Using RSA KeyPair in C# server and PHP Client

Question

I have a C# server that will generate a RSA KeyValue Pair. The public key will be sent to a PHP client which will then encrypt some data and send to server. The server will then decrypt using the private key it has.

I am doing that using the following code in C# -

CspParameters cspParams = new CspParameters { ProviderType = 1 };

RSACryptoServiceProvider rsaProvider = new RSACryptoServiceProvider(1024, cspParams);

string publicKey = Convert.ToBase64String(rsaProvider.ExportCspBlob(false));
string privateKey = Convert.ToBase64String(rsaProvider.ExportCspBlob(true));

Now I need to pass on the public key generated to a PHP Client. But the problem is that Key String generated here in C# is not recognised by PHP when i use it in the function as below -

public function encrypt($data)
{
    $pubkey = 'BgIAAACkAABSU0ExAAIAAAEAAQBdZ3klDbVjH8oiBtGzHIMixo/TKPlv492kuau9chnARvkpxaRd8Qa82kIF2AvrEllhzjD07UHkVxoVZA2aYN+t'
    $pubKey4 = openssl_get_publickey(  $pubkey );

    openssl_public_encrypt($data, $encrypted, $pubKey4 )

}

openssl_public_encrypt() function shows such warning:

Warning: openssl_public_encrypt(): key parameter is not a valid public key in C:\wamp\www\rsa\index.php

Please suggest, what shall be the format of the public Key that shall be recognised by PHP.

X509 certificates are not an option.

Answer 1

According to 3v4l, openssl_get_publickey() is returning false. You need to give it a PEM formatted public key.

If you want a simpler interface that you're less likely to make a mistake that undermines the security of your application, check out libsodium.

Libsodium is a fork of NaCl, an easy-to-use high-speed software library for network communication, encryption, decryption, signatures, etc. written by Daniel J. Bernstein, Tanja Lange, and Peter Schwabe (three world-class cryptography experts known for their research into elliptic curve cryptography and side-channel cryptanalysis).

Libsodium is a portable fork of NaCl that is easier to use and has a lot of valuable features (e.g. password hashing with scrypt).

Generating a Libsodium Keypair In C#

using Sodium;

// snip

var keypair = PublicKeyBox.GenerateKeyPair();
string secretKey = Convert.ToBase64String(keypair.PrivateKey);
string publicKey = Convert.ToBase64String(keypair.PublicKey);

Be sure to read the relevant libsodium .NET documentation for how to use it.

Encrypting a Message from PHP to C#

<?php
$decoded = base64_decode($encoded_publickey);
define('YOUR_RAW_BINARY_CSHARP_PUBLIC_KEY', $decoded);

$php_keypair = \Sodium\crypto_box_keypair();
$php_public = \Sodium\crypto_box_publickey($php_keypair);
$php_secret = \Sodium\crypto_box_secretkey($php_keypair);

$nonce = \Sodium\randombytes_buf(\Sodium\CRYPTO_BOX_NONCEBYTES);

$message_keypair = \Sodium\crypto_box_keypair_from_secretkey_and_publickey(
    $php_secret,
    YOUR_RAW_BINARY_CSHARP_PUBLIC_KEY
);
$encrypted = \Sodium\crypto_box(
    $message,
    $nonce,
    $message_keypair
);

$encrypted will be raw binary; the C# app needs $nonce, $encrypted, and $php_public (in addition to its own secret key) to decrypt $encrypted to see what $message contains.

Be sure to read the relevant PHP libsodium documentation for how to use it.

Encrypting an Anonymous Message to your C# App from a PHP Script

<?php
$anon_msg = \Sodium\crypto_box_seal($message, YOUR_RAW_BINARY_CSHARP_PUBLIC_KEY);

The crypto_box_seal documentation is a must-read.