Olvasás angol nyelven Szerkesztés

Megosztás a következőn keresztül:

AsymmetricAlgorithm Class


Represents the abstract base class from which all implementations of asymmetric algorithms must inherit.

public abstract class AsymmetricAlgorithm : IDisposable
public abstract class AsymmetricAlgorithm : IDisposable


The following code example demonstrates how to implement a custom asymmetric algorithm inherited from the AsymmetricAlgorithm class. An additional class is provided to demonstrate how to use the custom class.

using System;
using System.Xml;
using System.Text;
using System.Security.Cryptography;
using System.Reflection;

[assembly: AssemblyKeyFile("CustomCrypto.snk")]
[assembly: AssemblyVersion("")]
[assembly: CLSCompliant(true)]
namespace Contoso
    // Define a CustomCrypto class that inherits from the AsymmetricAlgorithm
    // class.
    public class CustomCrypto : 
        // Declare local member variables.
        private CspParameters cspParameters;
        private readonly KeySizes[] keySizes = {new KeySizes(8, 64, 8)};

        // Initialize a CustomCrypto with the default key size of 8.
        public CustomCrypto()
            this.KeySize = 8;

        // Initialize a CustomCrypto with the specified key size.
        public CustomCrypto(int keySize)
            this.KeySize = keySize;

        // Accessor function for keySizes member variable.
        public override KeySizes[] LegalKeySizes 
            get { return (KeySizes[])keySizes.Clone(); }

        // Modify the KeySizeValue property inherited from the Asymmetric
        // class. Prior to setting the value, ensure it falls within the
        // range identified in the local keySizes member variable.
        public override int KeySize 
            get { return KeySizeValue; }
                for (int i=0; i < keySizes.Length; i++)
                    if (keySizes[i].SkipSize == 0) 
                        if (keySizes[i].MinSize == value)
                            KeySizeValue = value;
                        for (int j = keySizes[i].MinSize;
                            j <= keySizes[i].MaxSize;
                            j += keySizes[i].SkipSize)
                            if (j == value)
                                KeySizeValue = value;

                // If the key does not fall within the range identified 
                // in the keySizes member variable, throw an exception.
                throw new CryptographicException("Invalid key size.");

        // Initialize the parameters with default values.
        public void InitializeParameters()
            cspParameters = new CspParameters();
            cspParameters.ProviderName = "Contoso";
            cspParameters.KeyContainerName = "SecurityBin1";
            cspParameters.KeyNumber = 1;
            cspParameters.ProviderType = 2;

        // Parse specified xmlString for values to populate the CspParams
        // Expected XML schema:
        //      <ProviderName></ProviderName>
        //      <KeyContainerName></KeyContainerName>
        //      <KeyNumber></KeyNumber>
        //      <ProviderType></ProviderType>
        public override void FromXmlString(string xmlString)
            if (xmlString != null)
                XmlDocument doc = new XmlDocument();
                XmlNode firstNode = doc.FirstChild;
                XmlNodeList nodeList;

                // Assemble parameters from values in each XML element.
                cspParameters = new CspParameters();

                // KeyContainerName is optional.
                nodeList = doc.GetElementsByTagName("KeyContainerName");
                string keyName = nodeList.Item(0).InnerText;
                if (keyName != null) 
                    cspParameters.KeyContainerName = keyName;

                // KeyNumber is optional.
                nodeList = doc.GetElementsByTagName("KeyNumber");
                string keyNumber = nodeList.Item(0).InnerText;
                if (keyNumber != null) 
                    cspParameters.KeyNumber = Int32.Parse(keyNumber);

                // ProviderName is optional.
                nodeList = doc.GetElementsByTagName("ProviderName");
                string providerName = nodeList.Item(0).InnerText;
                if (providerName != null) 
                    cspParameters.ProviderName = providerName;

                // ProviderType is optional.
                nodeList = doc.GetElementsByTagName("ProviderType");
                string providerType = nodeList.Item(0).InnerText;
                if (providerType != null) 
                    cspParameters.ProviderType = Int32.Parse(providerType);
                throw new ArgumentNullException("xmlString");

        // Create an XML string representation of the parameters in the
        // current customCrypto object.
        public override string ToXmlString(bool includePrivateParameters)
            string keyContainerName = "";
            string keyNumber = "";
            string providerName = "";
            string providerType = "";

            if (cspParameters != null)
                keyContainerName = cspParameters.KeyContainerName;
                keyNumber = cspParameters.KeyNumber.ToString();
                providerName = cspParameters.ProviderName;
                providerType = cspParameters.ProviderType.ToString();

            StringBuilder sb = new StringBuilder();






        // Return the name for the key exchange algorithm.
        public override string KeyExchangeAlgorithm
            get {return "RSA-PKCS1-KeyEx";}

        // Retrieves the name of the signature alogrithm.
        // This example uses the SHA1 algorithm.
        // Due to collision problems with SHA1, Microsoft recommends SHA256 or better.
        public override string SignatureAlgorithm 
            get {return "http://www.w3.org/2000/09/xmldsig#rsa-sha1";}

        // Required member for implementing the AsymmetricAlgorithm class.
        protected override void Dispose(bool disposing) {}

        // Call the Create method using the CustomCrypto assembly name.
        // The create function attempts to create a CustomCrypto object using
        // the assembly name. This functionality requires modification of the
        // machine.config file. Add the following section to the configuration
        // element and modify the values of the cryptoClass to reflect what is
        // installed in your machines GAC.
        //        <cryptoClass CustomCrypto="Contoso.CustomCrypto, 
        //          CustomCrypto, 
        //          Culture=neutral, 
        //          PublicKeyToken=fdb9f9c4851028bf, 
        //          Version=1.0.1448.27640" />
        //      <nameEntry name="Contoso.CustomCrypto" class="CustomCrypto" />
        //      <nameEntry name="CustomCrypto" class="CustomCrypto" />
        new static public CustomCrypto Create() 
            return Create("CustomCrypto");

        // Create a CustomCrypto object by calling CrytoConfig's
        // CreateFromName method and casting the type to CustomCrypto.
        // The create function attempts to create a CustomCrypto object using
        // the assembly name. This functionality requires modification of the
        // machine.config file. Add the following section to the configuration
        // element and modify the values of the cryptoClass to reflect what is
        // installed in your machines GAC.
        //       <cryptoClass CustomCrypto="Contoso.CustomCrypto, 
        //         CustomCrypto, 
        //         Culture=neutral, 
        //         PublicKeyToken=fdb9f9c4851028bf, 
        //         Version=1.0.1448.27640" />
        //     <nameEntry name="Contoso.CustomCrypto" class="CustomCrypto" />
        //     <nameEntry name="CustomCrypto" class="CustomCrypto" />
        new static public CustomCrypto Create(String algorithmName) 
            return (CustomCrypto) CryptoConfig.CreateFromName(algorithmName);
    class CustomCryptoImpl
        static void Main(string[] args)
            // Construct a CustomCrypto object and initialize its
            // CspParameters.
            CustomCrypto customCrypto = new CustomCrypto();

            // Display properties of the current customCrypto object.
            Console.WriteLine("*** CustomCrypto created with default " + 

            // Release all the resources used by this instance of 
            // CustomCrytpo.

            customCrypto = new CustomCrypto(64);
            // Create new parameters and set them by using the FromXmlString
            // method.
            string parameterXml = "<CustomCryptoKeyValue>";
            parameterXml += "<ProviderName>Contoso</ProviderName>";
            parameterXml += "<KeyContainerName>SecurityBin2";
            parameterXml += "</KeyContainerName>";
            parameterXml += "<KeyNumber>1</KeyNumber>";
            parameterXml += "<ProviderType>2</ProviderType>";
            parameterXml += "</CustomCryptoKeyValue>";

            // Display the properties of a customCrypto object created with
            // custom parameters.
            Console.WriteLine("\n*** " + 
                "CustomCrypto created with custom parameters:");

            // Create an object by using the assembly name.
                CustomCrypto myCryptoA = CustomCrypto.Create("CustomCrypto");
                if (myCryptoA != null)
                    Console.Write("\n*** " + 
                        "Successfully created CustomCrytpo from");
                    Console.WriteLine(" the Create method.");

                    Console.Write("Unable to create CustomCrytpo from ");
                    Console.WriteLine(" the Create method.");
            catch (Exception ex)
            Console.WriteLine("This sample completed successfully; " +
                "press Enter to exit.");
        // Display the properties of the specified CustomCrypto object to the
        // console.
        public static void DisplayProperties(CustomCrypto customCrypto)
                // Retrieve the class description for the customCrypto object.
                string classDescription = customCrypto.ToString();

                Console.Write("KeyExchangeAlgorithm: ");
                Console.Write("SignatureAlgorithm: ");
                Console.WriteLine("KeySize: " + customCrypto.KeySize);
                Console.WriteLine("Parameters described in Xml format:");

                // Display the MinSize, MaxSize, and SkipSize properties of 
                // each KeySize item in the local keySizes member variable.
                KeySizes[] legalKeySizes = customCrypto.LegalKeySizes;
                if (legalKeySizes.Length > 0)
                    for (int i=0; i < legalKeySizes.Length; i++)
                        Console.Write("Keysize" + i + " min, max, step: ");
                        Console.Write(legalKeySizes[i].MinSize + ", ");
                        Console.Write(legalKeySizes[i].MaxSize + ", ");
                        Console.WriteLine(legalKeySizes[i].SkipSize + ", ");
            catch (Exception ex)
                Console.WriteLine("Caught unexpected exception: " + 
// This sample produces the following output:
// *** CustomCrypto created with default parameters:
// Contoso.vbCustomCrypto
// KeyExchangeAlgorithm: RSA-PKCS1-KeyEx
// SignatureAlgorithm: http://www.w3.org/2000/09/xmldsig#rsa-sha1
// KeySize: 8
// Parameters described in Xml format:
// <CustomCryptoKeyValue><KeyContainerName>SecurityBin1</KeyContainerName>
// <KeyNumber>1</KeyNumber><ProviderName>Contoso</ProviderName>
// <ProviderType>2</ProviderType></CustomCryptoKeyValue>
// Keysize0 min, max, step: 8, 64, 8, 
// *** CustomCrypto created with custom parameters:
// Contoso.vbCustomCrypto
// KeyExchangeAlgorithm: RSA-PKCS1-KeyEx
// SignatureAlgorithm: http://www.w3.org/2000/09/xmldsig#rsa-sha1
// KeySize: 64
// Parameters described in Xml format:
// <CustomCryptoKeyValue><KeyContainerName>SecurityBin2</KeyContainerName>
// <KeyNumber>1</KeyNumber><ProviderName>Contoso</ProviderName>
// <ProviderType>2</ProviderType></CustomCryptoKeyValue>
// Keysize0 min, max, step: 8, 64, 8, 
// Unable to create CustomCrytpo from  the Create method
// This sample completed successfully; press Exit to continue.

Here's an additional class that demonstrates how to use the custom class.

    class CustomCryptoImpl
        static void Main(string[] args)
            // Construct a CustomCrypto object and initialize its
            // CspParameters.
            CustomCrypto customCrypto = new CustomCrypto();

            // Display properties of the current customCrypto object.
            Console.WriteLine("*** CustomCrypto created with default " + 

            // Release all the resources used by this instance of 
            // CustomCrytpo.

            customCrypto = new CustomCrypto(64);
            // Create new parameters and set them by using the FromXmlString
            // method.
            string parameterXml = "<CustomCryptoKeyValue>";
            parameterXml += "<ProviderName>Contoso</ProviderName>";
            parameterXml += "<KeyContainerName>SecurityBin2";
            parameterXml += "</KeyContainerName>";
            parameterXml += "<KeyNumber>1</KeyNumber>";
            parameterXml += "<ProviderType>2</ProviderType>";
            parameterXml += "</CustomCryptoKeyValue>";

            // Display the properties of a customCrypto object created with
            // custom parameters.
            Console.WriteLine("\n*** " + 
                "CustomCrypto created with custom parameters:");

            // Create an object by using the assembly name.
                CustomCrypto myCryptoA = CustomCrypto.Create("CustomCrypto");
                if (myCryptoA != null)
                    Console.Write("\n*** " + 
                        "Successfully created CustomCrytpo from");
                    Console.WriteLine(" the Create method.");

                    Console.Write("Unable to create CustomCrytpo from ");
                    Console.WriteLine(" the Create method.");
            catch (Exception ex)
            Console.WriteLine("This sample completed successfully; " +
                "press Enter to exit.");
        // Display the properties of the specified CustomCrypto object to the
        // console.
        public static void DisplayProperties(CustomCrypto customCrypto)
                // Retrieve the class description for the customCrypto object.
                string classDescription = customCrypto.ToString();

                Console.Write("KeyExchangeAlgorithm: ");
                Console.Write("SignatureAlgorithm: ");
                Console.WriteLine("KeySize: " + customCrypto.KeySize);
                Console.WriteLine("Parameters described in Xml format:");

                // Display the MinSize, MaxSize, and SkipSize properties of 
                // each KeySize item in the local keySizes member variable.
                KeySizes[] legalKeySizes = customCrypto.LegalKeySizes;
                if (legalKeySizes.Length > 0)
                    for (int i=0; i < legalKeySizes.Length; i++)
                        Console.Write("Keysize" + i + " min, max, step: ");
                        Console.Write(legalKeySizes[i].MinSize + ", ");
                        Console.Write(legalKeySizes[i].MaxSize + ", ");
                        Console.WriteLine(legalKeySizes[i].SkipSize + ", ");
            catch (Exception ex)
                Console.WriteLine("Caught unexpected exception: " + 
// This sample produces the following output:
// *** CustomCrypto created with default parameters:
// Contoso.vbCustomCrypto
// KeyExchangeAlgorithm: RSA-PKCS1-KeyEx
// SignatureAlgorithm: http://www.w3.org/2000/09/xmldsig#rsa-sha1
// KeySize: 8
// Parameters described in Xml format:
// <CustomCryptoKeyValue><KeyContainerName>SecurityBin1</KeyContainerName>
// <KeyNumber>1</KeyNumber><ProviderName>Contoso</ProviderName>
// <ProviderType>2</ProviderType></CustomCryptoKeyValue>
// Keysize0 min, max, step: 8, 64, 8, 
// *** CustomCrypto created with custom parameters:
// Contoso.vbCustomCrypto
// KeyExchangeAlgorithm: RSA-PKCS1-KeyEx
// SignatureAlgorithm: http://www.w3.org/2000/09/xmldsig#rsa-sha1
// KeySize: 64
// Parameters described in Xml format:
// <CustomCryptoKeyValue><KeyContainerName>SecurityBin2</KeyContainerName>
// <KeyNumber>1</KeyNumber><ProviderName>Contoso</ProviderName>
// <ProviderType>2</ProviderType></CustomCryptoKeyValue>
// Keysize0 min, max, step: 8, 64, 8, 
// Unable to create CustomCrytpo from  the Create method
// This sample completed successfully; press Exit to continue.


Asymmetric cryptographic algorithms, also known as public-key algorithms, require that both sender and receiver maintain a pair of related keys: a private key and a public key. Both keys are unique to the entity. The public key can be made available to anyone; this key is used for encoding data that is sent to a receiver. The private key must be kept private by the receiver; this key is used for decoding messages encoded using the receiver's public key. The RSACryptoServiceProvider class is an implementation of a public-key algorithm. For an in-depth discussion of public-key encryption and algorithms, see the "Public-Key Encryption" section in Cryptographic Services. For information about how to use the Strong Name tool (Sn.exe) to create key pairs, see How to: Create a Public-Private Key Pair.

You can use public-key systems to form digital signatures. Digital signatures are used to help to protect the integrity of data. For example, to use a public-key system to digitally sign a message, the sender first applies a hash function to the message to create a message digest. The sender then encrypts the message digest with the sender's private key to create the sender's personal signature. Upon receiving the message and signature, the receiver decrypts the signature using the sender's public key to recover the message digest and hashes the message using the same hash algorithm that the sender used. If the message digest that the receiver computes matches the message digest received from the sender, the receiver can assume that the message was not altered while in transit. Note that anyone can verify a signature, because the sender's public key is common knowledge. This technique does not retain the secrecy of the message; for the message to be secret, it must also be encrypted.

The .NET Framework provides the following classes that implement digital signature algorithms: DSACryptoServiceProvider, RSACryptoServiceProvider, ECDsa (base class), and ECDsaCng.

The System.Security.Cryptography namespace provides concrete classes for RSA and DSA only.

To learn how to use the RSA algorithm to encrypt and decrypt XML data, and create and verify XML digital signatures, see these articles:



Initializes a new instance of the AsymmetricAlgorithm class.



Represents the size, in bits, of the key modulus used by the asymmetric algorithm.


Specifies the key sizes that are supported by the asymmetric algorithm.



When overridden in a derived class, gets the name of the key exchange algorithm. Otherwise, throws an NotImplementedException.


Gets or sets the size, in bits, of the key modulus used by the asymmetric algorithm.


Gets the key sizes that are supported by the asymmetric algorithm.


When implemented in a derived class, gets the name of the signature algorithm. Otherwise, always throws a NotImplementedException.



Releases all resources used by the AsymmetricAlgorithm class.


Creates a default cryptographic object used to perform the asymmetric algorithm.


Creates an instance of the specified implementation of an asymmetric algorithm.


Releases all resources used by the current instance of the AsymmetricAlgorithm class.


Releases the unmanaged resources used by the AsymmetricAlgorithm class and optionally releases the managed resources.


Determines whether the specified object is equal to the current object.

(Inherited from Object)
ExportEncryptedPkcs8PrivateKey(ReadOnlySpan<Byte>, PbeParameters)

Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a byte-based password.

ExportEncryptedPkcs8PrivateKey(ReadOnlySpan<Char>, PbeParameters)

Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a char-based password.

ExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan<Byte>, PbeParameters)

Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a byte-based password, PEM encoded.

ExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan<Char>, PbeParameters)

Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a char-based password, PEM encoded.


Exports the current key in the PKCS#8 PrivateKeyInfo format.


Exports the current key in the PKCS#8 PrivateKeyInfo format, PEM encoded.


Exports the public-key portion of the current key in the X.509 SubjectPublicKeyInfo format.


Exports the public-key portion of the current key in the X.509 SubjectPublicKeyInfo format, PEM encoded.


When overridden in a derived class, reconstructs an AsymmetricAlgorithm object from an XML string. Otherwise, throws a NotImplementedException.


Serves as the default hash function.

(Inherited from Object)

Gets the Type of the current instance.

(Inherited from Object)
ImportEncryptedPkcs8PrivateKey(ReadOnlySpan<Byte>, ReadOnlySpan<Byte>, Int32)

When overridden in a derived class, imports the public/private keypair from a PKCS#8 EncryptedPrivateKeyInfo structure after decrypting with a byte-based password, replacing the keys for this object.

ImportEncryptedPkcs8PrivateKey(ReadOnlySpan<Char>, ReadOnlySpan<Byte>, Int32)

When overridden in a derived class, imports the public/private keypair from a PKCS#8 EncryptedPrivateKeyInfo structure after decrypting with a char-based password, replacing the keys for this object.

ImportFromEncryptedPem(ReadOnlySpan<Char>, ReadOnlySpan<Byte>)

When overridden in a derived class, imports an encrypted RFC 7468 PEM-encoded key, replacing the keys for this object.

ImportFromEncryptedPem(ReadOnlySpan<Char>, ReadOnlySpan<Char>)

When overridden in a derived class, imports an encrypted RFC 7468 PEM-encoded key, replacing the keys for this object.


When overridden in a derived class, imports an RFC 7468 textually encoded key, replacing the keys for this object.

ImportPkcs8PrivateKey(ReadOnlySpan<Byte>, Int32)

When overriden in a derived class, imports the public/private keypair from a PKCS#8 PrivateKeyInfo structure after decryption, replacing the keys for this object.

ImportSubjectPublicKeyInfo(ReadOnlySpan<Byte>, Int32)

When overriden in a derived class, imports the public key from an X.509 SubjectPublicKeyInfo structure after decryption, replacing the keys for this object.


Creates a shallow copy of the current Object.

(Inherited from Object)

Returns a string that represents the current object.

(Inherited from Object)

When overridden in a derived class, creates and returns an XML string representation of the current AsymmetricAlgorithm object. Otherwise, throws a NotImplementedException.

TryExportEncryptedPkcs8PrivateKey(ReadOnlySpan<Byte>, PbeParameters, Span<Byte>, Int32)

When overridden in a derived class, attempts to export the current key in the PKCS#8 EncryptedPrivateKeyInfo format into a provided buffer, using a byte-based password.

TryExportEncryptedPkcs8PrivateKey(ReadOnlySpan<Char>, PbeParameters, Span<Byte>, Int32)

When overriden in a derived class, attempts to export the current key in the PKCS#8 EncryptedPrivateKeyInfo format into a provided buffer, using a char-based password.

TryExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan<Byte>, PbeParameters, Span<Char>, Int32)

Attempts to export the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a byte-based password, PEM encoded.

TryExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan<Char>, PbeParameters, Span<Char>, Int32)

Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a char-based password, PEM encoded.

TryExportPkcs8PrivateKey(Span<Byte>, Int32)

When overridden in a derived class, attempts to export the current key in the PKCS#8 PrivateKeyInfo format into a provided buffer.

TryExportPkcs8PrivateKeyPem(Span<Char>, Int32)

Attempts to export the current key in the PEM-encoded PKCS#8 PrivateKeyInfo format into a provided buffer.

TryExportSubjectPublicKeyInfo(Span<Byte>, Int32)

When overridden in a derived class, attempts to export the current key in the X.509 SubjectPublicKeyInfo format into a provided buffer.

TryExportSubjectPublicKeyInfoPem(Span<Char>, Int32)

Attempts to export the current key in the PEM-encoded X.509 SubjectPublicKeyInfo format into a provided buffer.

Explicit Interface Implementations


This API supports the product infrastructure and is not intended to be used directly from your code.

For a description of this member, see Dispose().

Applies to

Termék Verziók
.NET Core 1.0, Core 1.1, Core 2.0, Core 2.1, Core 2.2, Core 3.0, Core 3.1, 5, 6, 7, 8, 9, 10
.NET Framework 1.1, 2.0, 3.0, 3.5, 4.0, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8, 4.8.1
.NET Standard 1.3, 1.4, 1.6, 2.0, 2.1

See also