RSACryptoServiceProvider Class
Assembly: mscorlib (in mscorlib.dll)
[ComVisibleAttribute(true)] public sealed class RSACryptoServiceProvider : RSA, ICspAsymmetricAlgorithm
/** @attribute ComVisibleAttribute(true) */ public final class RSACryptoServiceProvider extends RSA implements ICspAsymmetricAlgorithm
ComVisibleAttribute(true) public final class RSACryptoServiceProvider extends RSA implements ICspAsymmetricAlgorithm
Not applicable.
This is the default implementation of RSA.
The RSACryptoServiceProvider supports key lengths from 384 bits to 16384 bits in increments of 8 bits if you have the Microsoft Enhanced Cryptographic Provider installed. It supports key lengths from 384 bits to 512 bits in increments of 8 bits if you have the Microsoft Base Cryptographic Provider installed.
Interoperation with the Microsoft Cryptographic API (CAPI)
Unlike the RSA implementation in unmanaged CAPI, the RSACryptoServiceProvider class reverses the order of an encrypted array of bytes after encryption and before decryption. By default, data encrypted by the RSACryptoServiceProvider class cannot be decrypted by the CAPI CryptDecrypt function and data encrypted by the CAPI CryptEncrypt method cannot be decrypted by the RSACryptoServiceProvider class.
If you do not compensate for the reverse ordering when interoperating between APIs, the RSACryptoServiceProvider class throws a CryptographicException.
To interoperate with CAPI, you must manually reverse the order of encrypted bytes before the encrypted data interoperates with another API. You can easily reverse the order of a managed byte array by calling the Array.Reverse method.
| Topic | Location |
|---|---|
| How to: Store Asymmetric Keys in a Key Container | .NET Framework: Security |
| How to: Sign XML Documents with Digital Signatures | .NET Framework: Security |
| How to: Encrypt XML Elements with Asymmetric Keys | .NET Framework: Security |
| How to: Verify the Digital Signatures of XML Documents | .NET Framework: Security |
| How to: Decrypt XML Elements with Asymmetric Keys | .NET Framework: Security |
| How to: Store Asymmetric Keys in a Key Container | .NET Framework: Security |
| How to: Sign XML Documents with Digital Signatures | .NET Framework: Security |
| How to: Encrypt XML Elements with Asymmetric Keys | .NET Framework: Security |
| How to: Verify the Digital Signatures of XML Documents | .NET Framework: Security |
| How to: Decrypt XML Elements with Asymmetric Keys | .NET Framework: Security |
The following code example uses the RSACryptoServiceProvider class to encrypt a string into an array of bytes and then decrypt the bytes back into a string.
using System; using System.Security.Cryptography; using System.Text; class RSACSPSample { static void Main() { try { //Create a UnicodeEncoder to convert between byte array and string. UnicodeEncoding ByteConverter = new UnicodeEncoding(); //Create byte arrays to hold original, encrypted, and decrypted data. byte[] dataToEncrypt = ByteConverter.GetBytes("Data to Encrypt"); byte[] encryptedData; byte[] decryptedData; //Create a new instance of RSACryptoServiceProvider to generate //public and private key data. RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(); //Pass the data to ENCRYPT, the public key information //(using RSACryptoServiceProvider.ExportParameters(false), //and a boolean flag specifying no OAEP padding. encryptedData = RSAEncrypt(dataToEncrypt,RSA.ExportParameters(false), false); //Pass the data to DECRYPT, the private key information //(using RSACryptoServiceProvider.ExportParameters(true), //and a boolean flag specifying no OAEP padding. decryptedData = RSADecrypt(encryptedData,RSA.ExportParameters(true), false); //Display the decrypted plaintext to the console. Console.WriteLine("Decrypted plaintext: {0}", ByteConverter.GetString(decryptedData)); } catch(ArgumentNullException) { //Catch this exception in case the encryption did //not succeed. Console.WriteLine("Encryption failed."); } } static public byte[] RSAEncrypt(byte[] DataToEncrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding) { try { //Create a new instance of RSACryptoServiceProvider. RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(); //Import the RSA Key information. This only needs //toinclude the public key information. RSA.ImportParameters(RSAKeyInfo); //Encrypt the passed byte array and specify OAEP padding. //OAEP padding is only available on Microsoft Windows XP or //later. return RSA.Encrypt(DataToEncrypt, DoOAEPPadding); } //Catch and display a CryptographicException //to the console. catch(CryptographicException e) { Console.WriteLine(e.Message); return null; } } static public byte[] RSADecrypt(byte[] DataToDecrypt, RSAParameters RSAKeyInfo,bool DoOAEPPadding) { try { //Create a new instance of RSACryptoServiceProvider. RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(); //Import the RSA Key information. This needs //to include the private key information. RSA.ImportParameters(RSAKeyInfo); //Decrypt the passed byte array and specify OAEP padding. //OAEP padding is only available on Microsoft Windows XP or //later. return RSA.Decrypt(DataToDecrypt, DoOAEPPadding); } //Catch and display a CryptographicException //to the console. catch(CryptographicException e) { Console.WriteLine(e.ToString()); return null; } } }
import System.*;
import System.Security.Cryptography.*;
import System.Text.*;
class RSACSPSample
{
public static void main(String[] args)
{
try {
// Create a UnicodeEncoder to convert between byte array and string.
UnicodeEncoding byteConverter = new UnicodeEncoding();
// Create byte arrays to hold original, encrypted,
// and decrypted data.
ubyte dataToEncrypt[] = byteConverter.GetBytes("Data to Encrypt");
ubyte encryptedData[];
ubyte decryptedData[];
// Create a new instance of RSACryptoServiceProvider to generate
// public and private key data.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
// Pass the data to ENCRYPT, the public key information
// (using RSACryptoServiceProvider.ExportParameters(false),
// and a boolean flag specifying no OAEP padding.
encryptedData = RSAEncrypt(dataToEncrypt,
rsa.ExportParameters(false), false);
// Pass the data to DECRYPT, the private key information
//(using RSACryptoServiceProvider.ExportParameters(true),
// and a boolean flag specifying no OAEP padding.
decryptedData = RSADecrypt(encryptedData,
rsa.ExportParameters(true), false);
// Display the decrypted plaintext to the console.
Console.WriteLine("Decrypted plaintext: {0}",
byteConverter.GetString(decryptedData));
}
catch (ArgumentNullException exp) {
//Catch this exception in case the encryption did
//not succeed.
Console.WriteLine("Encryption failed.");
}
} //main
public static ubyte[] RSAEncrypt(ubyte dataToEncrypt[],
RSAParameters rsaKeyInfo, boolean doOaepPadding)
{
try {
// Create a new instance of RSACryptoServiceProvider.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
// Import the rsa Key information. This only needs
// toinclude the public key information.
rsa.ImportParameters(rsaKeyInfo);
// Encrypt the passed byte array and specify OAEP padding.
// OAEP padding is only available on Microsoft Windows XP or
// later.
return rsa.Encrypt(dataToEncrypt, doOaepPadding) ;
}
// Catch and display a CryptographicException
// to the console.
catch (CryptographicException e) {
Console.WriteLine(e.get_Message());
return null ;
}
} //RSAEncrypt
public static ubyte[] RSADecrypt(ubyte dataToDecrypt[],
RSAParameters rsaKeyInfo, boolean doOaepPadding)
{
try {
// Create a new instance of RSACryptoServiceProvider.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
// Import the rsa Key information. This needs
// to include the private key information.
rsa.ImportParameters(rsaKeyInfo);
// Decrypt the passed byte array and specify OAEP padding.
// OAEP padding is only available on Microsoft Windows XP or
// later.
return rsa.Decrypt(dataToDecrypt, doOaepPadding) ;
}
// Catch and display a CryptographicException
// to the console.
catch (CryptographicException e) {
Console.WriteLine(e.ToString());
return null ;
}
} //RSADecrypt
} //RSACSPSample
The following code example exports the key information created using the RSACryptoServiceProvider into an RSAParameters object.
try { //Create a new RSACryptoServiceProvider object. RSACryptoServiceProvider RSA = new RSACryptoServiceProvider(); //Export the key information to an RSAParameters object. //Pass false to export the public key information or pass //true to export public and private key information. RSAParameters RSAParams = RSA.ExportParameters(false); } catch(CryptographicException e) { //Catch this exception in case the encryption did //not succeed. Console.WriteLine(e.Message); }
try {
// Create a new RSACryptoServiceProvider object.
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
// Export the key information to an RSAParameters object.
// Pass false to export the public key information or pass
// true to export public and private key information.
RSAParameters rsaParams = rsa.ExportParameters(false);
}
catch (CryptographicException e) {
// Catch this exception in case the encryption did
// not succeed.
Console.WriteLine(e.get_Message());
}
System.Security.Cryptography.AsymmetricAlgorithm
System.Security.Cryptography.RSA
System.Security.Cryptography.RSACryptoServiceProvider
Windows 98, Windows Server 2000 SP4, Windows CE, Windows Millennium Edition, Windows Mobile for Pocket PC, Windows Mobile for Smartphone, Windows Server 2003, Windows XP Media Center Edition, Windows XP Professional x64 Edition, Windows XP SP2, Windows XP Starter Edition
The Microsoft .NET Framework 3.0 is supported on Windows Vista, Microsoft Windows XP SP2, and Windows Server 2003 SP1.