4

I have the following code below to generate an OpenSSL RSA public and private key using OpenSSL.Net. However, I can't seem to find a way to decrypt data with a given private key. I know if I call generate keys and then the corresponding methods to encrypt and decrypt the data it works fine. However, if I am trying to decrypt something from an external source given a public key, how can I decrypt using that key.

Note: Please do not give examples that don't use OpenSSL.NET. The Microsoft Cryptographic providers are far slower than OpenSSL and do not meet my speed requirements.

Thanks!

public class AsymmetricKeyResult
{
    public string PublicKey { get; set; }
    public string PrivateKey { get; set; }

    public AsymmetricKeyResult(string publicKey, string privateKey)
    {
        this.PublicKey = publicKey;
        this.PrivateKey = privateKey;
    }
}

public static AsymmetricKeyResult GenerateAsymmetricKeys(int keyLength)
{
    RSA rsa = new RSA();
    rsa.GenerateKeys(keyLength, 0x10021, null, null);
    AsymmetricKeyResult kResult = new AsymmetricKeyResult(rsa.PublicKeyAsPEM, rsa.PrivateKeyAsPEM);

    return kResult;
}
Jeffrey Kevin Pry
  • 3,266
  • 3
  • 35
  • 67

2 Answers2

7

I ended up figuring it out through the object browser on the Managed Wrapper for OpenSSL.NET. This works:

    public static byte[] AsymmetricEncrypt(string publicKeyAsPem, byte[] payload)
    {
        CryptoKey d = CryptoKey.FromPublicKey(publicKeyAsPem, null);
        RSA rsa = d.GetRSA();
        byte[] result = rsa.PublicEncrypt(payload, RSA.Padding.PKCS1);
        rsa.Dispose();
        return result;
    }

    public static byte[] AsymmetricDecrypt(string privateKeyAsPem, byte[] payload)
    {
        CryptoKey d = CryptoKey.FromPrivateKey(privateKeyAsPem, null);
        RSA rsa = d.GetRSA();
        byte[] result = rsa.PrivateDecrypt(payload, RSA.Padding.PKCS1);
        rsa.Dispose();
        return result;
    }
Jeffrey Kevin Pry
  • 3,266
  • 3
  • 35
  • 67
2

I found this and thought it was the answer to my prayers. However using openssl (1.0.0e Mac os x) to generate pub/priv keys, i cannot get the clear text back again from the encrypted text - is there a GetBytes/Baseencode type step I'm missing? did you come across this?

EDIT: no sooner had i posted i then came across a different example using UTF8 encoding not ASCII, which works!

Ben

namespace testopenssl2
{
class Program
{

    public static byte[] AsymmetricEncrypt(string publicKeyAsPem, byte[] payload)
    {
        CryptoKey d = CryptoKey.FromPublicKey(publicKeyAsPem, null);
        RSA rsa = d.GetRSA();
        byte[] result = rsa.PublicEncrypt(payload, RSA.Padding.PKCS1);
        rsa.Dispose();
        return result;
    }

    public static byte[] AsymmetricDecrypt(string privateKeyAsPem, byte[] payload)
    {
        //CryptoKey d = CryptoKey.FromPrivateKey(privateKeyAsPem, null);
        CryptoKey d = CryptoKey.FromPrivateKey(privateKeyAsPem, "pass");
        RSA rsa = d.GetRSA();
        byte[] result = rsa.PrivateDecrypt(payload, RSA.Padding.PKCS1);
        rsa.Dispose();
        return result;
    }

    static void Main(string[] args)
    {
        String t = @"-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCbhcU+fhYmYLESZQAj1hKBXsNY
si0kYHNkxpP7ftxZiTFowWUVXHzQgkcYiCNnp3pt1eG6Vt0WDzyFYXqUUqugvX41
gkaIrKQw/sRiWEx49krcz7Vxr3dufL6Mg3eK7NyWDGsqwFrx/qVNqdhsHg12PGNx
IMY4UBtxin2A8pd4OwIDAQAB
-----END PUBLIC KEY-----";
        String p = @"-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,0A128C2617BD2EB1

pTDtXB+mockO7fvVqn4fwGnSb1Zv3HaMAALtpiB7Rn64eAHL7psKQIIM3qoshDWF
XgXDdTnMOGO7wtYkd9R7iJYxgt19EuEdtu2SLLXQuN4ll+JSR2R/34dF19iMXI30
d3pe7obTIwKdyRGuu8GgEm6bGai4pkqptP0HRA6qdMI2+Qfl9+VqUuvIm7tfpIRd
/ZLENe756IrGDvI7lGx39Md/H2sgAJsWkSYubhmtxVJ0IEvbPuKDC5V5oLyTOoy+
6sc6ly57C4XHaTLhAKnYEvZAddnXg/e/VtfmTpqKx3n7D6FAKo1RjAjeZqEvefZd
XAhh19YhZq3mdZNYUt7ojUarf/q3zrtTMLUxHdR0Be/VaQC5AE0d6quKyUQgxiti
XNRS8xk9IJJqJLFSHO3ET+oTfcs+kLPuUDHqq0hY/OgW/THcDgPY1cDwtOX9yuI3
YDoFTb3SXzRTmk2ui33f96wNPwzIAp9+TJzITxJYbF233Pz4YWuabrFuoNWZnwtT
E/o6wcGfvAXTQkAKzwfLbTDmg5SSiGokoEcgm7qpfmQxKdmV1LmbW88DuAgdWggm
Qf3ydZ2IrrtD1o+XP7JraeVOql0OK77pJh/bcr3bLiAT8YtsQUZLnOjkbDc3F1zW
BGr6eeqUHxY6cqKieokhl9cBBjWuxJQL2h997svBufWdNOjTA4+32lXzDzi7bUxC
xzIqZ7nm3YC2zUjla/l3Smz5KitqU5Y3Q9URpXOW+qMiPxmTHYOEcRDy9yh2U4iA
CoTD6q0ZNJLEo3EVcDB+26O663/mQLuR69xstUgqHpSzGvXbqrmezA==
-----END RSA PRIVATE KEY-----";

        System.Text.Encoding enc = System.Text.Encoding.ASCII;
        String s = "hello";
        byte[] payload = enc.GetBytes(s);
        Console.WriteLine("s: {0}", s);

        byte[] byte_encData = AsymmetricEncrypt(t,payload);

        String res;
        res = Convert.ToBase64String(byte_encData);
        Console.WriteLine("encypted: {0}", res);

        byte[] byte_decrypted = AsymmetricDecrypt(p, byte_encData);
        String res_unenc;
        res_unenc = Convert.ToBase64String(byte_decrypted);

        // works!
        Console.WriteLine("decrypted: {0}", res_unenc);

    }
    }
}
Ben
  • 1,292
  • 1
  • 13
  • 21
  • I have the key which starts with ---BEGIN RSA PUBLIC KEY ---, How to convert it to the above format? – abhithakur88 May 26 '15 at 13:58
  • *"How to convert it to the above format?"* - use the `*_PUBKEY` functions in OpenSSL. See [How can I transform between the two styles of public key format, one “BEGIN RSA PUBLIC KEY”, the other is “BEGIN PUBLIC KEY”](http://stackoverflow.com/q/18039401) and – jww Jun 17 '15 at 05:52
  • I dont understand, I thought we have to use the public key to decrypt and a private key to encrypt? – GIVE-ME-CHICKEN Sep 14 '17 at 07:42
  • Just in case anyone else comes across this and get confused i'll explain how the keys are used using a scenario. Say for example i have a file that i want to share with you secretly, i'll use your PUBLIC key to encrypt my file before sending it to you. Now i can send the encrypted file any way i like, as unsecurely as i like, but only you can decrypt it using your PRIVATE key, while the original remains with me. – Kris Dec 02 '18 at 02:43