 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / Security / May 2008RSA encrypt/decrypt of byte array
I'm encrypting and then decrypting a byte array using the RSACryptoServiceProvider. The byte array is 52 bytes in length. After encrypting I'm converting the encrypted bytes (returned from the provider's Encrypt method) to a string using Encoding.UTF8.GetString. I then pass this string along to the decryption function. That function first converts the string back to a byte array using Encoding.UTF8.GetBytes. It then calls the RSACryptoServiceProvider's Decrypt method. I get an exception trying to make this call because the byte array returned from Encoding.UTF8.GetBytes is too long. A max of 128 bytes can be passed to the RSA decryption algorithm. I've tried other encodings but can't get this to work. What am I doing wrong? Here's some code: client (encrypts): byte[] cipherBytes = rsa.Encrypt( bytesToEncrypt, false); string cipherText = Encoding.UTF8.GetString(cipherBytes); server (decrypts): byte[] encryptedBytes = Encoding.UTF8.GetBytes(cipherText); byte[] clearTextBytes = provider.Decrypt(encryptedBytes, false); <<--- GET EXCEPTION HERE Thanks, Bob You can't encrypt this much data with RSA with a key the size you are using. RSA is typically used to encrypt a randomly generated session key which does the bulk encryption. The EnvelopedCms class in the Pkcs namespace provides a handy wrapper around the PKCS7 enveloped data structure which handles all this stuff for you although it is designed primarily for encrypting with certificates instead of raw RSA keys. You can devise your own data structure to handle this though. You definitely want to use UTF8 to convert your string to a byte array unless you are certain that it will only contain characters that fit in a single byte character set, in which case one of those may be smaller. UTF8 produces the same byte array as ASCII for ASCII characters. You could try zipping the data before encrypting it, but you might not get it reduced small enough. Joe K.  SignatureJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- > I'm encrypting and then decrypting a byte array using the > RSACryptoServiceProvider. The byte array is 52 bytes in length. After [quoted text clipped - 25 lines] > Thanks, > Bob bobuva <robertuva@gmail.com> wrote in news:014f714a-e412-42d2-83bf- e590600aa6b6@24g2000hsh.googlegroups.com: > client (encrypts): > [quoted text clipped - 8 lines] > byte[] clearTextBytes = provider.Decrypt(encryptedBytes, > false); <<--- GET EXCEPTION HERE Bob, The problem lies in constructing your cipherText string. Not all byte sequences represent a character in UTF-8, which means that you can't just feed the result of rsa.Encrypt() to Encoding.UTF8.GetString(). What you could do instead, is converting your bytes to and from Base64: // On the client string cipherText = Convert.ToBase64String(cipherBytes); // On the server byte[] encryptedBytes = Convert.FromBase64String(cipherText); SignatureArnout. > bobuva <robert...@gmail.com> wrote in news:014f714a-e412-42d2-83bf- > e590600aa...@24g2000hsh.googlegroups.com: [quoted text clipped - 28 lines] > -- > Arnout. I did try converting to/from base-64 string but got a "Bad Data" error from the Decrypt call. I'll look at what Joe K. recommended. Although it looks like I may be switching to WCF for the utility I'm working on instead of doing the encryption myself. Bob > I did try converting to/from base-64 string but got a "Bad Data" error > from the Decrypt call. I'll look at what Joe K. recommended. Although > it looks like I may be switching to WCF for the utility I'm working on > instead of doing the encryption myself. > > Bob Hi, you probably using hardware CSP (smart card). RSACryptoServiceProvider in .NET Framework 2.0 have a problem with hardware CSP. If you use for example "Microsoft base cryptographic provider" then your code will not generate exception. For more information see this: http://forums.microsoft.com/msdn/ShowPost.aspx?postid=2033926&siteid=1 http://lab.msdn.microsoft.com/ProductFeedback/viewFeedback.aspx?feedbackid=0022f 1de-c89d-435c-b8dd-1372d67d1ab9 In .NET Framework 1.1 in VS2003 RSACryptoServiceProvider class work ok. Ivan Blagoev > > bobuva <robert...@gmail.com> wrote in news:014f714a-e412-42d2-83bf- > > e590600aa...@24g2000hsh.googlegroups.com: [quoted text clipped - 35 lines] > > Bob Hi, you probably using hardware CSP (smart card). RSACryptoServiceProvider in .NET Framework 2.0 have a problem with hardware CSP. If you use for example "Microsoft base cryptographic provider" then your code will not generate exception. For more information see this: http://forums.microsoft.com/msdn/ShowPost.aspx?postid=2033926&siteid=1 http://lab.msdn.microsoft.com/ProductFeedback/viewFeedback.aspx?feedb... In .NET Framework 1.1 in VS2003 RSACryptoServiceProvider class work ok. Ivan Blagoev Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.