Trying to Decrypt Amazon EC2 password using BouncyCastle and it is not working

For O2’s Amazon EC2 Browser, I was adding the ability to decrypt the Instance’s Password (retrieved using the AWSSDK.dll GetPassswordDataRequest) but I can’t seem to decrypt its value, any ideas on how to do it?

Here is my the code that doesn’t work (uses BouncyCastle API)

var bytesToDecrypt = Convert.FromBase64String("...");</pre>
 

AsymmetricCipherKeyPair keyPair;
var pemFile = @"C:\...\SI_Key.pem";
using (var reader = File.OpenText(pemFile))
{
    keyPair = (AsymmetricCipherKeyPair) new PemReader(reader).ReadObject();
    var decryptEngine = new Pkcs1Encoding(new RsaEngine());
    decryptEngine.Init(false, keyPair.Private);

    var decrypted = Encoding.UTF8.GetString(decryptEngine.ProcessBlock(bytesToDecrypt, 0, bytesToDecrypt.Length));   
    return decrypted;
}

When that code executes I get the following error:

 at Org.BouncyCastle.Crypto.Encodings.Pkcs1Encoding.DecodeBlock(Byte[] input, Int32 inOff, Int32 inLen)
   at Org.BouncyCastle.Crypto.Encodings.Pkcs1Encoding.ProcessBlock(Byte[] input, Int32 inOff, Int32 length)
   at DynamicType.dynamicMethod(Object returnData, Panel panel)  StackTrace:</pre>
 

   at Org.BouncyCastle.Crypto.Encodings.Pkcs1Encoding.DecodeBlock(Byte[] input, Int32 inOff, Int32 inLen)
   at Org.BouncyCastle.Crypto.Encodings.Pkcs1Encoding.ProcessBlock(Byte[] input, Int32 inOff, Int32 length)

(the above code sample was based on this StackOverflow answer: http://stackoverflow.com/questions/243646/how-to-read-a-pem-rsa-private-key-from-net)

April 16, 2011 - Posted by Dinis Cruz | EC2

2 Comments »

[…] Trying to Decrypt Amazon EC2 password using BouncyCastle and it is not working […]

Pingback by Script to fetch and present large number of Wordpress.com blog entries « O2Platform.com for Developers | April 16, 2011 | Reply
[…] was able to solve the problem I had with decrypting the AmazonEC2 instance’s […]

Pingback by Solved the problem with decryping AmazonEC2 Instance’s password « O2Platform.com for Developers | April 16, 2011 | Reply

About

The O2 platform represents a new paradigm for how to perform, document and distribute Web Application security reviews. O2 is designed to Automate Security Consultants Knowledge and Workflows and to Allow non-security experts to access and consume Security Knowledge.

O2 can also be a very powerful prototyping and fast-development tool for .NET. Most O2 APIs are written using a Fluent API design, and its core has been published as a separate project called FluentSharp (hosted at CodePlex)

Download

Windows ClickOnce Installer:

Mailing List

The best place to keep updated with the lastest news and developers it to subscribe to the OWASP O2 Platform Mailing list (you can read its archives here)

Other websites

Search for:
Email Subscription

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 16 other followers
.NET .NET SAST AppScan ASP.NET Controls EC2 Fixing Code Fortify HacmeBank IE Automation Interoperability Java JPetStore jQuery Misc Topics Moq Network Security O2 Internals O2 Scripting OWASP Spring MVC Tools Uncategorized Veracode videos VisualStudio Vulnerabilities WatiN Windows Tools WS XSS

Categories
- .NET (43)
- .NET SAST (5)
- AntiXss (2)
- AppScan (4)
- ASP.NET Controls (3)
- ASP.NET MVC (1)
- CheckMarx (2)
- EC2 (11)
- Fixing Code (5)
- Fortify (9)
- FuzzDB (1)
- GitHub (2)
- HacmeBank (3)
- IE Automation (27)
- Interoperability (29)
- Java (3)
- JPetStore (16)
- jQuery (6)
- Mailman (2)
- MediaWiki (2)
- Misc Topics (3)
- Moq (2)
- Network Security (2)
- NMap (1)
- O2 Internals (14)
- O2 Scripting (4)
- OSX (1)
- OWASP (4)
- Python (1)
- Reflection (1)
- Spring MVC (15)
- TeamMentor (1)
- Tools (7)
- Uncategorized (5)
- Veracode (2)
- videos (7)
- VisualStudio (4)
- Vulnerabilities (2)
- WatiN (29)
- WebGoat (1)
- White_UIAutomation (1)
- Windows Tools (5)
- WS (3)
- XSS (3)
Internals

OWASP O2 Platform Blog