2

Here is the Objective-C we are using to generate the RSA object using the following lib: https://github.com/kuapay/iOS-Certificate--Key--and-Trust-Sample-Project

 BDRSACryptor *rsa  = [[BDRSACryptor alloc] init];
 BDRSACryptorKeyPair *RSAKeyPair = [rsa generateKeyPairWithKeyIdentifier:nil error:error];

We then pass RSAKeyPair.publicKey to our c#, where using the BouncyCastles library:

using (TextReader sr = new StringReader(pempublic))
{
   var pemReader = new PemReader(sr);
   var temp = (RsaKeyParameters)pemReader.ReadObject();

   var RSAKeyInfo = new RSAParameters
   {
      Modulus =  temp.Modulus.ToByteArray(),
      Exponent = temp.Exponent.ToByteArray()
   };

   var rsaEncryptor = new RSACryptoServiceProvider();
   rsaEncryptor.ImportParameters(RSAKeyInfo);
}

There are no errors, but the encryption is different. The same string encrypted in c# and obj-c are different, and we are unable to encrypt on one end and decrypt on the other.

Help!

Edit: Willing to consider any methodology of exchanging public keys between c# and obj-c. This is just the closest we have come so far.

Edit2: Contents of pempublic

-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/ugxekK+lY0VLeD8qA5nEhIn7IzBkgcrpiEM109chFxHobtvWEZbu8TqTIBtIgtISNp4idcEvahPniEyUawjmRSWB7uYmcHJ3pWaIo5/wBthmGrqS/XjedVXT6RuzaoPf9t0YXyW6YiH1kQZn4gjZF51O6iIk2+VnfkYVqeKBtQIDAQAB-----END PUBLIC KEY-----

Edit3: Regarding padding: C# and obj-c are both using OEAP padding.

Edit4: How the text is being encrypted: c#

 byte[] testBytes = Encoding.UTF8.GetBytes("1234567890");
 byte[] encryptedBytes = rsaEncryptor.Encrypt(testBytes, true);
 string base64 = Convert.ToBase64String(encryptedBytes);

obj-c

NSString *encrypted = [rsa encrypt:@"1234567890" key:RSAKeyPair.publicKey error:error];

Final Edit:

Solved by using the Chilkat encryption library on the .NET server. We are now able to load an RSA encryptor from a public key in both XML and PEM format generated from a .NET, Java, or Objective-C Client. If anyone could explain why the .NET RSACryptoServiceProvider wouldn't work, we are all quite curious.

Julien
  • 212
  • 1
  • 18
  • 53
  • 2
    The isuse is probably the padding performed. It is likely that objective C uses PKCS#1 v1.5 compatible encryption and that C# uses PCKS#1 v2.1 OAEP compatible encryption. Note that encryption uses random padding, so the fact that the output is different is not surprising; it is meant to be different. Please show us the code used to encrypt the plaintext... – Maarten Bodewes Jul 30 '13 at 19:36
  • Regarding Edit3: have you also checked which hash function is used for both C# and objective C? – Maarten Bodewes Jul 30 '13 at 19:39
  • @owlstead where do i find this information? – Julien Jul 30 '13 at 19:40
  • good question :), I'll check. BTW, should that result in objective-C not be `NSData`? – Maarten Bodewes Jul 30 '13 at 19:42
  • 1
    My colleague has informed me that it is NSDATA while encrypted but then base-64'd into NSString. I am not too familiar with obj-c – Julien Jul 30 '13 at 19:46
  • 1
    OK, so OAEP in C# uses SHA-1. Now for objective C... – Maarten Bodewes Jul 30 '13 at 19:50
  • Cannot find anything about the objective c encryption. Don't have much time, can you give me any pointers? – Maarten Bodewes Jul 30 '13 at 20:15
  • i dont know enough about the subject. sorry :( – Julien Jul 31 '13 at 14:47
  • If you are willing for me to try out some encryption schemes then you could provide us a sample output and a private key (in PKCS#8 format). – Maarten Bodewes Jul 31 '13 at 16:13
  • we ended up purchasing the Chilkat encryption library. We are now using the Chilkat RSA component on the serverside, and stock components on the .NET, Java, and Objective-C client side with no issues. – Julien Jul 31 '13 at 19:35
  • shame I could not help you getting it fixed. I don't know if using Chilkat is an acceptable answer... if you think it is, post it as an answer, otherwise you could delete the question (as I don't think there is enough info in the question to fully answer it) – Maarten Bodewes Jul 31 '13 at 20:14
  • there is enough information in the question to fully replicate our issue, which to me seems like enough information – Julien Jul 31 '13 at 20:28

2 Answers2

0

please check my answer to my own question RSA C# encryption with public key to use with PHP openssl_private_decrypt(): Chilkat, BouncyCastle, RSACryptoServiceProvider

i think it may be helpful

to make it short, try using temp.Modulus.ToByteArrayUnsigned()

Community
  • 1
  • 1
jungle_mole
  • 310
  • 3
  • 22
0

I wrote RSA and AES implementation using CommonCrypto, implementation is done in order to be interoperable with .NET

Check it out

https://github.com/ozgurshn/EncryptionForiOS

I used base64 encoding

.NET side could be 

 public string RsaDecryption(byte[] cipherText, string privateKey)
    {
        var cspDecryption = new RSACryptoServiceProvider();

        cspDecryption.FromXmlString(privateKey);

        var bytesPlainTextData = cspDecryption.Decrypt(cipherText, false);

        return Encoding.UTF8.GetString(bytesPlainTextData);
    }

public byte[] RsaEncryption(string plainText, string publicKey)
    {
        var cspEncryption = new RSACryptoServiceProvider();

        cspEncryption.FromXmlString(publicKey);

        var bytesPlainTextData = Encoding.UTF8.GetBytes(plainText);
        var bytesCypherText = cspEncryption.Encrypt(bytesPlainTextData, false);

        return bytesCypherText;
    }
Ozgur Sahin
  • 1,305
  • 16
  • 24
  • 1
    But privateKey you generated is not XML format. How do I use It in .NET `cspDecryption.FromXmlString()`? – wtf512 Jun 25 '15 at 10:39