encryption - Decrypt string using the pem or pkcs key received in c# -
given key in pem format similar to
-----begin rsa private key----- proc-type: 4,encrypted dek-info: des-ede3-cbc,de1bb301bde4bb45 msuepzkz0uaomhgxbpnh2gonsxyexdeqetd9w71l0g1bk1ccbiv4eonmr7bcn+oe (20 lines) yoix/e+tfhkt3gqcfhvungsoe/5+huxwrwuc5dthpzzzfldcxhfwfrrbzosgxzpx ubs1jxy4qolrdzvazlqespforxbtyd6ruhi1ui5lqew7363vyclho9qyggfm0lui qbln5wv37ptmayxmfzlgub2xazwon+wu3obbxucfxay96y6vgzv0lq== -----end rsa private key----- and encrypted string(which encrypted using public key) tried decrypt following code
tripledescryptoserviceprovider des = new tripledescryptoserviceprovider(); des.iv = hextobyte("de1bb301bde4bb45"); des.padding = paddingmode.none; des.mode = ciphermode.cbc; des.key = convert.frombase64string(//key above ms.. ==); byte[] encrypted = convert.frombase64string(""); byte[] decrypted = des.createdecryptor().transformfinalblock(encrypt, 0, encrypt.length); string decryptedstring = encoding.utf8.getstring(decrypted) which results in exception when assigning key "specified key not valid size algorithm"
the key generated using (also tried 192)
openssl genrsa -des3 -out key.pem 2048 public key generated using
openssl rsa -in key.pem -pubout > key.pub would able me point out missing or doing wrong?
thank
you using rsa key 3des cipher. it's wrong key.
the private key in question has been encrypted 3des, using password-based encryption. you'll need key in order decrypt private key before can use anything.
once recover rsa private key, use decrypt symmetric keys. normally, each encrypted message include symmetric cipher key, encrypted recipient's public key. that's you'll decrypting rsa private key recover.
once have second symmetric key, can use decrypt actual message, show in question.
in pseudo-code:
rsapvtkey = passworddecrypt(password, encryptedprivatekey) contentkey = rsadecrypt(rsapvtkey, encryptedcontentkey) message = tripledesdecrypt(contentkey, encryptedmessage) the code in original question pretty close. problem key derived password, , message base-64 encoded information. decrypting yield rsa private key in pkcs #8 format, , .net should have api loading that.
openssl key derivation not standard (and it's not good). you'll need find or write code create des-ede3 key password using md5 hash algorithm.
d0 = md5(password || iv) /* hash password , iv */ d1 = md5(d0 || password || iv) /* hash first hash, password, , iv */ key = subarray(d0 || d1, 0, 24) /* take first 24 bytes of d0 + d1 */ the javascience code contains function, getopenssl3deskey key derivation. call iv extracted, password, count of 1, , miter of 2.
once this, assign des.key in original code. assigned des.key should assigned encrypt instead. (this decodeopensslprivatekey function does.) when complete decryption, byte array decrypted contain rsa private key in pkcs #1's chinese remainder theorem format. there should .net api construct rsa private key this. (see decodersaprivatekey function this.)
this rsa private key can used decrypt other messages.
Comments
Post a Comment