted, l);
return (Base64.encodeBase64String(encrypted));
Here is the C#:
KeyParameter keyParam = new KeyParameter(key);
ICipherParameters param = new ParametersWithIV(keyParam, initVector);
IBlockCipherPadding padding = new Pkcs7Padding();
BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CbcBlockCipher(new AesEngine()), padding);
cipher.Reset();
cipher.Init(false, param);
byte[] fileBytes = Convert.FromBase64String(encryptedDataString);
byte[] decrypted = new byte[cipher.GetOutputSize(fileBytes.Length)];
int l = cipher.ProcessBytes(fileBytes, 0, fileBytes.Length, decrypted, 0);
l += cipher.DoFinal(decrypted, l);
return(Convert.ToBase64String(decrypted));
I am generating a 32 byte PBK for the key based on a hash that has been buffered... however, we checked the key generated between Java and C# and they are the same.
It turns out that the data provided for encryption and decryption were encoded in different formats. I was pulling in UTF-8 encoded strings to decrypt and they needed to be made into Base64 strings first. Thanks for all of the help provided.