RSA server - client simulation exchange keys

Unity Engine
1

this is the code I got over the net but I haven’t been managed to use it properly

here (line 65) I should enter pubKey as privKey is SENSITIVE data and shouldn’t be used like that

TestCsp.ImportParameters(privKey);

so I tried to use pubKey but problem comes: Missing private key to decrypt value.

I tried many things and nothing worked.

so the Q is how do I send public key to client and client generates the private key?

leave the actual networking that’s done already by fishNet. I only need simulation of networking.

the full code

        void Test()
        {
            //lets take a new CSP with a new 2048 bit rsa key pair
            var ServerCsp = new RSACryptoServiceProvider(512);

            //how to get the private key
            var privKey = ServerCsp.ExportParameters(true);

            //and the public key ...
            var pubKey = ServerCsp.ExportParameters(false);

            //converting the public key into a string representation
            string pubKeyString;
            {
                //we need some buffer
                var sw = new System.IO.StringWriter();
                //we need a serializer
                var xs = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
                //serialize the key into the stream
                xs.Serialize(sw, pubKey);
                //get the string from the stream
                pubKeyString = sw.ToString();
            }
            //converting it back
            {
                //get a stream from the string
                var sr = new System.IO.StringReader(pubKeyString);
                //we need a deserializer
                var xs = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
                //get the object back from the stream
                pubKey = (RSAParameters)xs.Deserialize(sr);
            }

            //we have a public key ... let's get a new csp and load that key
            RSACryptoServiceProvider ClientCsp = new RSACryptoServiceProvider(512);
            ClientCsp.ImportParameters(pubKey);

            //we need some data to encrypt
            var plainTextData = "foobar";

            //for encryption, always handle bytes...
            var bytesPlainTextData = System.Text.Encoding.Unicode.GetBytes(plainTextData);

            //apply pkcs#1.5 padding and encrypt our data
            var bytesCypherText = ServerCsp.Encrypt(bytesPlainTextData, false);

            //we might want a string representation of our cypher text... base64 will do
            var cypherText = Convert.ToBase64String(bytesCypherText);


            /*
             * some transmission / storage / retrieval
             *
             * and we want to decrypt our cypherText
             */

            //first, get our bytes back from the base64 string ...
            bytesCypherText = Convert.FromBase64String(cypherText);

            //we want to decrypt, therefore we need a csp and load our private key
            RSACryptoServiceProvider TestCsp = new RSACryptoServiceProvider(512);
            //here I should enter pubKey as privKey is SENSITIVE data and shouldn't be used like that
            //so I tried to use pubKey but problem comes: Missing private key to decrypt value.
            TestCsp.ImportParameters(privKey);
            //decrypt and strip pkcs#1.5 padding
            bytesPlainTextData = TestCsp.Decrypt(bytesCypherText, false);

            //get our original plainText back...
            plainTextData = System.Text.Encoding.Unicode.GetString(bytesPlainTextData);
          
            Debug.Log(plainTextData);
        }
2

This is the Unity scripting forum… not too many people up on the latest cryptography stuff.

You may wish to repost your question in a forum where people work with this stuff a lot more.

If you think this is Unity-related, please use this guide to report your issue:

How to report your problem productively in the Unity3D forums:

http://plbm.com/?p=220

This is the bare minimum of information to report:

  • what you want
  • what you tried
  • what you expected to happen
  • what actually happened, log output, variable values, and especially any errors you see
    - links to actual Unity3D documentation you used to cross-check your work (CRITICAL!!!)

The purpose of YOU providing links is to make our job easier, while simultaneously showing us that you actually put effort into the process. If you haven’t put effort into finding the documentation, why should we bother putting effort into replying?

Otherwise, if you just need to figure out network-related issues in Unity, I always use this approach:

Networking, UnityWebRequest, WWW, Postman, curl, WebAPI, etc:

And setting up a proxy can be very helpful too, in order to compare traffic: