RSA Decryption using BouncyCastle with private PEM file not working

Question

I'm doing some tests with BouncyCastle in C# and I want to encrypt some data and decrypt it later with a pair of keys that I have in my computer stored as PEM files.

  public static string RSABouncyEncrypt(string content)
    {
        var bytesToEncrypt = Encoding.UTF8.GetBytes(content);
        AsymmetricKeyParameter keyPair;
        using (var reader = File.OpenText(@"C:\Users\Diego\Documents\public.pem"))) 
            keyPair = (AsymmetricKeyParameter)new org.BouncyCastle.OpenSsl.PemReader(reader).ReadObject();



        var engine = new RsaEngine();
        engine.Init(true, keyPair);

        var encrypted = engine.ProcessBlock(bytesToEncrypt, 0, bytesToEncrypt.Length);

        var cryptMessage = Convert.ToBase64String(encrypted);
        Logs.Log.LogMessage("encrypted: " + cryptMessage);
        System.Windows.MessageBox.Show(cryptMessage);

        //Decrypt before return statement to check that it has been encrypted correctly
        RSADecrypt(cryptMessage);
        return cryptMessage;
    }

public static void RSADecrypt(string string64)
    {
        var bytesToDecrypt = Convert.FromBase64String(string64); // string to decrypt, base64 encoded

        AsymmetricCipherKeyPair keyPair;

        using (var reader = File.OpenText(@"C:\Users\Diego\Documents\private.pem"))
            keyPair = (AsymmetricCipherKeyPair)new Org.BouncyCastle.OpenSsl.PemReader(reader).ReadObject();

        var decryptEngine = new RsaEngine();
        decryptEngine.Init(false, keyPair.Private);

        var decrypted = Encoding.UTF8.GetString(decryptEngine.ProcessBlock(bytesToDecrypt, 0, bytesToDecrypt.Length));
        Logs.Log.LogMessage("decrypted: " + decrypted);
        System.Windows.MessageBox.Show(decrypted);
    }

The RSADecrypt function shows an error. when I show the message box after decrypting I get this:

���Z��8o>>���;;�/�Z�ב?���#�F��(͌5���o1I�,���4� S�W��)��w��x�4p�$-|А���&��Rv}�G��V�c ��&wU? �D�� }E���O����7�n��!(e��E��$y�g9ςOأ��P�� �t�d�T�nN��K$�bQ��!�v���-�Hb���1���?����@B�y� r��Le�h=*Yr�w �l�W|�嘟��|g��EV��@�[��M

which is definitely not what I encrypted. What am I doing wrong?

Answer 1

Actually the answer why it is not working is that there is no information about padding. Correct way how to instantiate RsaEngine is sth. like this

var decryptEngine = new Pkcs1Encoding(RsaEngine())

    var bytesToDecrypt = Convert.FromBase64String(string64); // string to decrypt, base64 encoded

    AsymmetricCipherKeyPair keyPair;

    using (var reader = File.OpenText(@"C:\Users\Diego\Documents\private.pem"))
        keyPair = (AsymmetricCipherKeyPair)new Org.BouncyCastle.OpenSsl.PemReader(reader).ReadObject();

    var decryptEngine = new Pkcs1Encoding(RsaEngine());
    decryptEngine.Init(false, keyPair.Private);

    var decrypted = Encoding.UTF8.GetString(decryptEngine.ProcessBlock(bytesToDecrypt, 0, bytesToDecrypt.Length));
    Logs.Log.LogMessage("decrypted: " + decrypted);
    System.Windows.MessageBox.Show(decrypted);

Answer 2

I reproduced this problem and it happened because you used a private key and a public key that don't match. In other words the message was encrypted with a private key (let's call it private_key_1) that came from one pair (private_key_1/public_key_1) but you tried to decrypt it with a public key (let's call it publick_key_2) that came from a different pair (private_key_2/public_key_2). Try to generate a new key pair and use it in your example e.g.:

var kpgen = new RsaKeyPairGenerator();
kpgen.Init(new KeyGenerationParameters(new SecureRandom(new CryptoApiRandomGenerator()), 1024));

var keyPair = kpgen.GenerateKeyPair();

using (var writer = new StreamWriter(File.OpenWrite(@"C:\Users\Diego\Documents\private2.pem")))
{
    new PemWriter(writer).WriteObject(keyPair.Private);
}

using (var writer = new StreamWriter(File.OpenWrite(@"C:\Users\Diego\Documents\public2.pem")))
{
    new PemWriter(writer).WriteObject(keyPair.Public);
}