views:

770

answers:

2

Hello,

I have a simple thing to do : I want to encryt data using AES algorythm and a key contained in a pem file, like shown on the page : http://msdn.microsoft.com/en-us/library/sb7w85t6.aspx

In this example, a new encryption key is created every time the function is run. But I need to read this key from either a pem file or an xml file but I can't find a way to do it.

Is there a simple way to read a key from a pem file and convert it into a byte array (byte[]) ?

I am using C# - .net Framework 3.5 and the key in the file is the RSA public key of our partner.

+1  A: 

What kind of XML file is the RSA key in?

.Net's RSACryptoServiceProvider class can read public keys from XML using the FromXmlString method in the following format:

<RSAKeyValue>
    <Modulus>3EgNS5XumwoQYU4uvr2OTtlZ4YJWUcGqTAVLQPtzejB7JSiETGdveuH7jGRFi2lNqruRL+SGpr6KJvvijG7wOQheIsJC48lDnS692pZH3rDcWgGuqjwssFKhJ5GSu3Tetrf4DOKVOeTaG5cU0pATV6aDU0Npy0a+5vkU5e3+5jE=</Modulus>
    <Exponent>AQAB</Exponent>
</RSAKeyValue>


EDIT

As I understand your procedure, you're using the RSA public key as an AES symmetric key. DO NOT DO THIS! It adds the illusion of security without doing anything to protect your data. As an analogy, it's like sending a safe along with its key, but putting the key in a pink box first. If you do it this way, anyone who gets the public RSA key will be able to decrypt your data; the private RSA key wouldn't be used at all.

If a third party is forcing you to do it this way, show them this answer, or ask any half-decent cryptographer.

DO NOT ALLOW THEM TO DO IT THIS WAY


What you should be doing is creating a random AES key, encrypting it with the RSA public key, and then sending the encrypted key along with the encrypted data. This way, the data will only be readable by people who have the private RSA key, as anyone else wouldn't be able to decrypt the symmetric AES key.

SLaks
Yes it is this kind of Xml. I used the RSACryptoServiceProvider to load it but I could not find a way to convert the loaded key into a byte[]
Nicolas Riou
Why are you trying to convert the key into a `byte[]`? Are you confusing RSA keys with AES keys?
SLaks
Actually, I have a RSA key that I have to use to run AES Algorythm.I know it is wierd, but I have no choice. I have to send to our partner an xml file Encrypted in AES with a RSA key ...
Nicolas Riou
Your partner is making a terrible mistake and will regret it if the data is sensitive. What you should be doing is creating a random AES key, encrypting it with the RSA public key, and then sending the encrypted key along with the encrypted data. This way, the it will only be possible to decrypt the data using the RSA _private_ key. If you do it the way you've described, you don't get any benefit from RSA, and anyone who sees the RSA _public_ key wil be able to decrypt your data.
SLaks
You are definitly right and your comment makes me think there must be a mistake in our partner's encryption documentation. Thank you for your quick and precious help.
Nicolas Riou
A: 

what about using pem in RSA?

mjd