RSACryptoServiceProvider Class
Performs asymmetric encryption and decryption using the implementation of the RSA algorithm provided by the cryptographic service provider (CSP). This class cannot be inherited.
Assembly: mscorlib (in mscorlib.dll)
System.Security.Cryptography::AsymmetricAlgorithm
System.Security.Cryptography::RSA
System.Security.Cryptography::RSACryptoServiceProvider
| Name | Description | |
|---|---|---|
![]() | RSACryptoServiceProvider() | Initializes a new instance of the RSACryptoServiceProvider class using the default key. |
![]() | RSACryptoServiceProvider(CspParameters^) | Initializes a new instance of the RSACryptoServiceProvider class with the specified parameters. |
![]() | RSACryptoServiceProvider(Int32) | Initializes a new instance of the RSACryptoServiceProvider class with the specified key size. |
![]() | RSACryptoServiceProvider(Int32, CspParameters^) | Initializes a new instance of the RSACryptoServiceProvider class with the specified key size and parameters. |
| Name | Description | |
|---|---|---|
![]() | CspKeyContainerInfo | Gets a CspKeyContainerInfo object that describes additional information about a cryptographic key pair. |
![]() | KeyExchangeAlgorithm | Gets the name of the key exchange algorithm available with this implementation of RSA.(Overrides RSA::KeyExchangeAlgorithm.) |
![]() | KeySize | Gets the size of the current key.(Overrides AsymmetricAlgorithm::KeySize.) |
![]() | LegalKeySizes | Gets the key sizes that are supported by the asymmetric algorithm.(Inherited from AsymmetricAlgorithm.) |
![]() | PersistKeyInCsp | Gets or sets a value indicating whether the key should be persisted in the cryptographic service provider (CSP). |
![]() | PublicOnly | Gets a value that indicates whether the RSACryptoServiceProvider object contains only a public key. |
![]() | SignatureAlgorithm | Gets the name of the signature algorithm available with this implementation of RSA.(Overrides RSA::SignatureAlgorithm.) |
![]() ![]() | UseMachineKeyStore | Gets or sets a value indicating whether the key should be persisted in the computer's key store instead of the user profile store. |
| Name | Description | |
|---|---|---|
![]() | Clear() | Releases all resources used by the AsymmetricAlgorithm class.(Inherited from AsymmetricAlgorithm.) |
![]() | Decrypt(array<Byte>^, Boolean) | Decrypts data with the RSA algorithm. |
![]() | Decrypt(array<Byte>^, RSAEncryptionPadding^) | Decrypts data that was previously encrypted with the RSA algorithm by using the specified padding. (Overrides RSA::Decrypt(array<Byte>^, RSAEncryptionPadding^).) |
![]() | DecryptValue(array<Byte>^) | This method is not supported in the current version.(Overrides RSA::DecryptValue(array<Byte>^).) |
![]() | Dispose() | Releases all resources used by the current instance of the AsymmetricAlgorithm class.(Inherited from AsymmetricAlgorithm.) |
![]() | Encrypt(array<Byte>^, Boolean) | Encrypts data with the RSA algorithm. |
![]() | Encrypt(array<Byte>^, RSAEncryptionPadding^) | Encrypts data with the RSA algorithm using the specified padding. (Overrides RSA::Encrypt(array<Byte>^, RSAEncryptionPadding^).) |
![]() | EncryptValue(array<Byte>^) | This method is not supported in the current version.(Overrides RSA::EncryptValue(array<Byte>^).) |
![]() | Equals(Object^) | Determines whether the specified object is equal to the current object.(Inherited from Object.) |
![]() | ExportCspBlob(Boolean) | Exports a blob containing the key information associated with an RSACryptoServiceProvider object. |
![]() | ExportParameters(Boolean) | Exports the RSAParameters.(Overrides RSA::ExportParameters(Boolean).) |
![]() | FromXmlString(String^) | |
![]() | GetHashCode() | Serves as the default hash function. (Inherited from Object.) |
![]() | GetType() | |
![]() | ImportCspBlob(array<Byte>^) | Imports a blob that represents RSA key information. |
![]() | ImportParameters(RSAParameters) | Imports the specified RSAParameters.(Overrides RSA::ImportParameters(RSAParameters).) |
![]() | SignData(array<Byte>^, HashAlgorithmName, RSASignaturePadding^) | Computes the hash value of the specified byte array using the specified hash algorithm and padding mode, and signs the resulting hash value. (Inherited from RSA.) |
![]() | SignData(array<Byte>^, Int32, Int32, HashAlgorithmName, RSASignaturePadding^) | Computes the hash value of a portion of the specified byte array using the specified hash algorithm and padding mode, and signs the resulting hash value. (Inherited from RSA.) |
![]() | SignData(array<Byte>^, Int32, Int32, Object^) | Computes the hash value of a subset of the specified byte array using the specified hash algorithm, and signs the resulting hash value. |
![]() | SignData(array<Byte>^, Object^) | Computes the hash value of the specified byte array using the specified hash algorithm, and signs the resulting hash value. |
![]() | SignData(Stream^, HashAlgorithmName, RSASignaturePadding^) | Computes the hash value of the specified stream using the specified hash algorithm and padding mode, and signs the resulting hash value.(Inherited from RSA.) |
![]() | SignData(Stream^, Object^) | Computes the hash value of the specified input stream using the specified hash algorithm, and signs the resulting hash value. |
![]() | SignHash(array<Byte>^, HashAlgorithmName, RSASignaturePadding^) | Computes the signature for the specified hash value by encrypting it with the private key using the specified padding. (Overrides RSA::SignHash(array<Byte>^, HashAlgorithmName, RSASignaturePadding^).) |
![]() | SignHash(array<Byte>^, String^) | Computes the signature for the specified hash value by encrypting it with the private key. |
![]() | ToString() | Returns a string that represents the current object.(Inherited from Object.) |
![]() | ToXmlString(Boolean) | |
![]() | VerifyData(array<Byte>^, array<Byte>^, HashAlgorithmName, RSASignaturePadding^) | Verifies that a digital signature is valid by calculating the hash value of the specified data using the specified hash algorithm and padding, and comparing it to the provided signature. (Inherited from RSA.) |
![]() | VerifyData(array<Byte>^, Int32, Int32, array<Byte>^, HashAlgorithmName, RSASignaturePadding^) | Verifies that a digital signature is valid by calculating the hash value of the data in a portion of a byte array using the specified hash algorithm and padding, and comparing it to the provided signature. (Inherited from RSA.) |
![]() | VerifyData(array<Byte>^, Object^, array<Byte>^) | Verifies that a digital signature is valid by determining the hash value in the signature using the provided public key and comparing it to the hash value of the provided data. |
![]() | VerifyData(Stream^, array<Byte>^, HashAlgorithmName, RSASignaturePadding^) | Verifies that a digital signature is valid by calculating the hash value of the specified stream using the specified hash algorithm and padding, and comparing it to the provided signature. (Inherited from RSA.) |
![]() | VerifyHash(array<Byte>^, array<Byte>^, HashAlgorithmName, RSASignaturePadding^) | Verifies that a digital signature is valid by determining the hash value in the signature using the specified hashing algorithm and padding, and comparing it to the provided hash value. (Overrides RSA::VerifyHash(array<Byte>^, array<Byte>^, HashAlgorithmName, RSASignaturePadding^).) |
![]() | VerifyHash(array<Byte>^, String^, array<Byte>^) | Verifies that a digital signature is valid by determining the hash value in the signature using the provided public key and comparing it to the provided hash value. |
This is the default implementation of RSA.
The RSACryptoServiceProvider supports key sizes from 384 bits to 16384 bits in increments of 8 bits if you have the Microsoft Enhanced Cryptographic Provider installed. It supports key sizes from 384 bits to 512 bits in increments of 8 bits if you have the Microsoft Base Cryptographic Provider installed.
Valid key sizes are dependent on the cryptographic service provider (CSP) that is used by the RSACryptoServiceProvider instance. Windows CSPs enable keys sizes of 384 to 16384 bits for Windows versions prior to Windows 8.1, and key sizes of 512 to 16384 bits for Windows 8.1. For more information, see CryptGenKey function in the Windows documentation.
Unlike the RSA implementation in unmanaged CAPI, the RSACryptoServiceProvider class reverses the order of an encrypted array of bytes after encryption and before decryption. By default, data encrypted by the RSACryptoServiceProvider class cannot be decrypted by the CAPI CryptDecrypt function and data encrypted by the CAPI CryptEncrypt method cannot be decrypted by the RSACryptoServiceProvider class.
If you do not compensate for the reverse ordering when interoperating between APIs, the RSACryptoServiceProvider class throws a CryptographicException.
To interoperate with CAPI, you must manually reverse the order of encrypted bytes before the encrypted data interoperates with another API. You can easily reverse the order of a managed byte array by calling the Array::Reverse method.
The following code example uses the RSACryptoServiceProvider class to encrypt a string into an array of bytes and then decrypt the bytes back into a string.
using namespace System; using namespace System::Security::Cryptography; using namespace System::Text; array<Byte>^ RSAEncrypt( array<Byte>^DataToEncrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding ) { try { //Create a new instance of RSACryptoServiceProvider. RSACryptoServiceProvider^ RSA = gcnew RSACryptoServiceProvider; //Import the RSA Key information. This only needs //toinclude the public key information. RSA->ImportParameters( RSAKeyInfo ); //Encrypt the passed byte array and specify OAEP padding. //OAEP padding is only available on Microsoft Windows XP or //later. array<Byte>^encryptedData = RSA->Encrypt( DataToEncrypt, DoOAEPPadding ); delete RSA; return encryptedData; } //Catch and display a CryptographicException //to the console. catch ( CryptographicException^ e ) { Console::WriteLine( e->Message ); return nullptr; } } array<Byte>^ RSADecrypt( array<Byte>^DataToDecrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding ) { try { //Create a new instance of RSACryptoServiceProvider. RSACryptoServiceProvider^ RSA = gcnew RSACryptoServiceProvider; //Import the RSA Key information. This needs //to include the private key information. RSA->ImportParameters( RSAKeyInfo ); //Decrypt the passed byte array and specify OAEP padding. //OAEP padding is only available on Microsoft Windows XP or //later. array<Byte>^decryptedData = RSA->Decrypt( DataToDecrypt, DoOAEPPadding ); delete RSA; return decryptedData; } //Catch and display a CryptographicException //to the console. catch ( CryptographicException^ e ) { Console::WriteLine( e ); return nullptr; } } int main() { try { //Create a UnicodeEncoder to convert between byte array and string. UnicodeEncoding^ ByteConverter = gcnew UnicodeEncoding; //Create byte arrays to hold original, encrypted, and decrypted data. array<Byte>^dataToEncrypt = ByteConverter->GetBytes( "Data to Encrypt" ); array<Byte>^encryptedData; array<Byte>^decryptedData; //Create a new instance of RSACryptoServiceProvider to generate //public and private key data. RSACryptoServiceProvider^ RSA = gcnew RSACryptoServiceProvider; //Pass the data to ENCRYPT, the public key information //(using RSACryptoServiceProvider.ExportParameters(false), //and a boolean flag specifying no OAEP padding. encryptedData = RSAEncrypt( dataToEncrypt, RSA->ExportParameters( false ), false ); //Pass the data to DECRYPT, the private key information //(using RSACryptoServiceProvider.ExportParameters(true), //and a boolean flag specifying no OAEP padding. decryptedData = RSADecrypt( encryptedData, RSA->ExportParameters( true ), false ); //Display the decrypted plaintext to the console. Console::WriteLine( "Decrypted plaintext: {0}", ByteConverter->GetString( decryptedData ) ); delete RSA; } catch ( ArgumentNullException^ ) { //Catch this exception in case the encryption did //not succeed. Console::WriteLine( "Encryption failed." ); } }
The following code example exports the key information created using the RSACryptoServiceProvider into an RSAParameters object.
try { //Create a new RSACryptoServiceProvider Object*. RSACryptoServiceProvider^ RSA = gcnew RSACryptoServiceProvider; //Export the key information to an RSAParameters object. //Pass false to export the public key information or pass //true to export public and private key information. RSAParameters RSAParams = RSA->ExportParameters( false ); } catch ( CryptographicException^ e ) { //Catch this exception in case the encryption did //not succeed. Console::WriteLine( e->Message ); }
Available since 1.1
Windows Phone Silverlight
Available since 7.1
Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.


