The RSACryptoServiceProvider is not implemented in .NET Core yet so while I have managed to generate keys I cannot get Encrypt or Decrpyt to work so I need my own alternatives.
I cant find anything useful on line to guide me.
The logic I want to implement is
1. Client calls API for RSA public key
2. API supplies public key
3. Client generates one off AES Key
4. Client encrypts AES key using RSA public key
5. Client encrypts credentials using AES Key
6. Client calls API for JWT supplying the encrypted AES Key and the encrypted credentials
7. API uses RSA private key to decrypt AES Key
8. API uses AES key to decrypt credentials
9. API uses credentials to validate client
10. If valid, API issues JWT
What I have tried:
I've tried using RSACryptoServiceProvider directly my code and I've experimented with Netcore.Encrypt (I may have been too quick to set that aside). I've also done extensive searching online.
Logic above fails at step 7. For the avoidance of doubt, the client is not a .NET Core module (its .NET 4.7.2) which is what allows me past step 5.
The message generated is:
Operation is not supported on this platform.
and the stack trace is:
at System.Security.Cryptography.RSA.FromXmlString(String xmlString)
at CMDS.Infrastructure.Cryptography.CryptoEngine.DecryptData(String privateKey, Byte[] dataToDecrypt) in D:\OneDrive\SBSB\projects\CentralMessageDistributionService_CoreAPI\CentralMessageDistributionService_CoreAPI\Infrastructure\Cryptography\CryptoEngine.cs:line 77
at CMDS.Controllers.KeyController.GetJWTalt(String symmetricKeyEncryptedAsJson) in D:\OneDrive\SBSB\projects\CentralMessageDistributionService_CoreAPI\CentralMessageDistributionService_CoreAPI\Controllers\KeyController.cs:line 196
and this is the code snippet:
byte[] decryptedData;
using (RSACryptoServiceProvider rsa = new RSACryptoServiceProvider())
{
rsa.FromXmlString(privateKey);
decryptedData = rsa.Decrypt(dataToDecrypt, false);
}
When I extracted it for this edit, I realized its the FromXmlString that is throwing out the exception. I already had to replace it for key generation, this is where the known issue is, so if I can come up with an overload of my own method that will set private key then I should get it done.