Encrypt Method (Byte[], Boolean)
Collapse the table of content
Expand the table of content

RSACryptoServiceProvider.Encrypt Method (Byte[], Boolean)


Encrypts data with the RSA algorithm.

Namespace:   System.Security.Cryptography
Assembly:  mscorlib (in mscorlib.dll)

public byte[] Encrypt(
	byte[] rgb,
	bool fOAEP


Type: System.Byte[]

The data to be encrypted.

Type: System.Boolean

true to perform direct RSA encryption using OAEP padding (only available on a computer running Microsoft Windows XP or later); otherwise, false to use PKCS#1 v1.5 padding.

Return Value

Type: System.Byte[]

The encrypted data.

Exception Condition

The cryptographic service provider (CSP) cannot be acquired.


The length of the rgb parameter is greater than the maximum allowed length.


The fOAEP parameter is true and OAEP padding is not supported.


rgb is null.

The following table describes the padding supported by different versions of Microsoft Windows and the maximum length of rgb allowed by the different combinations of operating systems and padding.


Operating System Supported

Maximum Length of rgb Parameter

OAEP padding (PKCS#1 v2)

Microsoft Windows XP or later.

Modulus size -2 -2*hLen, where hLen is the size of the hash.

Direct Encryption (PKCS#1 v1.5)

Microsoft Windows 2000 or later with the high encryption pack installed.

Modulus size - 11. (11 bytes is the minimum padding possible.)

Direct Encryption and OAEP padding not supported

Microsoft Windows 98, Microsoft Windows Millennium, or Windows 2000 or later without the high encryption pack installed.

The maximum size allowed for a symmetric key.

Use Decrypt to decrypt the results of this method.

The following code example initializes an RSACryptoServiceProvider object to the value of a public key (sent by another party), generates a session key using the RijndaelManaged algorithm, and then encrypts the session key using the RSACryptoServiceProvider object. Using this scheme, the session key could be sent back to the owner of the private RSA key and the two parties could use the session key to exchange encrypted data.

using System;
using System.Security.Cryptography;

class RSACSPSample

	static void Main()
		{		//initialze the byte arrays to the public key information.
			byte[] PublicKey = {214,46,220,83,160,73,40,39,201,155,19,202,3,11,191,178,56,

			byte[] Exponent = {1,0,1};

			//Values to store encrypted symmetric keys.
			byte[] EncryptedSymmetricKey;
			byte[] EncryptedSymmetricIV;

			//Create a new instance of RSACryptoServiceProvider.
			RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();

			//Create a new instance of RSAParameters.
			RSAParameters RSAKeyInfo = new RSAParameters();

			//Set RSAKeyInfo to the public key values. 
			RSAKeyInfo.Modulus = PublicKey;
			RSAKeyInfo.Exponent = Exponent;

			//Import key parameters into RSA.

			//Create a new instance of the RijndaelManaged class.
			RijndaelManaged RM = new RijndaelManaged();

			//Encrypt the symmetric key and IV.
			EncryptedSymmetricKey = RSA.Encrypt(RM.Key, false);
			EncryptedSymmetricIV = RSA.Encrypt(RM.IV, false);

			Console.WriteLine("RijndaelManaged Key and IV have been encrypted with RSACryptoServiceProvider."); 

		//Catch and display a CryptographicException  
		//to the console.
		catch(CryptographicException e)

.NET Framework
Available since 1.1
Windows Phone Silverlight
Available since 7.1
Return to top
© 2016 Microsoft