python,.net,rsa,pycrypto,cryptoapi

The CSP blob format is proprietary to Microsoft and poorly documented. Rather than use that format I would instead use the ExportParameters method to get an RSAParameters struct. From this struct I would directly access the Exponent and Modulus byte arrays and base64 encode them for transfer to the python...

I finally fixed it by deleting the adbkey and adbkey.pub files in my .android folder, killing the adb server, unplugging my nexus, revoking USB debugging permissions, plugging my device back in, and starting the server. A prompt asking me to confirm the computer's rsa key came up, I accepted, and...

java,android,rsa,digital-signature,public-key-encryption

In rsaSign method, do the following after line s.update(data);, byte[] signature = s.sign(); Log.e("s.sign()", Base64.encodeToString(signature , Base64.DEFAULT)); return signature; Remember, A call to sign() method resets the signature object to the state it was in when previously initialized for signing via a call to initSign(PrivateKey). That is, the object is...

math,rsa,public-key-encryption,modular-arithmetic

In g^x = 1, the solution x will always be a divider of (p-1)*(q-1). Choose some different g values, and you will likely find most factors of (p-1)*(q-1). And as (p-1)(q-1) = N - p - q + 1, knowing (p-1)(q-1) and N results in knowing p + q. Knowing...

Try .setText on your JLabel. I've done a GUI here.

java,security,encryption,cryptography,rsa

You should look into implementing a hybrid cryptosystem. If I can guess your knowledge about the subject correctly you should really be using a pre-existing one like TLS, or DTLS, as you're not going to design a cryptographically safe protocol out of the blue. Note that the certificates are required...

pub_l = malloc(sizeof(pub_l)); is simply not needed. Nor is priv_l = malloc(sizeof(priv_l));. Remove them both from your function. You should be populating your out-parameters; instead you're throwing out the caller's provided addresses to populate and (a) populating your own, then (b) leaking the memory you just allocated. The result is...

java,rsa,digital-signature,sha1,public-key-encryption

When you take a look at BouncyCastle source code you will notice that both SHA1WITHRSAENCRYPTION and SHA1WITHRSA indicate the same algorithm - RSA PKCS#1 v1.5 signature with SHA-1 hash algorithm which is also identified by OID 1.2.840.113549.1.1.5.

java,encryption,rsa,bouncycastle

Yes. NativeRSAEngine is implemented with a native library, while RSAEngine is written entirely in Java. As for which is faster, there is a comment on that NativeRSAEngine Javadoc that says this is much faster using jna-gmp.

java,encryption,rsa,badpaddingexception

Thanks to shikjohari and this article here I was able to fix my code! in the doEncryption() method I modified the return as follows: return (Base64.encode(cipherText)).toString(); and in doDecryption() method I modified the return as follows: String out = decrypt(Base64.decode(input), privateKey); return out; You can get the full code from...

javascript,c++,encryption,rsa,crypto++

The PKCS#1 v1.5 Padding that is used by JSBN and your Crypto++ code is a random padding, so if you encrypt data with the same key it will look differently. You have to check whether your implementation works by encrypting on one end and decrypting on the other in both...

java,android,encryption,rsa,badpaddingexception

Unfortunaltey I currently don't have a running android system to test it but I guess that different padding algorithms may be choosen. So give it a try and explicitley choose the padding algorithm, like this: Cipher CheckCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding"); Note that you also have to choose a block-chaining-mode in this...

Thanks @Iridium's correction, Of course the 512 bits modulus should be 512 bits. I change code like this and verify returns true. case 94: modulus = new byte[64]; Array.Copy(keyBytes, 25, modulus, 0, modulus.Length); break; In the binary of public key, the line 24 described modulus was after 65 bits, but...

security,encryption,cryptography,rsa,public-key-encryption

That's the thing. If p and q are big, factoring n (calculating p and q out of it) is hard. It's also called the RSA problem. It is so hard that such a naive algorithm, as you've described it, would take many many years on an cluster to compute the...

rsa,public-key-encryption,cryptoapi,encryption-asymmetric

The problem with exporting/importing the public key was because private key was generated using AT_SIGNATURE, instead of AT_EXCHANGE. See the explanation and the example code

M2Crypto.RSA has load_key function which returns an RSA object which has save_pub_key method. from M2Crypto import RSA RSA.load_key('mykey.pem').save_pub_key('mykey.pub') ...

java,javascript,encryption,cryptography,rsa

Java/BouncyCastle and Barrett are using different paddings, so you cannot encrypt something in one and decrypt it in the other. The encryption result will also look differently. The problem is that Barrett's RSAUtils is doing a zero byte padding: while (a.length % key.chunkSize != 0) { a[i++] = 0; }...

encryption,ascii,rsa,null-character

The output of RSA is a number. Usually this number is encoded as an octet string (or byte array). You should not treat the result as a character string. You need to treat it as a byte array with the same length as the modulus (or at least the length...

Unfortunately, the code in the answer you referenced isn't really correct - it exports a private key PEM format, but with only the public key fields correctly set, this is not the same as exporting an RSA public key in standard format. I actually wrote the code in the other...

So it seems to have been the public key all along. It is pretty delicate, I was using a PEM file that was supplied to me. Along the way it seems it got HTML encoded, which meant it does not work. Using JSEncrypt this works for us - and can...

java,php,android,rsa,phpseclib

The documentation is a little confusing, but by looking at the source code for method _convertPublicKey($n, $e) starting at line 950 it appears that if $publicKeyFormat == PUBLIC_FORMAT_PKCS8 then the output format should be one that is compatible with Java's X509EncodedKeySpec class.

encryption,go,cryptography,aes,rsa

One does not usually calculate the RSA key size based on payload. One simply needs to select one RSA key size based on a compromise between security (bigger is better) and performance (smaller is better). If that is done, use hybrid encryption in conjunction with AES or another symmetric cipher...

c++,cryptography,rsa,public-key-encryption,crypto++

The Crypto++ Keys and Formats and Crypto++ RSA Cryptography pages may be of interest. If you're generating the RSA parameters like this: AutoSeededRandomPool rng; InvertibleRSAFunction params; params.GenerateRandomWithKeySize(rng, 2048); You can use the use the DEREncode and BERDecode methods of InvertibleRSAFunction to encode and decode all the parameters respectively: { FileSink...

Using knife cookbook download will attempt to download cookbook from your Chef server (or from the one you have configured in your knife.rb, and so you need the credentials to do that). To download a cookbook from Chef supermarket you must use knife cookbook site command, so for example you...

You need to remove base64_encode function in the first line. $privateKey = openssl_get_privatekey ('----- BEGIN RSA PRIVATE KEY ----- ... ... ... ----- END RSA PRIVATE KEY ----- '); ...

What you might notice is that the encrypted message changes each time it is generated: >>> import rsa >>> >>> (pubkey, privkey) = rsa.newkeys(512) >>> message = 'hello Bob!' >>> for _ in range(5): ... crypto = rsa.encrypt(message, pubkey) ... print "Ciphertext: %r" % crypto ... assert rsa.decrypt(crypto, privkey) ==...

Co-primality of integers a and b refers to the question of whether the gcd(a,b) = 1 or not. Java's BigInteger class provides the gcd method to compute this: BigInteger c = a.gcd(b); // or equivalently b.gcd(a). ...

node.js,encryption,rsa,encryption-symmetric

URSA as the name suggests is an RSA implementation and as such doesn't not handle symmetric encryption. If you want those, then you can use node.js' native crypto module which provides everything you need in this regard. Encrypt the symmetric key with the user's public key This means that the...

To get a public key from an Autenticode signed .Net library use the following code: Assembly assembly = Assembly.LoadFrom("dll_file_name"); X509Certificate certificate = assembly.ManifestModule.GetSignerCertificate(); byte[] publicKey = certificate.GetPublicKey(); But this will work only if the certificate was installed into Trusted Root Certification Authorities. Otherwise, GetSignerCertificate() returns null. The second way allows...

java-ee,rsa,public-key-encryption,public-key,pem

Java expects your key to be DER-encoded, but you are supplying PEM-encoded data. Read your file as a string, cut off the headers and base64-decode the contents. Then supply those bytes to the key factory....

c#,encryption,cryptography,rsa,bouncycastle

I was using an incorrect Public Key.. and the test that proved the Private and Public keys matched was using the correct Public Key. The above code works perfectly as is, as long as you get the keys right!...

Your current approach (using a relative filepath) depends on the location of the key file relative to the working directory at runtime, which can be non-obvious. However, you mention that the public key file is "in the same place where the .class" file is -- you can leverage this fact...

ruby,cocoa,openssl,licensing,rsa

In short you're mixing up some key concepts. Here's a quick primer on how this works. A document (your license data/email) is hashed with a digest (SHA256) Private key encrypts the hash. This is the binary signature. The binary signature needs to be encoded into a format convenient for transport,...

It appears this is not possible native to the Security framework for iOS. I have had a ton of issues getting OAEP RSA encryption to work properly cross platform. However, I did just hear from a third party library provider, Chillkat, that they are adding support for this. See: http://www.chilkatforum.com/questions/7778/ios-rsa-encryption-using-oaep-sha512...

Look at that part of your code String s = "test"; byte[] bytes = s.getBytes(); BigInteger message = new BigInteger(s); Now let's have a look at the documentation of the constructor of BigInteger which accept a String. Translates the decimal String representation of a BigInteger into a BigInteger. The String...

node.js,openssl,rsa,digital-signature,sha256

When you supply an input to a signature program, it might assume that the input is not yet hashed, and will hash it before signing. The problem here is that Node is (re-)hashing the input, while rsautl is using the input as-is. (Note that even if you separately re-hash the...

encryption,openssl,rsa,pem,cer

Using this command I was able to generate the .pem with the contents of the public key. openssl x509 -inform pem -in certificate.cer -pubkey -noout > certificate_publickey.pem Which produces: -----BEGIN PUBLIC KEY----- MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCsM+whXrxmbCkPfkwY2EehYpIp *blah blah blah blah* -----END PUBLIC KEY----- ...

python,python-3.x,encryption,rsa

The error suggests that the encrypt method does not support encrypting a string message. Try encoding your string to bytes first using encode, e.g.: print(RSAPubKey.encrypt("Hello.".encode('utf-8'), 32)) It's also worth noting that, per the documentation, encrypt performs "textbook" RSA encryption, which is insecure due to the lack of padding. You should...

I am using openssl 0.9.6g and I have created public/private keypair using RSA_generate_key(). It gives me keys like: -----BEGIN RSA PUBLIC KEY----- ... -----END RSA PUBLIC KEY----- I think what I am looking for is "how to convert rsa public key from pkcs#1 to x509 format. Yeah, .Net can...

The value of e doesn't need to be random, indeed most RSA systems use one of a small number of common e values, with the most widely used being 65537.

java,android,encryption,rsa,digital-signature

When signing you returned your signature base64-encoded: return Base64.encodeToString(signatureBytes, Base64.DEFAULT); Thus, when verifying you have to base64-decode the signature string. But what you do is: byte[] signatureBytes = signature.getBytes("UTF8"); So the signatureBytes you try to verify are completely different from the signatureBytes you had as a result of signing. You...

It is rather bothersome to store the public key as a base64 String and then convert it back (since also depending on the platform the format might vary). Using a KeyStore file would be much easier. In case this is not an option for you, there is another way. You...

I just put this together and it seems to work correctly: https://github.com/JonathonReinhart/rawrsa #include <stdio.h> #include <stdlib.h> #include <libgen.h> #include <openssl/bn.h> #include <openssl/rsa.h> #include <openssl/pem.h> static const char* appname; static void print_bn(const char *what, const BIGNUM *bn) { #ifdef DEBUG char *str = BN_bn2hex(bn); printf("%s (hex): %s\n", what, str); OPENSSL_free(str); #endif...

The command you used for generating is intended for generating self-signed certificates. Try these commands to generate a RSA keypair: openssl genrsa -out private.pem 2048 openssl rsa -in private.pem -pubout -out public.der -outform der And then this to encrypt the file: openssl rsautl -pubin -keyform der -inkey public.der -encrypt -in...

c++,encryption,openssl,rsa,envelope

ekl is a size_t, and you are casting it to an (int*). The docs for EVP_SealInit say: The actual size of each encrypted secret key is written to the array ekl. You're just passing one key, so passing the address of a single integer is sufficient, but you should be...

java,android,rsa,android-keystore

Try using PKCS8EncodedKeySpec for the private key. RSAPublicKeySpec for the public key, instead of X509EncodedKeySpec for both. Please also note that saving keys to a text file might not be the most secure idea. Android provides a nice KeyStore Api, which is easy to use....

As you may notice, the returned values are not all zeros. The first 3 bytes of the response contains the exponent. What's wrong is your usage of getSize() method. This method actually returns the key size KeyBuilder.LENGTH_RSA_512 and not the size of the key component. The size of the exponent...

java,android,encryption,cryptography,rsa

Encryption/Decryption code was fine, I was using the wrong IP address to figure out the public key. Thanks for the help though!

The problem is calling findViewById(R.id.tViewPUK) before setContentView(R.layout.activity_main);.

new String(encriptedSMS,"UTF-8") Your problem is here. encriptedSMS does not contain UTF-8 encoded text, so this is wrong. There is no correct way to "convert" a byte array into a String, unless the byte array contains encoded text (like you would get from someString.getBytes("UTF-8")). However, there are ways to encode a...

I guess this is just a padding issue. Bouncy-castle latest GIT version has the following code : nb: It was not fixed in the "Nuget" version (2011) public static RSAParameters ToRSAParameters(RsaPrivateCrtKeyParameters privKey) { RSAParameters rp = new RSAParameters(); rp.Modulus = privKey.Modulus.ToByteArrayUnsigned(); rp.Exponent = privKey.PublicExponent.ToByteArrayUnsigned(); rp.P = privKey.P.ToByteArrayUnsigned(); rp.Q = privKey.Q.ToByteArrayUnsigned();...

From Chef Authentication and Authorization with cURL, timestamp=$(date -u "+%Y-%m-%dT%H:%M:%SZ") time is in UTC, so in Python, it has to be timestamp = datetime.datetime.now(datetime.timezone.utc).strftime("%Y-%m-%dT%H:%M:%SZ") openssl equivalent of Python, dummy_sign = base64.b64encode(rsa.sign("hello".encode(), privkey, "SHA-1")) is echo -n hello|openssl dgst -sha1 -sign ~/.chef/anton.pem -keyform PEM|openssl enc -base64 In Python code, you're signing...

In public key cryptography private key signs and decrypts and public key verifies and encrypts. You cannot perform both operation without having both keys. Although, you are right that signing in case of RSA is essentially encryption with the private key, but since you don't posses private key you cannot...

I suggest you use BouncyCastle and create an AsymmetricCipherKeyPair; here is an example I adapted from RSA using BouncyCastle public static AsymmetricCipherKeyPair generateKeys(int keySizeInBits) { RSAKeyPairGenerator kpg = new RSAKeyPairGenerator(); kpg.init(new KeyGenerationParameters(new SecureRandom(), keySizeInBits)); return kpg.generateKeyPair(); } ...

c++,c,openssl,cryptography,rsa

I found the problem. After adding errors checks, I've got error "3132:error:0906D06C:lib(9):func(109):reason(108):.\crypto\pem\pem_lib.c:703:Expe cting: ANY PRIVATE KEY". After googling and reading the manuals, I understood that my private key was initialized wrong. I needed to add \n after each line in private key (after each 64th symbol). So the key in...

c#,cryptography,windows-8.1,rsa

Based on the alphabet present it is likely that the modulus and exponent are base-36 encoded.

"Pretend like i can't load any libraries at all." If that is true, you will need to implement the cipher itself plus the SSL handling layer ^_^. Assuming you are using OpenSSL and have TCP established with socket_fd, you need to create a SSL_CTX with SSL_CTX_new (SSLv23_client_method()). Normally, to set...

python,encryption,cryptography,rsa,brute-force

You should try to factor n by brute force: for i in range(n): if n%i == 0: print i , from which you will find p=7 and q=29. d = e^-1 mod phi(n) = e^-1 mod (p-1)*(q-1) therefore d = e^-1 mod 168, ergo d=162....

java,android,security,encryption,rsa

It looks like you've been undone by relying on defaults. Never do that if you hope for interoperability. Here are the two examples of mistakenly relying on defaults in your code that I've found. final Cipher cipher = Cipher.getInstance("RSA"); The tranformation string is supposed to be of the form "algorithm/mode/padding"...

shell,automation,rsa,expect,host

Make use of exp_continue for this scenario. #!/usr/bin/expect set prompt "#|>|\\\$" spawn ssh [email protected] expect { #If 'expect' sees '(yes/no )', then it will send 'yes' #and continue the 'expect' loop "(yes/no)" { send "yes\r";exp_continue} #If 'password' seen first, then proceed as such. "password" } send "root\r" expect -re $prompt...

php,android,encryption,rsa,phpseclib

Your decryption code looks wrong: cipher.doFinal(data.getBytes()) Your data variable is a string, but strings can't hold raw encrypted data without corrupting it. Unless your ciphertext is actually hex-encoded or base64-encoded etc. In which case, getBytes() is not the right way to decode that into a byte array. So either fix...

1557 ^ 998 doesn't quite fit into a long int. To be a bit more constructive: If you computed p like so, it would take longer, but avoid the overflow: p = 1; for ( i=0; i<(prime_number-1)/2; i++ ) p = (p*a) % prime_number; There are (very good) ways to...

The problem is in deserializing the signature tuple. PyCrypto is expecting a tuple with an integer as the first value, you are passing it a string with a beginning paren "(" and then a string version of a number. Instead of doing this: signature_tuple = signature.split(",") do this signature_tuple =...

java,c#,encryption,rsa,bouncycastle

The output of RSA encryption, or any secure encryption method, outputs data that is indistinguishable from random to an attacker. This is performed by the IV for symmetric ciphers and by the padding method for RSA. If this wasn't the case then an attacker would be able to see similarities...

The issue is from having mbstring function overloading enabled on the CentOS server but not locally, which is breaking some of the binary data comparisons. I'll need to find a way around that when performing the encryption.

c#,encryption,cryptography,rsa,x509certificate

As I understand, you are trying to sign some data using RSA having only a public key. RSA signing is a process of document verification. You sign a document using private key and then use public key to check if it is really yours. In other words, you cannot sign...

language-agnostic,rsa,number-theory,modular-arithmetic

Well, sort of... Suppose that you have determined the number "d" such that d*e=1 (mod phi(n)) Where phi(n) is the size of the set of relatively prime numbers relative to n. For example, if n=pq where p and q are prime, then phi(n)=(p-1)*(q-1). Then m=c^d (mod n) In the case...

c#,encryption,key,rsa,biginteger

When using RSACryptoServiceProvider Private Key is composed of Modulus, Exponent, P, Q, DP, DQ, InverseQ, and D to be set. It is best to load the key from an xml string like: string xmlKey =...

You are using an RSA key with a 3DES cipher. It's the wrong key. The private key in your question has been encrypted with 3DES, probably using password-based encryption. You'll need the key in order to decrypt the private key before you can use it for anything. Once you recover...

From my perspective, if you want use RSA, then I suggest to use nested signed and encrypted JWT. In that way the server can sign JWT with public key, and then the client can decrypt JWT with private key and validate that JWT. From the perspective of storing the keys,...

Solved this issue. The issue was because the BigInteger(byte[] array) constructor reads array in two's complement form. Because modulus byte array is not to be interpreted in two's complements form, using the above constructor can yield a negative integer. Therefore, using this constructor solves the problem BigInteger(int signum, byte[] array)....

javascript,web-applications,cryptography,rsa,token

According to your description the data in files and form fields should only every be used on the client. There is simply no need to use public-key-encryption in this case. You should use a symmetric block cipher like AES to encrypt those data and send them to the server. The...

encryption,rsa,privatekey,public-key

The RSA private key includes the values that are in the RSA public key, and some more values that are private. Futhermore, the values themselves are larger. The public key contains the modulus and the public exponent e which is short (mostly 3 or 65537). On the other hand the...

java,encryption,rsa,badpaddingexception

use base64 encoding for the output of the encryption, don't use new String() as some byte-values will not be represented correctly as string. so when reversed to bytes again it will not be the correct ciphered value here is what i mean: String msg1="Message from bob 1"; // message MSGBOB...

java,encryption,cryptography,rsa,bouncycastle

byte[] input = new byte[] { (byte) 0xbe, (byte) 0xef , (byte) 0xef}; Cipher cipher = Cipher.getInstance("RSA"); KeyFactory keyFactory = KeyFactory.getInstance("RSA"); String mod = "B390F7412F2554387597814A25BC11BFFD95DB2D1456F1B66CDF52BCC1D20C7FF24F3CCE7B2D66E143213F64247454782A377C79C74477A28AF6C317BE 68 BC 6E 8F F0 01 D3 75 F9 36 3B 5A 71 61 C2 DF BC 2E D0 85 06 97 A5 44...

c#,php,cryptography,rsa,phpseclib

I fixed the issue using the openssl on the php side and BouncyCastle on the C# side. Key is pem format. Here's how 512bit test key looks: -----BEGIN RSA PRIVATE KEY----- MIIBOgIBAAJBANDiE2+Xi/WnO+s120NiiJhNyIButVu6zxqlVzz0wy2j4kQVUC4Z RZD80IY+4wIiX2YxKBZKGnd2TtPkcJ/ljkUCAwEAAQJAL151ZeMKHEU2c1qdRKS9 sTxCcc2pVwoAGVzRccNX16tfmCf8FjxuM3WmLdsPxYoHrwb1LFNxiNk1MXrxjH3R 6QIhAPB7edmcjH4bhMaJBztcbNE1VRCEi/bisAwiPPMq9/2nAiEA3lyc5+f6DEIJ h1y6BWkdVULDSM+jpi1XiV/DevxuijMCIQCAEPGqHsF+4v7Jj+3HAgh9PU6otj2n...

You do not want to offer your .pub as your credentials. You want to use your private key on your end, so you should probably be doing ssh -v -i ~/.ssh/id_rsa [email protected] which is the deault key to use, so you can just leave off the -i flag altogether Also,...

The modulus doesn't match between public key and private key. It should match. The private key modulus is probably smaller (assuming big endian notation and same length hex strings) and that is why you're getting this error message. Since the private key contains the modulus and public exponent components, you...

java,android,encryption,base64,rsa

The issue is fixed... while decrypting we need to use RSA/ECB/NoPadding Basically when we encrypted the value using RSA in Android device decryption in a separate standalone Java env should use RSA/ECB/NoPadding in the Cipher. Android Encryption Code: public static String encrypt(String inputString, byte[] keyBytes) { Calendar cal = Calendar.getInstance();...

java,encryption,cryptography,rsa

Is the program converting the inputted values into bytes and then encrypting the bytes? Yes, encryption is usually performed on binary data. The RSA primitive on the other hand uses modular arithmetic on big integers. The RSA that you showed uses BigInteger internally which provides a constructor BigInteger(byte[] val)...

java,soap,cryptography,rsa,jks

No, just generating a PKCS#1 signature is not enough. PKCS#7 specifies the Cryptographic Message Syntax (CMS). This is a container format, not just a signature. You need an implementation of CMS to create such a signature. A well known library that contains an implementation of CMS is Bouncy Castle: Generators/Processors...

This is the simple form - including the header and footer and extra newlines. Most certificate programs can handle this form just fine.

javascript,python,encryption,rsa

Both private and public keys contain the modulus n. The public key contains the modulus and the encryption (public) exponent e, the private key contains the modulus and the decryption (private) exponent d. So what you have to do is to simply extract the three values n, d, e from...

ios,objective-c,encryption,rsa

I finally found a solution: Using shorter Blocks of Data! Background (posted by Hohl - here): Using RSA with large blocks of data seems to be a common issue. Some wrappers handle this by splitting the data into smaller blocks and encrypting every block separately. But since RSA isn't intended...

Here the code then the proposed solution for you thanks! #include <stdio.h> #include <stdlib.h> #include <time.h> #include <gmp.h> main() { mpz_t b; mpz_init(b); int escero; unsigned long numero,a; … printf("Introduzca el numero a testear\n"); scanf("%lu",&a); numero=a; srand((unsigned int)time(0)); mpz_t A,P,P1; mpz_init(A); mpz_init(P); mpz_init(P1); … while (1) { a=rand()%(numero-1)+2;//0<a<numero mpz_set_ui(A,a); mpz_set_ui(P1,...

c#,rsa,sign,rsacryptoserviceprovider

You are treating some arbitrary bytes as a UTF-8 encoded string (SignedData) This is incorrect because not all byte sequences are valid. I suspect the encoder is throwing out the invalid bytes, causing verification to fail. You should use Base64 encoding to preserve the binary data in a string format...

PKCS1 padding adds an element of randomness into the encryption. If you encrypt the same thing twice, you should get different ciphertexts. But both ciphertexts should decrypt to the same plaintext (modulo the added randomness, which should be handled by the PKCS1 implementation). https://en.wikipedia.org/wiki/Optimal_asymmetric_encryption_padding...

ssl,rsa,android-5.0-lollipop,android-4.4-kitkat,public-key

One bug is how you created the RSAPublicKeySpec: new RSAPublicKeySpec(new BigInteger(modulusBytes), new BigInteger(exponentBytes)); In case the first bit of the modulusBytes or exponentBytes is one the number will be interpreted as negative value. When you work with RSA numbers and BigInteger always use the constructor BigInteger (int signum, byte[] magnitude)...

The private key you're passing is invalid; it's missing newlines. There needs to be one right after the -----BEGIN PRIVATE KEY----- header, another one before the corresponding footer, and one after every 64 characters in the body, e.g. std::string privateKey = "-----BEGIN RSA PRIVATE KEY-----\n" "MIIEogIBAAKCAQEAris+hDVFJ4l1PQnpToA+qE5ZpMT1maGngVFVy8JYdmhOALP/\n" "ETGiKU7MavTPFJmOy+vRlR6OdfsJgAq1tX7RGt0ua1S0bjq8BTWBi1Ja244uIbg+\n" /* ... */...

.net,cryptography,rsa,encryption-asymmetric

Yes it is possible with the .NET Framework, and yes it is also possible with BouncyCastle (latter confirmed from inspection of source, as official documentation for the .NET version of BouncyCastle seems to be scarce). Some .NET framework classes you should have a look at: RSACryptoServiceProvider (MSDN) - there is...