RSACryptoServiceProvider Class
Performs asymmetric encryption and decryption using the implementation of the RSA algorithm provided by the cryptographic service provider (CSP). This class cannot be inherited.
System.Security.Cryptography::AsymmetricAlgorithm
System.Security.Cryptography::RSA
System.Security.Cryptography::RSACryptoServiceProvider
Assembly: mscorlib (in mscorlib.dll)
The RSACryptoServiceProvider type exposes the following members.
| Name | Description | |
|---|---|---|
![]() | RSACryptoServiceProvider() | Initializes a new instance of the RSACryptoServiceProvider class using the default key. |
![]() | RSACryptoServiceProvider(CspParameters) | Initializes a new instance of the RSACryptoServiceProvider class with the specified parameters. |
![]() | RSACryptoServiceProvider(Int32) | Initializes a new instance of the RSACryptoServiceProvider class with the specified key size. |
![]() | RSACryptoServiceProvider(Int32, CspParameters) | Initializes a new instance of the RSACryptoServiceProvider class with the specified key size and parameters. |
| Name | Description | |
|---|---|---|
![]() | CspKeyContainerInfo | Gets a CspKeyContainerInfo object that describes additional information about a cryptographic key pair. |
![]() | KeyExchangeAlgorithm | Gets the name of the key exchange algorithm available with this implementation of RSA. (Overrides AsymmetricAlgorithm::KeyExchangeAlgorithm.) |
![]() | KeySize | Gets the size of the current key. (Overrides AsymmetricAlgorithm::KeySize.) |
![]() | LegalKeySizes | Gets the key sizes that are supported by the asymmetric algorithm. (Inherited from AsymmetricAlgorithm.) |
![]() | PersistKeyInCsp | Gets or sets a value indicating whether the key should be persisted in the cryptographic service provider (CSP). |
![]() | PublicOnly | Gets a value that indicates whether the RSACryptoServiceProvider object contains only a public key. |
![]() | SignatureAlgorithm | Gets the name of the signature algorithm available with this implementation of RSA. (Overrides AsymmetricAlgorithm::SignatureAlgorithm.) |
![]() ![]() | UseMachineKeyStore | Gets or sets a value indicating whether the key should be persisted in the computer's key store instead of the user profile store. |
| Name | Description | |
|---|---|---|
![]() | Clear | Releases all resources used by the AsymmetricAlgorithm class. (Inherited from AsymmetricAlgorithm.) |
![]() | Decrypt | Decrypts data with the RSA algorithm. |
![]() | DecryptValue | This method is not supported in the current version. (Overrides RSA::DecryptValue(array<Byte>).) |
![]() | Dispose() | Releases all resources used by the current instance of the AsymmetricAlgorithm class. (Inherited from AsymmetricAlgorithm.) |
![]() | Dispose(Boolean) | Releases the unmanaged resources used by the AsymmetricAlgorithm class and optionally releases the managed resources. (Inherited from AsymmetricAlgorithm.) |
![]() | Encrypt | Encrypts data with the RSA algorithm. |
![]() | EncryptValue | This method is not supported in the current version. (Overrides RSA::EncryptValue(array<Byte>).) |
![]() | Equals(Object) | Determines whether the specified Object is equal to the current Object. (Inherited from Object.) |
![]() | ExportCspBlob | Exports a blob containing the key information associated with an RSACryptoServiceProvider object. |
![]() | ExportParameters | Exports the RSAParameters. (Overrides RSA::ExportParameters(Boolean).) |
![]() | Finalize | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection. (Inherited from Object.) |
![]() | FromXmlString | Initializes an RSA object from the key information from an XML string. (Inherited from RSA.) |
![]() | GetHashCode | Serves as a hash function for a particular type. (Inherited from Object.) |
![]() | GetType | Gets the Type of the current instance. (Inherited from Object.) |
![]() | ImportCspBlob | Imports a blob that represents RSA key information. |
![]() | ImportParameters | Imports the specified RSAParameters. (Overrides RSA::ImportParameters(RSAParameters).) |
![]() | MemberwiseClone | Creates a shallow copy of the current Object. (Inherited from Object.) |
![]() | SignData(array<Byte>, Object) | Computes the hash value of the specified byte array using the specified hash algorithm, and signs the resulting hash value. |
![]() | SignData(Stream, Object) | Computes the hash value of the specified input stream using the specified hash algorithm, and signs the resulting hash value. |
![]() | SignData(array<Byte>, Int32, Int32, Object) | Computes the hash value of a subset of the specified byte array using the specified hash algorithm, and signs the resulting hash value. |
![]() | SignHash | Computes the signature for the specified hash value by encrypting it with the private key. |
![]() | ToString | Returns a string that represents the current object. (Inherited from Object.) |
![]() | ToXmlString | Creates and returns an XML string containing the key of the current RSA object. (Inherited from RSA.) |
![]() | VerifyData | Verifies that a digital signature is valid by determining the hash value in the signature using the provided public key and comparing it to the hash value of the provided data. |
![]() | VerifyHash | Verifies that a digital signature is valid by determining the hash value in the signature using the provided public key and comparing it to the provided hash value. |
| Name | Description | |
|---|---|---|
![]() | KeySizeValue | Represents the size, in bits, of the key modulus used by the asymmetric algorithm. (Inherited from AsymmetricAlgorithm.) |
![]() | LegalKeySizesValue | Specifies the key sizes that are supported by the asymmetric algorithm. (Inherited from AsymmetricAlgorithm.) |
This is the default implementation of RSA.
The RSACryptoServiceProvider supports key lengths from 384 bits to 16384 bits in increments of 8 bits if you have the Microsoft Enhanced Cryptographic Provider installed. It supports key lengths from 384 bits to 512 bits in increments of 8 bits if you have the Microsoft Base Cryptographic Provider installed.
Interoperation with the Microsoft Cryptographic API (CAPI)
Unlike the RSA implementation in unmanaged CAPI, the RSACryptoServiceProvider class reverses the order of an encrypted array of bytes after encryption and before decryption. By default, data encrypted by the RSACryptoServiceProvider class cannot be decrypted by the CAPI CryptDecrypt function and data encrypted by the CAPI CryptEncrypt method cannot be decrypted by the RSACryptoServiceProvider class.
If you do not compensate for the reverse ordering when interoperating between APIs, the RSACryptoServiceProvider class throws a CryptographicException.
To interoperate with CAPI, you must manually reverse the order of encrypted bytes before the encrypted data interoperates with another API. You can easily reverse the order of a managed byte array by calling the Array::Reverse method.
| Topic | Location |
|---|---|
| How to: Store Asymmetric Keys in a Key Container | .NET Framework: Security |
| How to: Sign XML Documents with Digital Signatures | .NET Framework: Security |
| How to: Encrypt XML Elements with Asymmetric Keys | .NET Framework: Security |
| How to: Verify the Digital Signatures of XML Documents | .NET Framework: Security |
| How to: Decrypt XML Elements with Asymmetric Keys | .NET Framework: Security |
| How to: Store Asymmetric Keys in a Key Container | .NET Framework: Security |
| How to: Sign XML Documents with Digital Signatures | .NET Framework: Security |
| How to: Encrypt XML Elements with Asymmetric Keys | .NET Framework: Security |
| How to: Verify the Digital Signatures of XML Documents | .NET Framework: Security |
| How to: Decrypt XML Elements with Asymmetric Keys | .NET Framework: Security |
The following code example uses the RSACryptoServiceProvider class to encrypt a string into an array of bytes and then decrypt the bytes back into a string.
using namespace System; using namespace System::Security::Cryptography; using namespace System::Text; array<Byte>^ RSAEncrypt( array<Byte>^DataToEncrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding ) { try { //Create a new instance of RSACryptoServiceProvider. RSACryptoServiceProvider^ RSA = gcnew RSACryptoServiceProvider; //Import the RSA Key information. This only needs //toinclude the public key information. RSA->ImportParameters( RSAKeyInfo ); //Encrypt the passed byte array and specify OAEP padding. //OAEP padding is only available on Microsoft Windows XP or //later. array<Byte>^encryptedData = RSA->Encrypt( DataToEncrypt, DoOAEPPadding ); delete RSA; return encryptedData; } //Catch and display a CryptographicException //to the console. catch ( CryptographicException^ e ) { Console::WriteLine( e->Message ); return nullptr; } } array<Byte>^ RSADecrypt( array<Byte>^DataToDecrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding ) { try { //Create a new instance of RSACryptoServiceProvider. RSACryptoServiceProvider^ RSA = gcnew RSACryptoServiceProvider; //Import the RSA Key information. This needs //to include the private key information. RSA->ImportParameters( RSAKeyInfo ); //Decrypt the passed byte array and specify OAEP padding. //OAEP padding is only available on Microsoft Windows XP or //later. array<Byte>^decryptedData = RSA->Decrypt( DataToDecrypt, DoOAEPPadding ); delete RSA; return decryptedData; } //Catch and display a CryptographicException //to the console. catch ( CryptographicException^ e ) { Console::WriteLine( e ); return nullptr; } } int main() { try { //Create a UnicodeEncoder to convert between byte array and string. UnicodeEncoding^ ByteConverter = gcnew UnicodeEncoding; //Create byte arrays to hold original, encrypted, and decrypted data. array<Byte>^dataToEncrypt = ByteConverter->GetBytes( "Data to Encrypt" ); array<Byte>^encryptedData; array<Byte>^decryptedData; //Create a new instance of RSACryptoServiceProvider to generate //public and private key data. RSACryptoServiceProvider^ RSA = gcnew RSACryptoServiceProvider; //Pass the data to ENCRYPT, the public key information //(using RSACryptoServiceProvider.ExportParameters(false), //and a boolean flag specifying no OAEP padding. encryptedData = RSAEncrypt( dataToEncrypt, RSA->ExportParameters( false ), false ); //Pass the data to DECRYPT, the private key information //(using RSACryptoServiceProvider.ExportParameters(true), //and a boolean flag specifying no OAEP padding. decryptedData = RSADecrypt( encryptedData, RSA->ExportParameters( true ), false ); //Display the decrypted plaintext to the console. Console::WriteLine( "Decrypted plaintext: {0}", ByteConverter->GetString( decryptedData ) ); delete RSA; } catch ( ArgumentNullException^ ) { //Catch this exception in case the encryption did //not succeed. Console::WriteLine( "Encryption failed." ); } }
The following code example exports the key information created using the RSACryptoServiceProvider into an RSAParameters object.
try { //Create a new RSACryptoServiceProvider Object*. RSACryptoServiceProvider^ RSA = gcnew RSACryptoServiceProvider; //Export the key information to an RSAParameters object. //Pass false to export the public key information or pass //true to export public and private key information. RSAParameters RSAParams = RSA->ExportParameters( false ); } catch ( CryptographicException^ e ) { //Catch this exception in case the encryption did //not succeed. Console::WriteLine( e->Message ); }
Windows 7, Windows Vista SP1 or later, Windows XP SP3, Windows XP SP2 x64 Edition, Windows Server 2008 (Server Core not supported), Windows Server 2008 R2 (Server Core supported with SP1 or later), Windows Server 2003 SP2
The .NET Framework does not support all versions of every platform. For a list of the supported versions, see .NET Framework System Requirements.
