1

So, in my C# app I have the following code to encrypt the data:

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
using System.Xml.Serialization;

namespace TEST
{
    public class RSAEncrypter
    {
        private static RSACryptoServiceProvider RSA;
        private RSAParameters _privateKey;
        private RSAParameters _publicKey;

        public RSAEncrypter()
        {
            RSA = new RSACryptoServiceProvider(2048);
            _privateKey = RSA.ExportParameters(true);
            _publicKey = RSA.ExportParameters(false);
        }
        public string Encrypt(string plainText, string publicKey)
        {
            RSA.FromXmlString(publicKey);
            _publicKey = RSA.ExportParameters(false);
            RSA.ImportParameters(_publicKey);

            var data = Encoding.Unicode.GetBytes(plainText);
            var cypher = RSA.Encrypt(data, false);
            return Convert.ToBase64String(cypher);
        }

        // Gets the privatekey as a string
        public string PrivateKeyString()
        {
            var sw = new StringWriter();
            var xs = new XmlSerializer(typeof(RSAParameters));
            xs.Serialize(sw, _privateKey);
            return sw.ToString();
        }
    }
}

Which gives me, for example, a key in the following format (as a string):

<?xml version="1.0" encoding="utf-16"?>
<RSAParameters xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <Exponent>AQAB</Exponent>
  <Modulus>38Z4+7H1ADzMPO8z5+QdxXS21YBEaq9Xacf7dHFXUpK72SUAIYnfijc5RDSgGFismTNlrrOa7m/6+iIWS/yB7+esvIjgfSFm+QU2aeC16NisMuw+KvPeEr8CVMjh8F5YW1ST4qKXHXG6qIe/FM2LPVGV92O9WO1ATIDcATO8UU2rJgrxKMdmE9fawqmy/j7fwI1+FL6LCNgdvgZ3OOLLwHVcyOyj7ibiIUQAcw10qW0I4MBnQL5V8udKrhKXKoVE6rsfLZoBC9rBD62ckB7CJfMsGcAVffBvnd7SRJiTFEEPVZFqzyGk0BOeqbJkHbzKNytNkUjnFQlDX9tSLCtufQ==</Modulus>
  <P>+jlZUY/lv0bMWbcWVXZ+moDF96ZQ+uKHMbpAMN18ByRmZSLZ9CeHTNEkoudOzB6R9wN8xyEmnCrDZujSB65uBILdJvsJk8TYBThp5RBbBZ1YQb30CcxhsMX2s6Gwze8CoXmBU5as6tMDh+tBpxxeYxE/crS3rP7kAM2Lr88cILM=</P>
  <Q>5PDUdn/RB8dhxkjSFZS0MtrefVgYmoDNjN9O+Ru7ZzNz7eqig1zLlKytDQzmpaIv6Zvrn5Y5TBaFDp1BTVLAStu8e/RU4i7qWVu6Xm83xtgB4NDULXStyYqpeZhyilD4BsfIYeRyZ3A9wUyACQ6CU3GxuIczWYkfT3HmSy5ebA8=</Q>
  <DP>nEH/8x0nXeF6b3QUMF6FBTrxZYuo+mNIBdfHijxl3ZfvkazH6t5cca4RcOF9pZ5ZjKXS4A9lqxRRXgx6TG2zKoIGVPdjrbG5LNlj17X1AXaWzMcwhIXrY5bcTqTkYlWlkOztxCNN7H7Fr7VMFG10y+zTcHBGW3P5Mj8pwipV6F0=</DP>
  <DQ>DMkWVHfW6KRN5ZDzipj/Z0ep3T4qQZan5BIkiuztjlnlQ4gzAzsPc4IhN/VcfCuOmXFHu2XcVU98ptBJcVQJwSR8Zj/C7c7I76ybv+JeLxCpKjD/aHp3qiXASTYmT2suLtLBchYb/YLbMAxhqh/RT2+uCSwjxgBOa1VlExXH2Ck=</DQ>
  <InverseQ>zlFNPMXsmgjWz0rA5y3stzoKDiw0mbb1rU6iSXKKOZz5djokAX1tjtcwUbzdv3I5x8m+3K1qprXURUYbZXf+ubwkoYiG4WaJDWhZ+y33Q8iK87BUKy6Q062F4XryBVagCJHKMNStiiMmFB9IdbDu/wbYh52BjrwhwncLOEYaSaQ=</InverseQ>
  <D>YQvsEAv/WtkDIjIC6sBtgOK7ICB+i137pO6LyNYWrsLgIK4BPopSndiRR1kjTSu3vsEhigBuYpXB3JTH4rBhka+BpEogQWQpCjoOfSBtA8xj8bmuxGX6m1qnIin0gpAH9aPaduFYc/aMouYsIlN53V/yj9V7moNZ7VO9FfBf7UnX7yTc2/fvXz9atXepQmir2YOO41Z5KgytSF1M7R3eZq1GLTnaqRK+LCQ5cKkxqcIAtUX7BZgkLnHZs3zqLo998gXbogmkqxB4NWc9bwWjybC1CMWyZeiRuaw/Wye4GbNmpM7sfsB7GINndwCSqfJzwSetGCSca8x2wkms+5zOaQ==</D>
</RSAParameters>

So how could I decrypt a message in PHP using this key?

I found this in PHP: openssl_private_decrypt but it doesn't accept the key in this format apparently.

Soulss
  • 171
  • 1
  • 12
  • This appears to be the way to export a full key in C#: https://stackoverflow.com/a/23739932/231316. The answer is older, and I would hope there’s an easier way to do it, but I’ve been out of .Net for a while now. – Chris Haas Dec 21 '21 at 04:29
  • @ChrisHaas Using that answer I managed to find this methods: https://gist.github.com/fmoliveira/42af375804e0cd3add8d Which gives me the key in the PEM format, but still, using openssl_private_decrypt won't decrypt the message. – Soulss Dec 21 '21 at 05:19

1 Answers1

0

Ok, I found out!

So, first you need to convert the key from XML to PEM format. I found this GITHUB code which is very usefull doing that: Exports RSA key pair to PEM format.

Next, after you encrypted the data utilizing my original code in the Question, you need use php's method base64_decode before utilizing the method openssl_private_decrypt. So, in the end you'll have something like this:

<?php
$encryptedData = '
b9+nktWSdlYQWiuswcT49JJdt1mmZj87Gwwydkpiu2Xbf3n1Nc+xE5whSzgfTIIthQEVssCUk/UfNsyN2iC37nkxcQe4Xu6KsiWFYvCRZmxww24p/qi43isd1ijCS6wajrJbrpq2tvLzBZ7KhrYkEt3qPbanRRslJauzaCW8MT42HotFl7mVKJjj5p+U6p5dklkm0Uxn36a9eB8+Nt8kSum1YcUbkrS0TRhmorQxifNY99yEju3KeISq5+946tKpW+Efau0CvUF/V5mKn203T5MdO8x5z7VFejHW6dB6oDxTh9EeEyEAPPRBz734wtZxCOVODd39Ttnk6FfnnWat8w==
';
$private_key = '
-----BEGIN RSA PRIVATE KEY-----
MIIEpAIBAAKCAQEAwGbWRx8kEz5+BHt5f8/R4ka7AOBGbP1YjfhY33eUQzsh6Ygl
jAvPYXmopaSEOLWAjq/TTCGXGmSfZi0DRPGeSnNXzU6nUu1qQBC5sQYIPSph/lEV
S7jv8isVO9/vH+TGCwE0CeGiQt1QP/m72Vaux3U6nt6ddVat3rpHy4FVuuDHKF58
9HQakf5cMCz4wei4y71U/tLIj1F7P5TRqSdKMB4ZLYLDbX+32OEPMEP6DJEysAiC
oRdpBR/KCOlH3QHEF0RDuTbdgL6f8oAuN2Wvr+p+f1lnkld08+gyKma9cEBpeIB7
cjBeNNcImyhXfp8VBjjZNd//ikt7jnDle30MWQIDAQABAoIBADuxbDfCrKGf2N8x
I+AIrTiD807xRkhYTdo2O/SRGBnHxdy7ldKec2fto+pIYZFqlokueeL75PKWV3IO
8x23zQGSSaJ0DavH5xgbWFFY6sN3W9HYfD/zD9bVkQ/ziTAe/Wa6p9eM/pe6LES9
CZADudQ+RcK2lKmsC+O3bcDwzpVczzuZ1s29F6Jc2L0Q7e1ce9FfBmhl/faei7ro
5DWV30+AqhdwPppMhOWFS/walro8Sq90Kz0chaU6N1vVBEdo4dSLKYapyxJwAHhm
HfNkA+wMrsMXGd9eKpi4u8AupnJYypFdBaEEgrKIbg21LLRTyx1fFKXWdE0puG7H
0GVfoNUCgYEAxoaCzv7LslAOa8bZwGVxcvnE0tIafPwXyOldH/jqeXf53I1gOmFM
dI143wawKQES8CvrbedzP/5tNVZhdrOOekTRM61yw3xSUYY5e8Ngt/gn4KyQ0nA5
X75QjtC6VxNM6ssFpyUxQT95lvTo13avrVjhnGt3raNxwTgiqJjvTfsCgYEA+Bp5
FElve0NnfvkpYeffuF6E3mTRS44IH7qRTFrpXh31zwMxE6K3cltbRtHtuf5/7DmR
XpbeogxG4Bzzw/Y7DodV3V82ApIzyhFkN5PPfg5mR/W8cia82Q3QsRMpjYTo9TBZ
aiAsTbUz8E6KaFrS64V6KbRl84EE8XBaG7tvYrsCgYBZ4TZBzvub7EDLLMkTIRpe
6pPgurzBT0TZckX2HrTRb68Q2nTxmXGK5y4NEzMYLWNMlyXMqVf1ZhQ9bLFNk3dz
BcsNMX7e4F9Ih5No5Aja4Z/0SUx76dEf9sL0Fa33lEZjmq0hgmYtWzaKULFGM3bP
7YifT8xsMa5jwy111V+qlwKBgQCjtHwN+cKYd8pTir5WfrQsqBlN0QIUs3wCy4zR
7+6qDmTCGl4IkcYvq74Xha8xmY745KdZ3Xy7OhSODix+MfuXw47RieBOY//OJhmV
Xm97wq6Ubr3QKGVVZvs7y+QQIBHCrwtgriftglHqDzjeUId5plIMMJ9Qw+HqGXMr
d0qwvwKBgQCjNuhKMHGqG6DuYiLQjJVHA6aG87K5tfNNC8yQPOIbkIJTlSzGQIkm
66wA2PSCI+yRixm+gZWGdVcYuVvcfTHLsledLocTWBRf/2VAGlqZg1ewybGrrixF
05KXg9DcAK9HFyZryFZAXtLyAoRaS1ElcSVBtLggQreGsr8fIM5Fvw==
-----END RSA PRIVATE KEY-----
';

openssl_private_decrypt(base64_decode($encryptedData), $decriptedData, $private_key);
echo var_dump($decriptedData);
Soulss
  • 171
  • 1
  • 12