English 中文(简体)
how to read a RSA public key from a pem file OR xml file
原标题:

I have a simple thing to do : I want to encryt data using AES algorythm and a key contained in a pem file, like shown on the page : http://msdn.microsoft.com/en-us/library/sb7w85t6.aspx

In this example, a new encryption key is created every time the function is run. But I need to read this key from either a pem file or an xml file but I can t find a way to do it.

Is there a simple way to read a key from a pem file and convert it into a byte array (byte[]) ?

I am using C# - .net Framework 3.5 and the key in the file is the RSA public key of our partner.

最佳回答

What kind of XML file is the RSA key in?

.Net s RSACryptoServiceProvider class can read public keys from XML using the FromXmlString method in the following format:

<RSAKeyValue>
    <Modulus>3EgNS5XumwoQYU4uvr2OTtlZ4YJWUcGqTAVLQPtzejB7JSiETGdveuH7jGRFi2lNqruRL+SGpr6KJvvijG7wOQheIsJC48lDnS692pZH3rDcWgGuqjwssFKhJ5GSu3Tetrf4DOKVOeTaG5cU0pATV6aDU0Npy0a+5vkU5e3+5jE=</Modulus>
    <Exponent>AQAB</Exponent>
</RSAKeyValue>

EDIT

As I understand your procedure, you re using the RSA public key as an AES symmetric key. DO NOT DO THIS! It adds the illusion of security without doing anything to protect your data. As an analogy, it s like sending a safe along with its key, but putting the key in a pink box first. If you do it this way, anyone who gets the public RSA key will be able to decrypt your data; the private RSA key wouldn t be used at all.

If a third party is forcing you to do it this way, show them this answer, or ask any half-decent cryptographer.

DO NOT ALLOW THEM TO DO IT THIS WAY


What you should be doing is creating a random AES key, encrypting it with the RSA public key, and then sending the encrypted key along with the encrypted data. This way, the data will only be readable by people who have the private RSA key, as anyone else wouldn t be able to decrypt the symmetric AES key.

问题回答

暂无回答




相关问题
Anyone feel like passing it forward?

I m the only developer in my company, and am getting along well as an autodidact, but I know I m missing out on the education one gets from working with and having code reviewed by more senior devs. ...

NSArray s, Primitive types and Boxing Oh My!

I m pretty new to the Objective-C world and I have a long history with .net/C# so naturally I m inclined to use my C# wits. Now here s the question: I feel really inclined to create some type of ...

C# Marshal / Pinvoke CBitmap?

I cannot figure out how to marshal a C++ CBitmap to a C# Bitmap or Image class. My import looks like this: [DllImport(@"test.dll", CharSet = CharSet.Unicode)] public static extern IntPtr ...

How to Use Ghostscript DLL to convert PDF to PDF/A

How to user GhostScript DLL to convert PDF to PDF/A. I know I kind of have to call the exported function of gsdll32.dll whose name is gsapi_init_with_args, but how do i pass the right arguments? BTW, ...

Linqy no matchy

Maybe it s something I m doing wrong. I m just learning Linq because I m bored. And so far so good. I made a little program and it basically just outputs all matches (foreach) into a label control. ...

热门标签