the parameter is incorrect. rsa decryption error-CodePudding

I have a server client system which uses rsa encryption to send rijindal keys.

this is called key encapsulation.

right now I already sent the RSA public keys, I tested the code with regular string and those work

now I'm transferring the keys after being encrypted(encrypted is working with strings so its ok?).

my rajindal key(what I encrypt)

61,87,46,105,139,250,42,153,173,72,205,42,26,36,227,156,50,160,38,95,180,237,17,183,232,37,215,136,179,75,227,204

what comes out

1,10,38,205,13,99,127,55,139,71,212,100,221,181,175,93,84,228,31,116,190,254,220,41,64,253,135,146,128,115,174,234,52,84,220,98,34,253,167,77,24,166,104,119,133,173,199,155,236,32,107,10,7,153,253,242,197,80,136,117,177,217,153,97,65,132,29,23,42,157,206,91,183,133,34,204,143,83,13,244,120,115,59,50,196,176,8,146,90,189,195,249,171,120,96,54,85,6,234,129,166,94,255,202,76,249,153,107,146,64,221,45,50,50,237,113,138,152,85,39,113,90,215,197,235,121,23,191

what is sent to the server

"###KEY191,23,121,235,197,215,90,113,39,85,152,138,113,237,50,50,45,221,64,146,107,153,249,76,202,255,94,166,129,234,6,85,54,96,120,171,249,195,189,90,146,8,176,196,50,59,115,120,244,13,83,143,204,34,133,183,91,206,157,42,23,29,132,65,97,153,217,177,117,136,80,197,242,253,153,7,10,107,32,236,155,199,173,133,119,104,166,24,77,167,253,34,98,220,84,52,234,174,115,128,146,135,253,64,41,220,254,190,116,31,228,84,93,175,181,221,100,212,71,139,55,127,99,13,205,38,10,1"

now at this point the server will receive the message and will execute the following code

if (messageReceived.StartsWith("###KEY"))
                {
                    Console.WriteLine(messageReceived);
                    string tempkey = messageReceived.Remove(0, 6);
                    this.key = rsa.DecryptBytes(tempkey);
                    
                    myRijndael.Key = key;
                    Console.WriteLine(tempkey);
                    SendMessage("keyOK");
                }

temp key will be

191,23,121,235,197,215,90,113,39,85,152,138,113,237,50,50,45,221,64,146,107,153,249,76,202,255,94,166,129,234,6,85,54,96,120,171,249,195,189,90,146,8,176,196,50,59,115,120,244,13,83,143,204,34,133,183,91,206,157,42,23,29,132,65,97,153,217,177,117,136,80,197,242,253,153,7,10,107,32,236,155,199,173,133,119,104,166,24,77,167,253,34,98,220,84,52,234,174,115,128,146,135,253,64,41,220,254,190,116,31,228,84,93,175,181,221,100,212,71,139,55,127,99,13,205,38,10,1

which is good.

going into the decryptBytes which receives a string called data and returns a byte[]

try
        {
            var dataArray = data.Split(',');
            byte[] dataByte = new byte[dataArray.Length];
            for (int i = 0; i < dataArray.Length; i  )
            {
                dataByte[i] = Convert.ToByte(dataArray[i]);
            }

            _rsa.FromXmlString(_privateKey);
            var decryptedByte = _rsa.Decrypt(dataByte, false);
            return decryptedByte;
        }
        catch (Exception e)
        {
            Console.WriteLine(e);
        }

        return new byte[7];

RSA class looks like this

public RSA()
    {
        _encoder = new UnicodeEncoding();
        _rsa = new RSACryptoServiceProvider();

        _privateKey = _rsa.ToXmlString(true);
        _publicKey = _rsa.ToXmlString(false);
    }

I have no trouble with the conversion part and dataByte will be what it needs to be aka the key that was sent.

my issue is in the following line

var decryptedByte = _rsa.Decrypt(dataByte, false);

which gives me back the exception {"The parameter is incorrect."}

now I've searched online and found a few explanations.

1- the keys have changed 2- I need to change false to true (didn't work).

let me know if any more code is needed

CodePudding user response：

For some reason you seem to have reversed the ciphertext. RSA ciphertext is always encoded in the same order, specified by the PKCS#1 standard (nowadays an RFC). It specifies static sized, unsigned big endian for the ciphertext encoding of the RSA result (which is a number created by modular exponentiation).

What is being sent to the server should start with a 1, not a 191, the 2nd and third string need to be identical except for the header.

Note that keys are not encoded according to the PKCS#1 specifications, because Microsoft is special that way. You may need to reverse a modulus or an exponent if you're working with other systems.

Note that quite often you can sent the bytes directly, many transport protocols allow for binary communication. If you're using text you could at least encode to base 64, which is relatively efficient using 4 characters for each 3 bytes.