how to decrypt an encrypted text using RSACryptoServiceProvider?

c# encryption rsacryptoserviceprovider
user848609 picture user848609 · Jul 20, 2011 · Viewed 12.7k times · Source

I have encrypted a text using RSACryptoServiceProvider. I exported the public and private key. Obviously I just want to expose the public key inside the decoder application, so I have written a code as follows : 

private const string PublicKey = "<RSAKeyValue><Modulus>sIzQmj4vqK0QPd7RXKigD7Oi4GKPwvIPoiUyiKJMGP0qcbUkRPioe2psE/d3c1a2NY9oj4Da2y1qetjvKKFad2QAhXuql/gPIb1WmI+f6q555GClvHWEjrJrD/ho7SLoHbWd6oY6fY609N28lWJUYO97RLVaeg2jfNAUSu5bGC8=</Modulus><Exponent>AQAB</Exponent></RSAKeyValue>";

private string Decrypt()
        {
            byte[] encryptedKeyAsBytes = Convert.FromBase64String(_encryptedKey);
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
            rsa.FromXmlString(PublicKey);
            // read ciphertext, decrypt it to plaintext
            byte[] plainBytes = rsa.Decrypt(encryptedKeyAsBytes, false);
            string plainText = System.Text.Encoding.ASCII.GetString(plainBytes);

            return plainText;
        }

But an exception is thrown at line "byte[] plainBytes = rsa.Decrypt(encryptedKeyAsBytes, false);" and says "Key does not exist." However if I expose the whole private and public key then it runns happily. So how can I decrypt the data using only the public key information?

Answer

vcsjones picture vcsjones · Jul 20, 2011

You can't - that is the point of public/private key encryption. The public does the encryption; the private does the decryption.

It sounds like you need some sort of key exchange pattern. For example; if your decoder application is trying to decrypt information from another data source (Source Application), I would implement something like this:

  1. The Source Application generates a symmetric key, like AES.
  2. The Decoder application generates a public and private key pair.
  3. The Source Application asks the Decoder application for the public key.
  4. The Source application encrypts the symmetric key using the public key, and sends it back to the Decoder application.
  5. The Decoder application uses the private key to decrypt the symmetric key.
  6. The Decoder application gets data encrypted with the symmetric key from the Source Application.
  7. The Decoder Application uses the exchanged symmetric key to decrypt the information it received.

There is just an example; but illustrates the basics of how to exchange data between two applications without any sensitive information transmitted over the wire. The symmetric key is not required at all; but is a very common pattern because RSA starts to introduce problems when encrypting large amounts of information. RSA is better to just encrypt an symmetric encryption key instead.

Related questions

Error occurred while decoding OAEP padding

While decrypting text using RSACryptoServiceProvider.Decrypt, I am getting the error: Error occurred while decoding OAEP padding. Here's my code: CspParameters cspParam = new CspParameters(); cspParam = new CspParameters(); cspParam.Flags = CspProviderFlags.UseMachineKeyStore; clsCertificates cc = new clsCertificates(); string a = ""; cc.OpenStoreIE(ref …

Read More
C# RSACryptoServiceProvider ToXmlString()/FromXmlString()

EDIT2: Seems Convert.FromBase64String is my savior. Does anyone know if a comma would every be in such a string? I'm doing basic csv parsing. If it is I can always use quotes (but can quotes ever be in …

Read More
Object already exists in RSACryptoServiceProvider

I copied the source code from one application to another, both running on the same machine. I am also using the same string for containerName below in both applications. What is preventing my new application from reading the key that …

Read More