how to read a RSA public key from a pem file OR xml file

Question

Hello,

I have a simple thing to do : I want to encryt data using AES algorythm and a key contained in a pem file, like shown on the page : http://msdn.microsoft.com/en-us/library/sb7w85t6.aspx

In this example, a new encryption key is created every time the function is run. But I need to read this key from either a pem file or an xml file but I can't find a way to do it.

Is there a simple way to read a key from a pem file and convert it into a byte array (byte[]) ?

I am using C# - .net Framework 3.5 and the key in the file is the RSA public key of our partner.

Answer 1

What kind of XML file is the RSA key in?

.Net's RSACryptoServiceProvider class can read public keys from XML using the FromXmlString method in the following format:

<RSAKeyValue>
    <Modulus>3EgNS5XumwoQYU4uvr2OTtlZ4YJWUcGqTAVLQPtzejB7JSiETGdveuH7jGRFi2lNqruRL+SGpr6KJvvijG7wOQheIsJC48lDnS692pZH3rDcWgGuqjwssFKhJ5GSu3Tetrf4DOKVOeTaG5cU0pATV6aDU0Npy0a+5vkU5e3+5jE=</Modulus>
    <Exponent>AQAB</Exponent>
</RSAKeyValue>

---

EDIT

As I understand your procedure, you're using the RSA public key as an AES symmetric key. DO NOT DO THIS! It adds the illusion of security without doing anything to protect your data. As an analogy, it's like sending a safe along with its key, but putting the key in a pink box first. If you do it this way, anyone who gets the public RSA key will be able to decrypt your data; the private RSA key wouldn't be used at all.

If a third party is forcing you to do it this way, show them this answer, or ask any half-decent cryptographer.

DO NOT ALLOW THEM TO DO IT THIS WAY

---

What you should be doing is creating a random AES key, encrypting it with the RSA public key, and then sending the encrypted key along with the encrypted data. This way, the data will only be readable by people who have the private RSA key, as anyone else wouldn't be able to decrypt the symmetric AES key.

Answer 2

what about using pem in RSA?