RSA Async Encryption Fun

Hello everyone,

I’m trying to configure a simple two-way conversation between two programs using RSA public and private keys to encrypt the traffic. One side is written in Xojo, the other is a Go command line.

I’m having trouble getting them to understand each other.

On the Xojo side, I am using this to create a public key for transmission:

[code]// Create a DER-formatted text version of the public key
Const header = “-----BEGIN RSA PUBLIC KEY-----”
Const footer = “-----END RSA PUBLIC KEY-----”

Dim blockKey As MemoryBlock
blockKey= crypto.DEREncodePublicKey(ModEncrypt.publicKey)
Dim keyStr As String
keyStr = blockKey
// Translate to a text format for transmission
Dim TransformedPublicKey As String
TransformedPublicKey = header+ EndOfLine + keyStr + EndOfLine + footer

// Transform the string into a UTF-8 Base64 string
TransformedPublicKey = EncodeBase64(TransformedPublicKey)

// Combine tokens
ModEncrypt.DERPublicKey = TransformedPublicKey[/code]

The key in ModEncrypt.publicKey is generated with Crypto.RSAGenerateKeyPair(4096, ModEncrypt.privateKey,ModEncrypt.publicKey)

Then the key is written with a call to App.socket.Write(ModEncrypt.DERPublicKey) to the other program, written in Go.

If I try decoding the other side after using base64.StdEncoding.DecodeString(ClientPubKeyB64) on the received message from Xojo, x509.ParsePKCS1PublicKey and x509.ParsePKIXPublicKey give:

ERROR: asn1: structure error: tags don’t match (16 vs {class:0 tag:13 length:45 isCompound:true}) {optional:false explicit:false application:false private:false defaultValue: tag: stringType:0 timeType:0 set:false omitEmpty:false} pkcs1PublicKey @2[/quote]

Without trying to parse it into a *rsa.PublicKey in Go, the Go side sees this Base64:


And the de-base64’ed version appears to be []byte, with the BEGIN and END header and footer (posting the text here inserts a control character that cuts off the post, apparently…)

Anyone know what I’m doing wrong to get the two to exchange keys in an understandable way?

My (weak) understanding is that RSA may use different hashes under the hood. Xojo uses SHA1, but more modern implementations use something stronger, like SHA256, and there is no way to tell Xojo to do it differently.

See what Go uses under the hood. If it’s not SHA1, you might have reconsider your approach, like maybe using a plugin.

In every file I have seen, the header and footer are plain text, not base64.
Try this:

TransformedPublicKey =  header+ EndOfLine + EncodeBase64(keyStr) + EndOfLine + footer