RSA Async Encryption Fun

Hello everyone,

I’m trying to configure a simple two-way conversation between two programs using RSA public and private keys to encrypt the traffic. One side is written in Xojo, the other is a Go command line.

I’m having trouble getting them to understand each other.

On the Xojo side, I am using this to create a public key for transmission:

[code]// Create a DER-formatted text version of the public key
Const header = “-----BEGIN RSA PUBLIC KEY-----”
Const footer = “-----END RSA PUBLIC KEY-----”

Dim blockKey As MemoryBlock
blockKey= crypto.DEREncodePublicKey(ModEncrypt.publicKey)
Dim keyStr As String
keyStr = blockKey
// Translate to a text format for transmission
Dim TransformedPublicKey As String
TransformedPublicKey = header+ EndOfLine + keyStr + EndOfLine + footer

// Transform the string into a UTF-8 Base64 string
TransformedPublicKey = EncodeBase64(TransformedPublicKey)

// Combine tokens
ModEncrypt.DERPublicKey = TransformedPublicKey[/code]

The key in ModEncrypt.publicKey is generated with Crypto.RSAGenerateKeyPair(4096, ModEncrypt.privateKey,ModEncrypt.publicKey)

Then the key is written with a call to App.socket.Write(ModEncrypt.DERPublicKey) to the other program, written in Go.

If I try decoding the other side after using base64.StdEncoding.DecodeString(ClientPubKeyB64) on the received message from Xojo, x509.ParsePKCS1PublicKey and x509.ParsePKIXPublicKey give:

[quote]
ERROR: asn1: structure error: tags don’t match (16 vs {class:0 tag:13 length:45 isCompound:true}) {optional:false explicit:false application:false private:false defaultValue: tag: stringType:0 timeType:0 set:false omitEmpty:false} pkcs1PublicKey @2[/quote]

Without trying to parse it into a *rsa.PublicKey in Go, the Go side sees this Base64:

[quote]LS0tLS1CRUdJTiBSU0EgUFVCTElDIEtFWS0tLS0tCjCCAggCggIBAKRYDDuPhrAW7yHs9IKs52mb
i1AVD3L3JBUV84Oas+teH3F2onGBv+nV9c2c+bBrC1PxXkG9s+XnO9qEWjwbSFCwmI7wCBjvMaIH
VWmiIjwKqoGxdLBCdrtFHpwOgnvlKgOudU6gnr5rIcxhlQiGwe9YiPuU/4oRh1YtNqBh9OxEp0PW
e51fXELLs4X+1o6+ILGYcGV308FWwp3gkSVq5up00Fm6Dml5DwrbgrRif7AVum1ogD6VUSvfhM/h
m2n/Opzp7AQKU8sUt0caYaROahs8O1m7TVfs93xniiIs0GDAE1oLiFxvLCmnp2t2k1yfLfDjAJoo
WBSGQCYu0/6CJ3kMH7AWOenu5qkEISfE0y4UbwwJLODM2fx0GhXazkHBeUm32AE2It5S5tpIm5pZ
lkOzIBtYK4iJZ/IrepVF5Af66PnSZC5HUVJ2yRK4ye7TL/RYbQcbynLFKjjzjh0iKxaoEPqM/id4
FDfuLHIzG+aOGMixLdAc03UEPWanu1nYTKY1TAZGcl6twjb9ObVVD95o7Ok0jFwJApyph6Y/J6fI
HtKb6mESN6GXJVkyQjheDPyBCBm5CSBV23Zm2MVtW1ReY8qxa8IC3AxEfrTm6LrbQLUxkozwnJTc
JD9thXHhqor//s+7nnic59OMYs78ylNJU7lwT7OP7GOhFFW/MsJ5AgERCi0tLS0tRU5EIFJTQSBQ
VUJMSUMgS0VZLS0tLS0=[/quote]

And the de-base64’ed version appears to be []byte, with the BEGIN and END header and footer (posting the text here inserts a control character that cuts off the post, apparently…)

Anyone know what I’m doing wrong to get the two to exchange keys in an understandable way?

My (weak) understanding is that RSA may use different hashes under the hood. Xojo uses SHA1, but more modern implementations use something stronger, like SHA256, and there is no way to tell Xojo to do it differently.

See what Go uses under the hood. If it’s not SHA1, you might have reconsider your approach, like maybe using a plugin.

In every file I have seen, the header and footer are plain text, not base64.
Try this:

TransformedPublicKey =  header+ EndOfLine + EncodeBase64(keyStr) + EndOfLine + footer