0

I found similar questions but there are differences in details and for that reason I start new question. I have to encrypt 64 bytes with X509 RSA private key. It must be "direct" encryption without hash - like the 64 bytes are the hash output. I tried this:

X509Certificate2 cert = new X509Certificate2("my_cert_with_private_key.pfx", "pwd", X509KeyStorageFlags.Exportable);
RSACryptoServiceProvider csp = (RSACryptoServiceProvider)cert.PrivateKey;
byte[] encrypted = csp.Encrypt(my_data, false);

After many attempts to decrypt this with:

RSACryptoServiceProvider pub = (RSACryptoServiceProvider)cert.PublicKey.Key;
pub.Decrypt(encrypted, false);

I found that actually the encryption by csp is made with the public key (because test decryption with PrivateKey is ok). Otherwise I get "Key not found" error. It seems that .Net implementation assumes that encryption can be made only with public key and it uses the public key even when you want to use the private key. "Their" idea is to use Sign for encryption with the private key. Unfortunately I have to specify hash algorithm and did not found how to use "RAW" mode (i.e. no hash). Is there a way to use different classes and do simple encryption with the private key?

i486
  • 6,491
  • 4
  • 24
  • 41
  • 2
    Isn't the point of asymmetric encryption that you encrypt with the public key and decrypt with the private key? You seem to be attempting the reverse of this... – Martin Jun 30 '15 at 11:48
  • The encryption with private key is used to digitally sign. Hashes are necessary to shrink big files. In my case I have only 64 bytes (always 64) to sign. And in addition - this is the request from client. I cannot explain him that "it is better to process data with SHA256 before private key encryption". As I wrote above, the problem is in the implementation of .Net RSA classes. They are made "intelligent" and always encrypt with public key. – i486 Jun 30 '15 at 11:55
  • @xanatos - Please read carefully the answer that you posted above. The encryption there is with public key. I need to encrypt with the private key. I have no problem to encrypti with public key and don't understand how you find this "answer"? – i486 Jun 30 '15 at 12:08
  • 1
    Why are you trying to sign some data without using a hash? The hash is a very important part of a signature. – Clint Jun 30 '15 at 12:31
  • @Clint He doesn't want to sign it. He wants to encrypt with private key. It is frowned upon, but it is mathematically doable, see http://crypto.stackexchange.com/questions/2123/rsa-encryption-with-private-key-and-decryption-with-a-public-key – xanatos Jun 30 '15 at 12:38
  • 1
    @xanatos I gathered as much, but in general use it equates to pretty much the same thing as signing, which makes the omission of the hash an interesting issue. Granted there's no reason data couldn't be encrypted with a private key, it just means *anyone* with the public key could decrypt it, which may well be the point here. – Clint Jun 30 '15 at 12:41
  • @Clint - Please explain why hash is important part of signature? In real life, the data file (original) comes with its signature. To check the signature you have to calculate HASH(file), decrypt the signature with public key and compare both hashes. In other words, the hash is not secret - it is a method to speed up the process. Because if you try to encrypt/decrypt 100K file with RSA, you may wait 10 minutes (for example). With hash the heavy RSA operation is executed on 16/32 bytes only. In my case the real data is only 64 bytes and there is no problem to encrypt it directly without hash. – i486 Jun 30 '15 at 12:56
  • @i486 see: http://crypto.stackexchange.com/questions/2474/why-hash-or-salt-when-signing – Clint Jun 30 '15 at 13:00
  • @i486 of note is a comment made further on that post, where it's posited that a short enough block of data could just be signed without a hash if the hash would prove to be longer than the original data. It's just not common practice as far as I can tell to do it this way around. – Clint Jun 30 '15 at 13:05
  • OK. I understand. But anyway I am looking for solution of the .Net implementation. For example, I can encrypt with private key without problem with PolarSSL. – i486 Jun 30 '15 at 13:10
  • well... what about doing the math by yourself? ... https://stackoverflow.com/questions/15702718/public-key-encryption-with-rsacryptoserviceprovider/15706744#15706744 – DarkSquirrel42 Jun 01 '17 at 09:12

0 Answers0