The example below shows the use of the RSA Cryptography provider. The typical private and public keys that you may normally associate with cryptography are generated while working with RSA cryptography provider. The owner of the key pair - you for example - issues the public key to anyone who wants it. The private key on the other hand must be kept secret in order to ensure the integrity of the encryption. Simply stated the process that this example goes through is as follows: Step 1: take the text out of the first textbox and encrypt it Step 2: store the resulting encrypted string in the second textbox Step 3: take the text out of the second textbox and decrypt it Step 4: show the resulting decrypted string in the third textbox. Please refer to the comments in the code for more detail. Note: The term "cryptography provider" refers to those classes in the System.Security.Cryptography namespace that implement their particular type of cryptography. As you look through the types in the Cryptography namespace, you will notice a few classes that sound like they implement the kind of cryptography that you are looking for. Many of these classes such as System.Security.Cryptography.RSA and System.Security.DES are abstract (or not-inheritable in Visual Basic.NET), meaning that you cannot directly create an instance of these classes. Each of these abstract classes have a corresponding provider (with "provider" in the class name) that you can work with.
// create an instance of the RSA cryptography provider // at this point a new public/private key pair has been created // You have to instruct RSACryptoServiceProvider or DSACryptoServiceProvider to use // machine key store (as in the following sample // code) in scenarios such as a Web service, ASP Page, or COM+, where the user profile // is not loaded by the system for performance // reasons. You can use the CspParameters parameter in // the RSACryptoServiceProvider() constructor, as follows: // Refer to Q322371 @ http://support.microsoft.com/default.aspx?scid=kb;en-us;Q322371 // Only other way to get around is run the aspnet_wp.exe worker process with SYSTEM //credentials which I'd not recommend!
CspParameters CSPParam = new CspParameters(); CSPParam.Flags = CspProviderFlags.UseMachineKeyStore; RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(CSPParam);
// get a byte array representing the first string byte[] byteInput = (new System.Text.UnicodeEncoding()).GetBytes(textBox1.Text);
// encrypt the string using the provider and save the result to the byteEncrypted array byte[] byteEncrypted = rsa.Encrypt(byteInput, false);
// the rsaParam structure contains the public/private key pair. // by passing true to ExportParameters, we tell the provider to include the private key rsaParam = rsa.ExportParameters(true);
// for illustration purposes show the encrypted string in the second textbox // this string should not be readable. textBox2.Text = (new System.Text.UnicodeEncoding()).GetString(byteEncrypted);
/*************************************************/ // normally we would stop at this point // and save the public/private key some where. // but let's go on to see how we would use the RSAParameters // structure to decrypt the string /*************************************************/
// import the RSAParameters structure that we used previously. // normally at this point we would have to create another instance of the provider, // which would generate another public/private key pair // that could not be used to decrypt the string. So we must use the original public/private // key pair from the RSAParameters structure rsa.ImportParameters(rsaParam);
// get the encrypted string from the second textbox and store it in a byte array byte[] byteEncryptedString = (new System.Text.UnicodeEncoding()).GetBytes(textBox2.Text);
// decrypt the data in the byte array using the provider // we pass false in the second parameter to tell the provider that we do not want to use // OAEP padding, but don't worry about that for this example. byte[] byteDecryptedString = rsa.Decrypt(byteEncryptedString, false);
// assign the resulting decrypted string to the third textbox textBox3.Text = (new System.Text.UnicodeEncoding()).GetString(byteDecryptedString); } </SCRIPT>