I need to make RSA encryption by javascript for the user login password that sent from the login page in web application to the server to be decrypted by C# library provided by http://www.bouncycastle.org/csharp.
using the following code:
protected void Session_Start(object sender, EventArgs e)
{
if (System.Runtime.Caching.MemoryCache.Default.Get("privateKey") == null)
{
RsaKeyPairGenerator rsaKeyPairGnr = new RsaKeyPairGenerator();
rsaKeyPairGnr.Init(new Org.BouncyCastle.Crypto.KeyGenerationParameters(new SecureRandom(), 1024));
Org.BouncyCastle.Crypto.AsymmetricCipherKeyPair keyPair = rsaKeyPairGnr.GenerateKeyPair();
SubjectPublicKeyInfo publicKeyInfo = SubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(keyPair.Public);
var pubKeyPEM = FormatPem(publicKeyInfo.GetEncoded().ToBase64(), "PUBLIC KEY");
RsaKeyParameters publicKey = (RsaKeyParameters)keyPair.Public;
RsaKeyParameters privateKey = (RsaKeyParameters)keyPair.Private;
System.Runtime.Caching.MemoryCache.Default.Add("publicKey", pubKeyPEM, DateTimeOffset.MaxValue);
System.Runtime.Caching.MemoryCache.Default.Add("publicKeyX", publicKey, DateTimeOffset.MaxValue);
System.Runtime.Caching.MemoryCache.Default.Add("privateKey", privateKey, DateTimeOffset.MaxValue);
}
}
private static string FormatPem(string pem, string keyType)
{
var sb = new StringBuilder();
sb.AppendFormat("-----BEGIN {0}-----\n", keyType);
int line = 1, width = 64;
while ((line - 1) * width < pem.Length)
{
int startIndex = (line - 1) * width;
int len = line * width > pem.Length
? pem.Length - startIndex
: width;
sb.AppendFormat("{0}\n", pem.Substring(startIndex, len));
line++;
}
sb.AppendFormat("-----END {0}-----\n", keyType);
return sb.ToString();
}
<asp:Button ID="LoginButton" runat="server" OnClientClick="onLoginButtonClicked()" CommandName="Login" Text="Log In" ValidationGroup="Login1" />
function onLoginButtonClicked() {
var key = $("#<%= hdnkey.ClientID%>").val();
var password = $("#Login1_Password").val();
var encrypt = new JSEncrypt();
encrypt.setPublicKey(key);
var encrypted = encrypt.encrypt(password);
$("#<%= hdnEncryptedPass.ClientID%>").val(encrypted);
}
protected void Page_Load(object sender, EventArgs e)
{
if (IsPostBack) return;
if (System.Runtime.Caching.MemoryCache.Default.Get("publicKey") != null)
{
var publicKey = System.Runtime.Caching.MemoryCache.Default.Get("publicKey");
this.hdnkey.Value = publicKey.ToString();
}
}
protected void Login1_Authenticate(object sender, AuthenticateEventArgs e)
{
try
{
RsaKeyParameters privateKey = (RsaKeyParameters)System.Runtime.Caching.MemoryCache.Default.Get("privateKey");
string encrypted = this.hdnEncryptedPass.Value;
SHA512Managed hash = new SHA512Managed();
SecureRandom randomNumber = new SecureRandom();
byte[] encodingParam = hash.ComputeHash(Encoding.UTF8.GetBytes(randomNumber.ToString()));
IAsymmetricBlockCipher cipher = new RsaEngine();
UTF8Encoding utf8enc = new UTF8Encoding();
cipher.Init(false, privateKey);
byte[] ciphered = Encoding.UTF8.GetBytes(encrypted);
byte[] deciphered = cipher.ProcessBlock(ciphered, 0, ciphered.Length);
var pass = utf8enc.GetString(deciphered);
}
catch (Exception ee)
{
throw;
}
e.Authenticated = Membership.ValidateUser(Login1.UserName, Login1.Password);
}
What I have tried:
i tried the .NET library on www.bouncycastle.org/csharp but it is server side code only.i need the javascript code that made encryption with RSA encryption and compatible with RSA encryption implemented with C# and .NET framework by the bouncy castle library.
i tried the javascript library Jscript and it failed.
**the Javascript code encrypt the password and send it to server with larger length than the size that the decrypt method accept.