RSACryptoServiceProvider Constructors

Definition

Namespace:

System.Security.Cryptography

Assemblies:

netstandard.dll, System.Security.Cryptography.dll

Initializes a new instance of the RSACryptoServiceProvider class.

Overloads

RSACryptoServiceProvider()	Initializes a new instance of the RSACryptoServiceProvider class with a random key pair.
RSACryptoServiceProvider(Int32)	Initializes a new instance of the RSACryptoServiceProvider class with a random key pair of the specified key size.
RSACryptoServiceProvider(CspParameters)	Initializes a new instance of the RSACryptoServiceProvider class with the specified parameters.
RSACryptoServiceProvider(Int32, CspParameters)	Initializes a new instance of the RSACryptoServiceProvider class with the specified key size and parameters.

RSACryptoServiceProvider()

Source:

RSACryptoServiceProvider.Unix.cs

Initializes a new instance of the RSACryptoServiceProvider class with a random key pair.

C#

[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public RSACryptoServiceProvider();

Attributes

UnsupportedOSPlatformAttribute

Exceptions

CryptographicException

The cryptographic service provider (CSP) cannot be acquired.

Examples

The following code example uses the RSACryptoServiceProvider class to encrypt a string into an array of bytes and then decrypt the bytes back into a string.

C#

using System;
using System.Security.Cryptography;
using System.Text;

class RSACSPSample
{

    static void Main()
    {
        try
        {
            //Create a UnicodeEncoder to convert between byte array and string.
            UnicodeEncoding ByteConverter = new UnicodeEncoding();

            //Create byte arrays to hold original, encrypted, and decrypted data.
            byte[] dataToEncrypt = ByteConverter.GetBytes("Data to Encrypt");
            byte[] encryptedData;
            byte[] decryptedData;

            //Create a new instance of RSACryptoServiceProvider to generate
            //public and private key data.
            using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
            {

                //Pass the data to ENCRYPT, the public key information 
                //(using RSACryptoServiceProvider.ExportParameters(false),
                //and a boolean flag specifying no OAEP padding.
                encryptedData = RSAEncrypt(dataToEncrypt, RSA.ExportParameters(false), false);

                //Pass the data to DECRYPT, the private key information 
                //(using RSACryptoServiceProvider.ExportParameters(true),
                //and a boolean flag specifying no OAEP padding.
                decryptedData = RSADecrypt(encryptedData, RSA.ExportParameters(true), false);

                //Display the decrypted plaintext to the console. 
                Console.WriteLine("Decrypted plaintext: {0}", ByteConverter.GetString(decryptedData));
            }
        }
        catch (ArgumentNullException)
        {
            //Catch this exception in case the encryption did
            //not succeed.
            Console.WriteLine("Encryption failed.");
        }
    }

    public static byte[] RSAEncrypt(byte[] DataToEncrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding)
    {
        try
        {
            byte[] encryptedData;
            //Create a new instance of RSACryptoServiceProvider.
            using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
            {

                //Import the RSA Key information. This only needs
                //to include the public key information.
                RSA.ImportParameters(RSAKeyInfo);

                //Encrypt the passed byte array and specify OAEP padding.  
                //OAEP padding is only available on Microsoft Windows XP or
                //later.  
                encryptedData = RSA.Encrypt(DataToEncrypt, DoOAEPPadding);
            }
            return encryptedData;
        }
        //Catch and display a CryptographicException  
        //to the console.
        catch (CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return null;
        }
    }

    public static byte[] RSADecrypt(byte[] DataToDecrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding)
    {
        try
        {
            byte[] decryptedData;
            //Create a new instance of RSACryptoServiceProvider.
            using (RSACryptoServiceProvider RSA = new RSACryptoServiceProvider())
            {
                //Import the RSA Key information. This needs
                //to include the private key information.
                RSA.ImportParameters(RSAKeyInfo);

                //Decrypt the passed byte array and specify OAEP padding.  
                //OAEP padding is only available on Microsoft Windows XP or
                //later.  
                decryptedData = RSA.Decrypt(DataToDecrypt, DoOAEPPadding);
            }
            return decryptedData;
        }
        //Catch and display a CryptographicException  
        //to the console.
        catch (CryptographicException e)
        {
            Console.WriteLine(e.ToString());

            return null;
        }
    }
}

Remarks

This constructor creates an Exchange key pair suitable to encrypt session keys so that they can be safely stored and exchanged with other users. The generated key corresponds to a key generated using the AT_KEYEXCHANGE value used in the unmanaged Microsoft Cryptographic API (CAPI).

This constructor does not generate a new public/private keypair immediately. If no key is loaded via the ImportParameters method, or any other key import method, before a key is needed then a 1024-bit ephemeral key is created on demand.

See also

• Cryptographic Services

RSACryptoServiceProvider(Int32)

Source:

RSACryptoServiceProvider.Unix.cs

Initializes a new instance of the RSACryptoServiceProvider class with a random key pair of the specified key size.

C#

[System.Runtime.Versioning.UnsupportedOSPlatform("browser")]
public RSACryptoServiceProvider(int dwKeySize);

Parameters

dwKeySize

Int32

The size of the key to use in bits.

Attributes

UnsupportedOSPlatformAttribute

Exceptions

CryptographicException

The cryptographic service provider (CSP) cannot be acquired.

Examples

The following code example creates a RSACryptoServiceProvider, generates a new key, and stores it in a key container.

C#

using System;
using System.Security.Cryptography;
using System.Text;

class RSACSPSample
{

    static void Main()
    {
        try
        {
            //Create a UnicodeEncoder to convert between byte array and string.
            UnicodeEncoding ByteConverter = new UnicodeEncoding();

            //Create byte arrays to hold original, encrypted, and decrypted data.
            byte[] dataToEncrypt = ByteConverter.GetBytes("Data to Encrypt");
            byte[] encryptedData;
            byte[] decryptedData;
            
            //Create a new instance of RSACryptoServiceProvider to generate
            //public and private key data.  Pass an integer specifying a key-
            //length of 2048.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(2048);

            //Display the key-legth to the console.
            Console.WriteLine("A new key pair of legth {0} was created", RSAalg.KeySize);

            //Pass the data to ENCRYPT, the public key information
            //(using RSACryptoServiceProvider.ExportParameters(false),
            //and a boolean flag specifying no OAEP padding.
            encryptedData = RSAEncrypt(dataToEncrypt,RSAalg.ExportParameters(false), false);

            //Pass the data to DECRYPT, the private key information
            //(using RSACryptoServiceProvider.ExportParameters(true),
            //and a boolean flag specifying no OAEP padding.
            decryptedData = RSADecrypt(encryptedData,RSAalg.ExportParameters(true), false);

            //Display the decrypted plaintext to the console.
            Console.WriteLine("Decrypted plaintext: {0}", ByteConverter.GetString(decryptedData));
        }
        catch(ArgumentNullException)
        {
            //Catch this exception in case the encryption did
            //not succeed.
            Console.WriteLine("Encryption failed.");
        }
    }

    static public byte[] RSAEncrypt(byte[] DataToEncrypt, RSAParameters RSAKeyInfo, bool DoOAEPPadding)
    {
        try
        {	
            //Create a new instance of RSACryptoServiceProvider.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            //Import the RSA Key information. This only needs
            //toinclude the public key information.
            RSAalg.ImportParameters(RSAKeyInfo);

            //Encrypt the passed byte array and specify OAEP padding.
            //OAEP padding is only available on Microsoft Windows XP or
            //later.
            return RSAalg.Encrypt(DataToEncrypt, DoOAEPPadding);
        }
            //Catch and display a CryptographicException
            //to the console.
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return null;
        }
    }

    static public byte[] RSADecrypt(byte[] DataToDecrypt, RSAParameters RSAKeyInfo,bool DoOAEPPadding)
    {
        try
        {
            //Create a new instance of RSACryptoServiceProvider.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider();

            //Import the RSA Key information. This needs
            //to include the private key information.
            RSAalg.ImportParameters(RSAKeyInfo);

            //Decrypt the passed byte array and specify OAEP padding.
            //OAEP padding is only available on Microsoft Windows XP or
            //later.
            return RSAalg.Decrypt(DataToDecrypt, DoOAEPPadding);
        }
            //Catch and display a CryptographicException
            //to the console.
        catch(CryptographicException e)
        {
            Console.WriteLine(e.ToString());

            return null;
        }
    }
}

Remarks

This constructor creates an Exchange key pair suitable to encrypt session keys so that they can be safely stored and exchanged with other users. The generated key corresponds to a key generated using the AT_KEYEXCHANGE value used in the unmanaged Microsoft Cryptographic API (CAPI).

This constructor does not generate a new public/private keypair immediately. If no key is loaded via the ImportParameters method, or any other key import method, before a key is needed then a dwKeySize-bit ephemeral key is created on demand.

See also

• Cryptographic Services

RSACryptoServiceProvider(CspParameters)

Source:

RSACryptoServiceProvider.Unix.cs

Initializes a new instance of the RSACryptoServiceProvider class with the specified parameters.

C#

[System.Runtime.Versioning.SupportedOSPlatform("windows")]
public RSACryptoServiceProvider(System.Security.Cryptography.CspParameters? parameters);

Parameters

parameters

CspParameters

The parameters to be passed to the cryptographic service provider (CSP).

Attributes

SupportedOSPlatformAttribute

Exceptions

CryptographicException

The CSP cannot be acquired.

Examples

The following code example creates an RSACryptoServiceProvider object, generates a new key, and stores it in a key container.

C#

using System;
using System.Security.Cryptography;
using System.Text;

class RSACSPSample
{

    static void Main()
    {
        try
        {
            string KeyContainerName = "MyKeyContainer";

            //Create a new key and persist it in
            //the key container.
            RSAPersistKeyInCSP(KeyContainerName);

            //Create a UnicodeEncoder to convert between byte array and string.
            UnicodeEncoding ByteConverter = new UnicodeEncoding();

            //Create byte arrays to hold original, encrypted, and decrypted data.
            byte[] dataToEncrypt = ByteConverter.GetBytes("Data to Encrypt");
            byte[] encryptedData;
            byte[] decryptedData;

            //Pass the data to ENCRYPT, the name of the key container,
            //and a boolean flag specifying no OAEP padding.
            encryptedData = RSAEncrypt(dataToEncrypt,KeyContainerName, false);

            //Pass the data to DECRYPT, the name of the key container,
            //and a boolean flag specifying no OAEP padding.
            decryptedData = RSADecrypt(encryptedData,KeyContainerName, false);

            //Display the decrypted plaintext to the console.
            Console.WriteLine("Decrypted plaintext: {0}", ByteConverter.GetString(decryptedData));

            RSADeleteKeyInCSP(KeyContainerName);
        }
        catch(ArgumentNullException)
        {
            //Catch this exception in case the encryption did
            //not succeed.
            Console.WriteLine("Encryption failed.");
        }
    }

    public static void RSAPersistKeyInCSP(string ContainerName)
    {
        try
        {
            // Create a new instance of CspParameters.  Pass
            // 13 to specify a DSA container or 1 to specify
            // an RSA container.  The default is 1.
            CspParameters cspParams = new CspParameters();

            // Specify the container name using the passed variable.
            cspParams.KeyContainerName = ContainerName;

            //Create a new instance of RSACryptoServiceProvider to generate
            //a new key pair.  Pass the CspParameters class to persist the
            //key in the container.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);

            //Indicate that the key was persisted.
            Console.WriteLine("The RSA key was persisted in the container, \"{0}\".", ContainerName);
        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);
        }
    }

    public static void RSADeleteKeyInCSP(string ContainerName)
    {
        try
        {
            // Create a new instance of CspParameters.  Pass
            // 13 to specify a DSA container or 1 to specify
            // an RSA container.  The default is 1.
            CspParameters cspParams = new CspParameters();

            // Specify the container name using the passed variable.
            cspParams.KeyContainerName = ContainerName;

            //Create a new instance of RSACryptoServiceProvider.
            //Pass the CspParameters class to use the
            //key in the container.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);

            //Delete the key entry in the container.
            RSAalg.PersistKeyInCsp = false;

            //Call Clear to release resources and delete the key from the container.
            RSAalg.Clear();

            //Indicate that the key was persisted.
            Console.WriteLine("The RSA key was deleted from the container, \"{0}\".", ContainerName);
        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);
        }
    }

    static public byte[] RSAEncrypt(byte[] DataToEncrypt, string ContainerName, bool DoOAEPPadding)
    {
        try
        {	
            // Create a new instance of CspParameters.  Pass
            // 13 to specify a DSA container or 1 to specify
            // an RSA container.  The default is 1.
            CspParameters cspParams = new CspParameters();

            // Specify the container name using the passed variable.
            cspParams.KeyContainerName = ContainerName;

            //Create a new instance of RSACryptoServiceProvider.
            //Pass the CspParameters class to use the key
            //from the key in the container.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);

            //Encrypt the passed byte array and specify OAEP padding.
            //OAEP padding is only available on Microsoft Windows XP or
            //later.
            return RSAalg.Encrypt(DataToEncrypt, DoOAEPPadding);
        }
            //Catch and display a CryptographicException
            //to the console.
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return null;
        }
    }

    static public byte[] RSADecrypt(byte[] DataToDecrypt, string ContainerName, bool DoOAEPPadding)
    {
        try
        {
            // Create a new instance of CspParameters.  Pass
            // 13 to specify a DSA container or 1 to specify
            // an RSA container.  The default is 1.
            CspParameters cspParams = new CspParameters();

            // Specify the container name using the passed variable.
            cspParams.KeyContainerName = ContainerName;

            //Create a new instance of RSACryptoServiceProvider.
            //Pass the CspParameters class to use the key
            //from the key in the container.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);

            //Decrypt the passed byte array and specify OAEP padding.
            //OAEP padding is only available on Microsoft Windows XP or
            //later.
            return RSAalg.Decrypt(DataToDecrypt, DoOAEPPadding);
        }
            //Catch and display a CryptographicException
            //to the console.
        catch(CryptographicException e)
        {
            Console.WriteLine(e.ToString());

            return null;
        }
    }
}

Remarks

This constructor creates or reuses a key container specified using the KeyContainerName field of the parameters parameter.

By default, this constructor creates an Exchange key pair suitable to encrypt session keys so that they can be safely stored and exchanged with other users. The generated key corresponds to a key generated using the AT_KEYEXCHANGE value used in the unmanaged Microsoft Cryptographic API (CAPI).

You can create a Signature key pair suitable for authenticating (digitally signed) messages or files by setting the KeyNumber field of the parameters parameter to the Signature value. This type of key corresponds to the AT_SIGNATURE value used in CAPI.

If you create an RSACryptoServiceProvider object with the Exchange value specified and then create another RSACryptoServiceProvider object with the Signature value specified, both keys will be placed in a single container if both objects specify the same key container name.

To create a key that is compatible with strong-name signing using the RSACryptoServiceProvider class, you must create a Signature key pair.

See also

• Cryptographic Services

RSACryptoServiceProvider(Int32, CspParameters)

Source:

RSACryptoServiceProvider.Unix.cs

Initializes a new instance of the RSACryptoServiceProvider class with the specified key size and parameters.

C#

[System.Runtime.Versioning.SupportedOSPlatform("windows")]
public RSACryptoServiceProvider(int dwKeySize, System.Security.Cryptography.CspParameters? parameters);

Parameters

dwKeySize

Int32

The size of the key to use in bits.

parameters

CspParameters

The parameters to be passed to the cryptographic service provider (CSP).

Attributes

SupportedOSPlatformAttribute

Exceptions

CryptographicException

The CSP cannot be acquired.

-or-

The key cannot be created.

Examples

The following code example creates a RSACryptoServiceProvider, generates a new key, and stores it in a key container.

C#

using System;
using System.Security.Cryptography;
using System.Text;

class RSACSPSample
{

    static void Main()
    {
        try
        {
            string KeyContainerName = "MyKeyContainer";

            //Create a new key and persist it in
            //the key container.
            RSAPersistKeyInCSP(KeyContainerName);

            //Create a UnicodeEncoder to convert between byte array and string.
            UnicodeEncoding ByteConverter = new UnicodeEncoding();

            //Create byte arrays to hold original, encrypted, and decrypted data.
            byte[] dataToEncrypt = ByteConverter.GetBytes("Data to Encrypt");
            byte[] encryptedData;
            byte[] decryptedData;

            //Pass the data to ENCRYPT, the name of the key container,
            //and a boolean flag specifying no OAEP padding.
            encryptedData = RSAEncrypt(dataToEncrypt,KeyContainerName, false);

            //Pass the data to DECRYPT, the name of the key container,
            //and a boolean flag specifying no OAEP padding.
            decryptedData = RSADecrypt(encryptedData,KeyContainerName, false);

            //Display the decrypted plaintext to the console.
            Console.WriteLine("Decrypted plaintext: {0}", ByteConverter.GetString(decryptedData));

            RSADeleteKeyInCSP(KeyContainerName);
        }
        catch(ArgumentNullException)
        {
            //Catch this exception in case the encryption did
            //not succeed.
            Console.WriteLine("Encryption failed.");
        }
    }

    public static void RSAPersistKeyInCSP(string ContainerName)
    {
        try
        {
            // Create a new instance of CspParameters.  Pass
            // 13 to specify a DSA container or 1 to specify
            // an RSA container.  The default is 1.
            CspParameters cspParams = new CspParameters();

            // Specify the container name using the passed variable.
            cspParams.KeyContainerName = ContainerName;

            //Create a new instance of RSACryptoServiceProvider to generate
            //a new key pair.  Pass the CspParameters class to persist the
            //key in the container.  Pass an intger of 2048 to specify the
            //key-size.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider( 2048, cspParams);

            //Indicate that the key was persisted.
            Console.WriteLine("The RSA key with a key-size of {0} was persisted in the container, \"{1}\".",
                              RSAalg.KeySize , ContainerName);
        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);
        }
    }

    public static void RSADeleteKeyInCSP(string ContainerName)
    {
        try
        {
            // Create a new instance of CspParameters.  Pass
            // 13 to specify a DSA container or 1 to specify
            // an RSA container.  The default is 1.
            CspParameters cspParams = new CspParameters();

            // Specify the container name using the passed variable.
            cspParams.KeyContainerName = ContainerName;

            //Create a new instance of DSACryptoServiceProvider.
            //Pass the CspParameters class to use the
            //key in the container.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);

            //Delete the key entry in the container.
            RSAalg.PersistKeyInCsp = false;

            //Call Clear to release resources and delete the key from the container.
            RSAalg.Clear();

            //Indicate that the key was persisted.
            Console.WriteLine("The RSA key was deleted from the container, \"{0}\".", ContainerName);
        }
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);
        }
    }

    static public byte[] RSAEncrypt(byte[] DataToEncrypt, string ContainerName, bool DoOAEPPadding)
    {
        try
        {	
            // Create a new instance of CspParameters.  Pass
            // 13 to specify a DSA container or 1 to specify
            // an RSA container.  The default is 1.
            CspParameters cspParams = new CspParameters();

            // Specify the container name using the passed variable.
            cspParams.KeyContainerName = ContainerName;

            //Create a new instance of DSACryptoServiceProvider.
            //Pass the CspParameters class to use the key
            //from the key in the container.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);

            //Encrypt the passed byte array and specify OAEP padding.
            //OAEP padding is only available on Microsoft Windows XP or
            //later.
            return RSAalg.Encrypt(DataToEncrypt, DoOAEPPadding);
        }
            //Catch and display a CryptographicException
            //to the console.
        catch(CryptographicException e)
        {
            Console.WriteLine(e.Message);

            return null;
        }
    }

    static public byte[] RSADecrypt(byte[] DataToDecrypt, string ContainerName, bool DoOAEPPadding)
    {
        try
        {
            // Create a new instance of CspParameters.  Pass
            // 13 to specify a DSA container or 1 to specify
            // an RSA container.  The default is 1.
            CspParameters cspParams = new CspParameters();

            // Specify the container name using the passed variable.
            cspParams.KeyContainerName = ContainerName;

            //Create a new instance of DSACryptoServiceProvider.
            //Pass the CspParameters class to use the key
            //from the key in the container.
            RSACryptoServiceProvider RSAalg = new RSACryptoServiceProvider(cspParams);

            //Decrypt the passed byte array and specify OAEP padding.
            //OAEP padding is only available on Microsoft Windows XP or
            //later.
            return RSAalg.Decrypt(DataToDecrypt, DoOAEPPadding);
        }
            //Catch and display a CryptographicException
            //to the console.
        catch(CryptographicException e)
        {
            Console.WriteLine(e.ToString());

            return null;
        }
    }
}

Remarks

This constructor creates or reuses a key container specified using the KeyContainerName field of the parameters parameter.

By default, this constructor creates an Exchange key pair suitable to encrypt session keys so that they can be safely stored and exchanged with other users. The generated key corresponds to a key generated using the AT_KEYEXCHANGE value used in the unmanaged Microsoft Cryptographic API (CAPI).

You can create a Signature key pair suitable for authenticating (digitally signed) messages or files by setting the KeyNumber field of the parameters parameter to the Signature value. This type of key corresponds to the AT_SIGNATURE value used in CAPI.

If you create an RSACryptoServiceProvider object with the Exchange value specified and then create another RSACryptoServiceProvider object with the Signature value specified, both keys will be placed in a single container if both objects specify the same key container name.

To create a key that is compatible with strong-name signing using the RSACryptoServiceProvider class, you must create a Signature key pair.

See also

• Cryptographic Services