Using RSA encryption with C# and Java

[Bryan]

Hey guys,

I've been fighting with trying to use RSA to encrypt data in Java and
decrypt the data in C#. I've been able to create an X.509 certificate using
makecert and successfully access it in C# using WSE. After exporting from
certmgr as a CER, I can use it in Java using keytool.

My problem is, I simply cannot decrypt the Java encrypted messages in C#.
If I encrypt and decrypt in C#, everything is fine. One thing I noticed is
that the modulus reported by C# does not match that of Java or openssl
(which do match).

Has anyone successfully used RSA between Java and C#? If so, I'd appreciate
any tips on where I may be going wrong.

Thanks,
Bryan

 

[Pieter Philippaerts]

Has anyone successfully used RSA between Java and C#? If so, I'd appreciate
any tips on where I may be going wrong.

It can be an endian problem. Try reversing the encrypted bytes before
feeding them to the RSACryptoServiceProvider [Array.Reverse can help you
with that].

Regards,
Pieter Philippaerts
Managed SSL/TLS: http://www.mentalis.org/go.php?sl

 

[blah]

I tried reversing the bytes, but I still get a CryptographicException of bad
data when I try to decrypt.

I am Base64 encoding the encrypted value in Java and decoding it in C#
before decrypting. Does the modulus not matching when I print it out mean
anything? Or does .NET do something to it internally?

Thanks,
Bryan

Has anyone successfully used RSA between Java and C#? If so, I'd appreciate
any tips on where I may be going wrong.

It can be an endian problem. Try reversing the encrypted bytes before
feeding them to the RSACryptoServiceProvider [Array.Reverse can help you
with that].

Regards,
Pieter Philippaerts
Managed SSL/TLS: http://www.mentalis.org/go.php?sl

 

[Pieter Philippaerts]

I tried reversing the bytes, but I still get a CryptographicException of bad
data when I try to decrypt.

Can you post the code you're using? [both C# and Java]

Regards,
Pieter Philippaerts
Managed SSL/TLS: http://www.mentalis.org/go.php?sl

 

[=?ISO-8859-1?Q?Carlos_Guzm=E1n_=C1lvarez?=]

Hello:

Has anyone successfully used RSA between Java and C#? If so, I'd appreciate
any tips on where I may be going wrong.

Huummm i'm thinking in if this can be the same problem i'm having when i
test a little TLS 1.0 protocol implementation i have made, against a
jabber server made in java that support TLS, i got an exception
(Unexpected end of handshake message) after send the ClientKeyExchange
message, that uses the RSAPKCS1KeyExchangeFormatter class, but it works
ok against the openssl test server.

Any idea arround this issue ??

 

[Pieter Philippaerts]

Huummm i'm thinking in if this can be the same problem i'm having when i
test a little TLS 1.0 protocol implementation i have made, against a
jabber server made in java that support TLS, i got an exception
(Unexpected end of handshake message) after send the ClientKeyExchange
message, that uses the RSAPKCS1KeyExchangeFormatter class, but it works
ok against the openssl test server.

That has to be a problem in your TLS implementation. I've also made a TLS
implementation in C# and it works perfectly with OpenSSL as well as Java's
SSLSocket.
Note that OpenSSL has compiler switches to make the package support common
implementation bugs. It's possible that the OpenSSL server simply ignores
the bug in your implementation and that the Java server doesn't.

Regards,
Pieter Philippaerts
Managed SSL/TLS: http://www.mentalis.org/go.php?sl

 

[=?ISO-8859-1?Q?Carlos_Guzm=E1n_=C1lvarez?=]

Hello:

Thanks for the anwswer.

That has to be a problem in your TLS implementation. I've also made a TLS
implementation in C# and it works perfectly with OpenSSL as well as Java's
SSLSocket.

It can be too but i can't find where is the problem ,, i'm doing
anything like this to compose the ClientKeyExchange message:

// Compute pre master secret
byte[] preMasterSecret = Session.State.CreatePremasterSecret();

// Create a new RSA key
RSACryptoServiceProvider rsa = null;
rsa =
Session.State.Cipher.CreateRSA(Session.State.ServerSettings.ServerCertificates[0]);

// Encrypt premaster_sercret
RSAPKCS1KeyExchangeFormatter formatter = new
RSAPKCS1KeyExchangeFormatter(rsa);

// Write the preMasterSecret encrypted
Write(formatter.CreateKeyExchange(preMasterSecret));

// Create master secret
Session.State.CreateMasterSecret(preMasterSecret);

// Create keys
Session.State.CreateKeys();

// Clear resources
rsa.Clear();

Note that OpenSSL has compiler switches to make the package support common
implementation bugs. It's possible that the OpenSSL server simply ignores
the bug in your implementation and that the Java server doesn't.

I know i'm running the openssl server as:

openssl s_server -accept 4443 -key .\bin\cert\server.key -cert
..\bin\cert\server.crt -tls1 -bugs -debug -msg

And all is running fine, it finish the handshake, and sends and receives
well application data messages.

 

[=?ISO-8859-1?Q?Carlos_Guzm=E1n_=C1lvarez?=]

Hello:

And it was thanks you very much, i have solved it yet

 

[Bryan]

It turned out to be an error in the Java code. I rewrote it to use the
Cipher classes instead of using modpow as the original code did. That fixed
the problem.

Thanks for the help,
Bryan

I tried reversing the bytes, but I still get a CryptographicException of bad
data when I try to decrypt.

Can you post the code you're using? [both C# and Java]

Regards,
Pieter Philippaerts
Managed SSL/TLS: http://www.mentalis.org/go.php?sl

 

[Jim Sun]

Brian,
Could you tell me what you mean by using Cipher classes?
I am having the same problem in encrypting msg in Java using public key
and decrypting it in C#.

I am using ISNetworks as crypto provider.

Thanks,
Jim

 

[Regina Krupitskaya]

Dear Brian,

I also have a problem with encryption in Java decryption in .NET.
I am using a cipher class in Java.
I am getting an error message "Bad data" in .NET.
I would realy appreciate if you show your code.
Regina

 

[Jon Skeet [C# MVP]]

I also have a problem with encryption in Java decryption in .NET.
I am using a cipher class in Java.
I am getting an error message "Bad data" in .NET.
I would realy appreciate if you show your code.

Could you post a short but complete program which demonstrates the
problem?

See http://www.pobox.com/~skeet/csharp/complete.html for details of
what I mean by that.

 

[Regina Krupitskaya]

I used exactly the code posted by Michel Galant.
http://www.jensign.com/JavaScience/dotnet/RSAEncrypt/index.html
Thank you,
Regina

 

[Jon Skeet [C# MVP]]

I used exactly the code posted by Michel Galant.
http://www.jensign.com/JavaScience/dotnet/RSAEncrypt/index.html

Well, there are some problems with that code certainly, but *if* those
are set up with the correct key and IV, I would have thought it would
be okay. What exactly are you giving it? (And what's in your Java
keystore?)

 

[Regina Krupitskaya]

Jon,
I am using a JKS file other person generted.
I am sending it to you using your direct email.
If you are using "anonimous" email, please, send me something on my
email, and I answer you.
Thank you for help.
Regina

 

[Jon Skeet [C# MVP]]

I am using a JKS file other person generted.
I am sending it to you using your direct email.
If you are using "anonimous" email, please, send me something on my
email, and I answer you.

I've got the email, thanks - I'll try to have a look at it tomorrow.