Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Issue when encrypt using RSA_OAEP_256 and A256GCM #220

Open
frankl1m opened this issue Mar 29, 2023 · 5 comments
Open

Issue when encrypt using RSA_OAEP_256 and A256GCM #220

frankl1m opened this issue Mar 29, 2023 · 5 comments

Comments

@frankl1m
Copy link

public static string EncodeJWE(string body)
{
string spki = "-----BEGIN PUBLIC KEY-----\nENCODED PUBLIC KEY\n-----END PUBLIC KEY-----".Replace("\n-----END PUBLIC KEY-----", "").Replace("-----BEGIN PUBLIC KEY-----\n", "");
JweRecipient r3 = new JweRecipient(JweAlgorithm.RSA_OAEP_256,Convert.FromBase64String(spki));
return JWE.Encrypt(body, new[] { r3 }, JweEncryption.A256GCM);
}

When i try to encrypt always i have only public Key, but always i get System.ArgumentException: 'RsaKeyManagement algorithm expects key to be of CngKey, RSACryptoServiceProvider, RSA types or Jwk type with kty='rsa'.' I am using Netfx 4.7.2
@frankl1m frankl1m changed the title Issue when deciphering Issue using RSA_OAEP_256 and A256GCM Mar 29, 2023
@frankl1m frankl1m changed the title Issue using RSA_OAEP_256 and A256GCM Issue when encrypt using RSA_OAEP_256 and A256GCM Mar 29, 2023
@dvsekhvalnov
Copy link
Owner

dvsekhvalnov commented Mar 29, 2023
edited

Hi @frankl1m ,

your spki var is a string and this is not something library accepts as a key.

Checkout docs: https://github.com/dvsekhvalnov/jose-jwt#rsa--key-management-family-of-algorithms

Your easiest option is to use openssl to convert you PEM encoded key into .p12 or see https://stackoverflow.com/questions/11506891/how-to-load-the-rsa-public-key-from-file-in-c-sharp

@frankl1m
Copy link
Author

frankl1m commented Apr 4, 2023

private static RSA rsa = null;

    public static void GenRSAIfNull()
    {
        if (rsa == null)
        {
            rsa = RSA.Create();
            rsa.FromXmlString(certificatestringxml);
            string text = EncodeJWE("prueba");

            string dec = DecodeJWE(text);

        }
    }

    public static string EncodeJWE(string body)
    {
        return JWT.Encode(body, rsa,JweAlgorithm.RSA_OAEP_256, JweEncryption.A256GCM);
    }

    public static string DecodeJWE(string encbody)
    {
        return JWT.Decode(encbody, rsa, JweAlgorithm.RSA_OAEP_256, JweEncryption.A256GCM);
    }

i have this code, all on encryption is OK, when i try decode the same string encoded before, always get same Exception System.Security.Cryptography.CryptographicException: 'Invalid key to use in the specified state.

@dvsekhvalnov
Copy link
Owner

Hey @frankl1m , did you export private key? To decode encrypted payload you need private part of keypair.

Typically when exporting RSA key you want RSA.ToXmlString(true) to preserve private part in xml

@frankl1m
Copy link
Author

frankl1m commented Apr 7, 2023

The certificate used only have Public Key, so if RSA.ToXmlString(true) get exception

@dvsekhvalnov
Copy link
Owner

@frankl1m you can't decrypt with public key only. You need private key to do it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dvsekhvalnov @frankl1m