Trying to decrypt a string with public key(not private) using bouncycastle in .net

1
votes

As a sample app, I encrypted a string using an rsa public key(supplied by a 3rd party api) using BouncyCastle library in .NET. When I send this encrypted string to the said 3rd party api endpoint, it is able to decrypt it(using its private key). I don't have their private key, but, is it possible to decrypt the string on my end using just the public key that I have?

From my understanding of RSA public/private key pair, when decrypting, you use the private key stored with you to decrypt a string and use the public key to confirm that you are receiving data from a said source.

public string RsaEncryptWithPublic(string clearText
            , string publicKey)
        {
            var bytesToEncrypt = Encoding.UTF8.GetBytes(clearText);

            var encryptEngine = new Pkcs1Encoding(new RsaEngine());

            using (var txtreader = new StringReader(publicKey))
            {
                var keyParameter = (AsymmetricKeyParameter)new PemReader(txtreader).ReadObject();

                encryptEngine.Init(true, keyParameter);
            }

            var encrypted = Convert.ToBase64String(encryptEngine.ProcessBlock(bytesToEncrypt, 0, bytesToEncrypt.Length));
            return encrypted;

        }

public string RsaDecrypt(string base64Input
            , string privateKey)
        {
            var bytesToDecrypt = Convert.FromBase64String(base64Input);

            //get a stream from the string
            AsymmetricCipherKeyPair keyPair;
            var decryptEngine = new Pkcs1Encoding(new RsaEngine());

            using (var txtreader = new StringReader(privateKey))
            {
                keyPair = (AsymmetricCipherKeyPair)new PemReader(txtreader).ReadObject();

                //decryptEngine.Init(false, keyPair.Private);
                decryptEngine.Init(false, keyPair.Public);
            }

            var decrypted = Encoding.UTF8.GetString(decryptEngine.ProcessBlock(bytesToDecrypt, 0, bytesToDecrypt.Length));
            return decrypted;
        }



static void Main(string[] args)
        {
string _creditCardNumber = "5454545454545454";
string publicKey = System.IO.File.ReadAllText(@"C:\ThirdPartyKeys\RSAPublicKey_01.txt");

            var enc = new EncryptionClass();
            var encryptedWithPublic = enc.RsaEncryptWithPublic(_creditCardNumber, publicKey);
            Console.WriteLine("String: " + _creditCardNumber);
            Console.WriteLine("Encrypted String: " + encryptedWithPublic);

// Decrypt
            var outputWithPublic = enc.RsaDecrypt(encryptedWithPublic, publicKey);            

            //var outputWithPrivate = enc.RsaDecrypt(encryptedWithPrivate, _privateKey);

            Console.WriteLine("Decrypted String: " + outputWithPublic);
}

The encryption works, but when I try to decrypt with the same public key, it complains of 

Invalid Cast Exception:
Unable to cast object of type 'Org.BouncyCastle.Crypto.Parameters.RsaKeyParameters' to type 'Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair'.

at line in RsaDecrypt function:
keyPair = (AsymmetricCipherKeyPair)new PemReader(txtreader).ReadObject();
1
c#encryptionkeybouncycastlepublic
"and use the public key to confirm that you are receiving data from a said source." what you're describing is a digital signature, which is not what RSA is. With a digital signature, the message is signed using a private key, and anyone with the public key can verify that the message has not been changed. If anyone with a public key could sign the message, then anyone could tamper with it and the signature would be useless.canton7

1 Answers

1
votes

No. It's Asymmetric Encryption which means you can't decrypt it with the public key. If you could, it would defeat the purpose and anyone with the public key would be able to decrypt your secret message