Java Encryption C# Decryption

Question

I got a module which RSA encrypts the data and passes on to the C#. C# needs to decrypt it based on the public key (64 bit encoded) and the passed token.

I have token , 64 bit encoded public key, can some help me get with the sample to get started. All I know from Java end is, it is using. I have got the result from Java end and need to write a parser in C# to decrypt this. I get both public key and token as a string value.

    Cipher cipher = Cipher.getInstance(ALGORITHM); //Algorithm = "RSA"
    cipher.init(Cipher.DECRYPT_MODE, key);

Thanks

Answer 1

To get started, you'll need the private key to decrypt the message. By "public key (64 bit encoded)", I'm guessing what you really have is a Base-64–encoded certificate, with a header line that says "----- BEGIN CERTIFICATE-----" and a footer that says "-----END CERTIFICATE-----".

If that's correct, you'll need to find the private key. This is sometimes stored in a PKCS #12 format file, with a ".p12" or ".pfx" extension. You'll need a password to access the private key if it is stored in such a file.

Alternatively, OpenSSL and other utilities use private key files that can be Base-64–encoded or binary. These have a variety of extensions, and may or may not be password-protected. If the file that you have has a header line of "-----BEGIN RSA PRIVATE KEY-----" or "-----BEGIN PRIVATE KEY-----", that is actually the private key.

Finally, Windows can store private keys in its internal key store.

When you clarify the location of the private key, please update your question.

---

If the private key is used on the Java side, it may be an attempt to perform a digital signature. While all of several Java providers I've tested produce correct results when (ab)used this way, if you are doing a signature, the Signature class should be used. The C# code should use a signature object to "verify" the signature as well.

Encryption is performed with the private key. Since the public key is public, anyone can decrypt the message; i.e., the message is not confidential. Public keys are used by recipients to verify signed messages.

Answer 2

Check this code out.

public static string Decrypt(string inputText)
      {
        RijndaelManaged rijndaelCipher = new RijndaelManaged();
        byte[] encryptedData = Convert.FromBase64String(inputText.Replace(" ","+"));
        PasswordDeriveBytes secretKey = new PasswordDeriveBytes(ENCRYPTION_KEY, SALT);

        using (ICryptoTransform decryptor = rijndaelCipher.CreateDecryptor(secretKey.GetBytes(32), secretKey.GetBytes(16)))
        {
          using (MemoryStream memoryStream = new MemoryStream(encryptedData))
          {
            using (CryptoStream cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read))
            {
              byte[] plainText = new byte[encryptedData.Length];
              int decryptedCount = cryptoStream.Read(plainText, 0, plainText.Length);
              return Encoding.Unicode.GetString(plainText, 0, decryptedCount);
            }
          }
        }