Export (0) Print
Expand All
6 out of 9 rated this helpful - Rate this topic

RSACryptoServiceProvider Class

Performs asymmetric encryption and decryption using the implementation of the RSA algorithm provided by the cryptographic service provider (CSP). This class cannot be inherited.

System.Object
  System.Security.Cryptography.AsymmetricAlgorithm
    System.Security.Cryptography.RSA
      System.Security.Cryptography.RSACryptoServiceProvider

Namespace:  System.Security.Cryptography
Assembly:  mscorlib (in mscorlib.dll)
[ComVisibleAttribute(true)]
public sealed class RSACryptoServiceProvider : RSA, 
	ICspAsymmetricAlgorithm

The RSACryptoServiceProvider type exposes the following members.

  NameDescription
Public methodRSACryptoServiceProvider()Initializes a new instance of the RSACryptoServiceProvider class using the default key.
Public methodRSACryptoServiceProvider(CspParameters)Initializes a new instance of the RSACryptoServiceProvider class with the specified parameters.
Public methodRSACryptoServiceProvider(Int32)Initializes a new instance of the RSACryptoServiceProvider class with the specified key size.
Public methodRSACryptoServiceProvider(Int32, CspParameters)Initializes a new instance of the RSACryptoServiceProvider class with the specified key size and parameters.
Top
  NameDescription
Public propertyCspKeyContainerInfoGets a CspKeyContainerInfo object that describes additional information about a cryptographic key pair.
Public propertyKeyExchangeAlgorithmGets the name of the key exchange algorithm available with this implementation of RSA. (Overrides AsymmetricAlgorithm.KeyExchangeAlgorithm.)
Public propertyKeySizeGets the size of the current key. (Overrides AsymmetricAlgorithm.KeySize.)
Public propertyLegalKeySizesGets the key sizes that are supported by the asymmetric algorithm. (Inherited from AsymmetricAlgorithm.)
Public propertyPersistKeyInCspGets or sets a value indicating whether the key should be persisted in the cryptographic service provider (CSP).
Public propertyPublicOnlyGets a value that indicates whether the RSACryptoServiceProvider object contains only a public key.
Public propertySignatureAlgorithmGets the name of the signature algorithm available with this implementation of RSA. (Overrides AsymmetricAlgorithm.SignatureAlgorithm.)
Public propertyStatic memberUseMachineKeyStoreGets or sets a value indicating whether the key should be persisted in the computer's key store instead of the user profile store.
Top
  NameDescription
Public methodClearReleases all resources used by the AsymmetricAlgorithm class. (Inherited from AsymmetricAlgorithm.)
Public methodDecryptDecrypts data with the RSA algorithm.
Public methodDecryptValueThis method is not supported in the current version. (Overrides RSA.DecryptValue(Byte[]).)
Public methodDispose()Releases all resources used by the current instance of the AsymmetricAlgorithm class. (Inherited from AsymmetricAlgorithm.)
Public methodEncryptEncrypts data with the RSA algorithm.
Public methodEncryptValueThis method is not supported in the current version. (Overrides RSA.EncryptValue(Byte[]).)
Public methodEquals(Object)Determines whether the specified object is equal to the current object. (Inherited from Object.)
Public methodExportCspBlobExports a blob containing the key information associated with an RSACryptoServiceProvider object.
Public methodExportParametersExports the RSAParameters. (Overrides RSA.ExportParameters(Boolean).)
Public methodFromXmlStringInitializes an RSA object from the key information from an XML string. (Inherited from RSA.)
Public methodGetHashCodeServes as the default hash function. (Inherited from Object.)
Public methodGetTypeGets the Type of the current instance. (Inherited from Object.)
Public methodImportCspBlobImports a blob that represents RSA key information.
Public methodImportParametersImports the specified RSAParameters. (Overrides RSA.ImportParameters(RSAParameters).)
Public methodSignData(Byte[], Object)Computes the hash value of the specified byte array using the specified hash algorithm, and signs the resulting hash value.
Public methodSignData(Stream, Object)Computes the hash value of the specified input stream using the specified hash algorithm, and signs the resulting hash value.
Public methodSignData(Byte[], Int32, Int32, Object)Computes the hash value of a subset of the specified byte array using the specified hash algorithm, and signs the resulting hash value.
Public methodSignHashComputes the signature for the specified hash value by encrypting it with the private key.
Public methodToStringReturns a string that represents the current object. (Inherited from Object.)
Public methodToXmlStringCreates and returns an XML string containing the key of the current RSA object. (Inherited from RSA.)
Public methodVerifyDataVerifies that a digital signature is valid by determining the hash value in the signature using the provided public key and comparing it to the hash value of the provided data.
Public methodVerifyHashVerifies that a digital signature is valid by determining the hash value in the signature using the provided public key and comparing it to the provided hash value.
Top

This is the default implementation of RSA.

The RSACryptoServiceProvider supports key sizes from 384 bits to 16384 bits in increments of 8 bits if you have the Microsoft Enhanced Cryptographic Provider installed. It supports key sizes from 384 bits to 512 bits in increments of 8 bits if you have the Microsoft Base Cryptographic Provider installed.

Valid key sizes are dependent on the cryptographic service provider (CSP) that is used by the RSACryptoServiceProvider instance. Windows CSPs enable keys sizes of 384 to 16384 bits for Windows versions prior to Windows 8.1, and key sizes of 512 to 16384 bits for Windows 8.1. For more information, see CryptGenKey function in the Windows documentation.

Interoperation with the Microsoft Cryptographic API (CAPI)

Unlike the RSA implementation in unmanaged CAPI, the RSACryptoServiceProvider class reverses the order of an encrypted array of bytes after encryption and before decryption. By default, data encrypted by the RSACryptoServiceProvider class cannot be decrypted by the CAPI CryptDecrypt function and data encrypted by the CAPI CryptEncrypt method cannot be decrypted by the RSACryptoServiceProvider class.

If you do not compensate for the reverse ordering when interoperating between APIs, the RSACryptoServiceProvider class throws a CryptographicException.

To interoperate with CAPI, you must manually reverse the order of encrypted bytes before the encrypted data interoperates with another API. You can easily reverse the order of a managed byte array by calling the Array.Reverse method.

The following code example uses the RSACryptoServiceProvider class to encrypt a string into an array of bytes and then decrypt the bytes back into a string.

using System;
using System.Security.Cryptography;
using System.Text;

class RSACSPSample
{

    static void Main()
    {
        try
        {
            //Create a UnicodeEncoder to convert between byte array and string.
            UnicodeEncoding ByteConverter = new UnicodeEncoding();

            //Create byte arrays to hold original, encrypted, and decrypted data. 
            byte[] dataToEncrypt = ByteConverter.GetBytes("Data to Encrypt");
            byte[] encryptedData;
            byte[] decryptedData;

            //Create a new instance of RSACryptoServiceProvider to generate 
            //public and private key data. 
            using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
            {

                //Pass the data to ENCRYPT, the public key information  
                //(using RSACryptoServiceProvider.ExportParameters(false), 
                //and a boolean flag specifying no OAEP padding.
                encryptedData = RSAEncrypt(dataToEncrypt, RSA.ExportParameters(false), false);

                //Pass the data to DECRYPT, the private key information  
                //(using RSACryptoServiceProvider.ExportParameters(true), 
                //and a boolean flag specifying no OAEP padding.
                decryptedData = RSADecrypt(encryptedData, RSA.ExportParameters(true), false);

                //Display the decrypted plaintext to the console. 
                Console.WriteLine("Decrypted plaintext: {0}", ByteConverter.GetString(decryptedData));
            }
        }
        catch (ArgumentNullException)
        {
            //Catch this exception in case the encryption did 
            //not succeed.
            Console.WriteLine("Encryption failed.");

        }
    }

    static public byte[] RSAEncrypt(byte[] DataToEncrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding)
    {
        try
        {
            byte[] encryptedData;
            //Create a new instance of RSACryptoServiceProvider. 
            using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
            {

                //Import the RSA Key information. This only needs 
                //toinclude the public key information.
                RSA.ImportParameters(RSAKeyInfo);

                //Encrypt the passed byte array and specify OAEP padding.   
                //OAEP padding is only available on Microsoft Windows XP or 
                //later.  
                encryptedData = RSA.Encrypt(DataToEncrypt, DoOAEPPadding);
            }
            return encryptedData;
        }
        //Catch and display a CryptographicException   
        //to the console. 
        catch (CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return null;
        }

    }

    static public byte[] RSADecrypt(byte[] DataToDecrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding)
    {
        try
        {
            byte[] decryptedData;
            //Create a new instance of RSACryptoServiceProvider. 
            using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
            {
                //Import the RSA Key information. This needs 
                //to include the private key information.
                RSA.ImportParameters(RSAKeyInfo);

                //Decrypt the passed byte array and specify OAEP padding.   
                //OAEP padding is only available on Microsoft Windows XP or 
                //later.  
                decryptedData = RSA.Decrypt(DataToDecrypt, DoOAEPPadding);
            }
            return decryptedData;
        }
        //Catch and display a CryptographicException   
        //to the console. 
        catch (CryptographicException e)
        {
            Console.WriteLine(e.ToString());

            return null;
        }

    }
}

The following code example exports the key information created using the RSACryptoServiceProvider into an RSAParameters object.

try
{
    //Create a new RSACryptoServiceProvider object. 
    using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
    {


        //Export the key information to an RSAParameters object. 
        //Pass false to export the public key information or pass 
        //true to export public and private key information.
        RSAParameters RSAParams = RSA.ExportParameters(false);
    }


}
catch (CryptographicException e)
{
    //Catch this exception in case the encryption did 
    //not succeed.
    Console.WriteLine(e.Message);

}

.NET Framework

Supported in: 4.5.1, 4.5, 4, 3.5, 3.0, 2.0, 1.1, 1.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1

.NET for Windows Phone apps

Supported in: Windows Phone 8.1, Windows Phone 8, Silverlight 8.1

Windows Phone 8.1, Windows Phone 8, Windows 8.1, Windows Server 2012 R2, Windows 8, Windows Server 2012, Windows 7, Windows Vista SP2, Windows Server 2008 (Server Core Role not supported), Windows Server 2008 R2 (Server Core Role supported with SP1 or later; Itanium not supported)

The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.

Any public static (Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.
Show:
© 2014 Microsoft. All rights reserved.