RC 's Code Snippets: Simple C# RSA Encryption Class

Well, you can figure this out yourself, use it if you like, tell me how much it sucks, what ever you want.

What it does is takes data and encrypts it using DES encryption and then encrypts the DES Keys using RSA and stores everything in an XML string to be saved for later decryption. There are also classes to hold the encrypted data and to create and save the RSA keys. This seems to be a pretty good solution for encrypting data or files.

I wrote this code and am now posting it because I did not find any simple snippets on the web for encrypting data in C#. Everything seemed too complicated or was not robust enough. I am sure that many people may have problems with this code or the lack of explaination in the code, but oh well... Its here for those who want to look it over. Remember, use at your own risk!

Code:

using System;
using System.Xml;
using System.Security.Cryptography;
using System.Text;
using System.IO;

namespace SimpleEncryption 
{
   public class Crypto
   {
      private RSACryptoServiceProvider rsa;

/// Loads the new object using an xml string that contains the key info
      public Crypto(string keyXml)
      {
         rsa = new RSACryptoServiceProvider();
         rsa.FromXmlString(keyXml);
      }

/// Loads the new object using an xml string or file that contains the key info
      /// loadFromFile: true if keyXmlOrFilePath is a path to an xml file with the key info
      public Crypto(string keyXmlOrFilePath, bool loadFromFile) 
      {
         rsa = new RSACryptoServiceProvider(1024);

if(loadFromFile) 
         {
            TextReader reader = File.OpenText(keyXmlOrFilePath);
            rsa.FromXmlString(reader.ReadToEnd());
            reader.Close();
         }
         else 
         {
            rsa.FromXmlString(keyXmlOrFilePath);
         }
      }

/// Encrypts the data using DES with A new IV and Key, then encrypts
      /// the IV and Key with RSA encryption.
      public EncryptedDataInfo Encrypt(string data) 
      {
         string encIV;
         string encKey;
         string encData;

ICryptoTransform encryptor;
         CryptoStream cStream;
         MemoryStream mStream = new MemoryStream();

try 
         {
            DESCryptoServiceProvider des = new DESCryptoServiceProvider();
            des.GenerateIV();
            des.GenerateKey();

encIV = Convert.ToBase64String(rsa.Encrypt(des.IV, false));
            encKey = Convert.ToBase64String(rsa.Encrypt(des.Key, false));

encryptor = des.CreateEncryptor(des.Key, des.IV);
            cStream = new CryptoStream(mStream, encryptor, CryptoStreamMode.Write);

byte[] bytesIn = Encoding.ASCII.GetBytes(data);

cStream.Write(bytesIn, 0, bytesIn.Length);
            cStream.FlushFinalBlock();
            cStream.Close();

byte[] bytesOut = mStream.ToArray();
            mStream.Close();

encData = Convert.ToBase64String(bytesOut);

return new EncryptedDataInfo(encData, encIV, encKey);
         }
         catch(Exception ex) 
         {
            mStream.Close();
            throw ex;
         }
      }

/// Decrypts data from a xml representation of an EncryptedDataInfo object
      public string Decrypt(string encryptedDataInfoXml) 
      {
         return Decrypt(new EncryptedDataInfo(encryptedDataInfoXml));
      }

/// Decrypts data from an EncryptedDataInfo object
      public string Decrypt(EncryptedDataInfo encryptedDataInfo) 
      {
         return Decrypt(encryptedDataInfo.EncryptedData, encryptedDataInfo.EncryptedKey, encryptedDataInfo.EncryptedIV);
      }

/// Decrypts the Key and IV using RSA and then decrypts the data using DES
      public string Decrypt(string encryptedData, string encryptedKey, string encryptedIV) 
      {
         string returnValue;

byte[] iv = rsa.Decrypt(Convert.FromBase64String(encryptedIV), false);
         byte[] key = rsa.Decrypt(Convert.FromBase64String(encryptedKey), false);
         byte[] data = Convert.FromBase64String(encryptedData);

MemoryStream mStream = new MemoryStream(data);

DESCryptoServiceProvider des = new DESCryptoServiceProvider();
         ICryptoTransform decryptor = des.CreateDecryptor(key, iv);

CryptoStream cStream = new CryptoStream(mStream, decryptor, CryptoStreamMode.Read);
         StreamReader reader = new StreamReader(cStream);

returnValue = reader.ReadToEnd();

reader.Close();
         mStream.Close();
         cStream.Close();

return returnValue;
      } // Crypto

/// Container for encrypted data
      public class EncryptedDataInfo
      {
         private string encData;
         private string encIV;
         private string encKey;

public EncryptedDataInfo(string encryptedData, string encryptedIV, string encryptedKey) 
         {
            encData = encryptedData;
            encIV = encryptedIV;
            encKey = encryptedKey;
         }

public EncryptedDataInfo(string encryptedDataInfoXml) 
         {
            XmlDocument xml = new XmlDocument();
            xml.LoadXml(encryptedDataInfoXml);

encData = xml.SelectSingleNode(@"/EncryptedDataInfo/EncryptedData").InnerText;
            encIV = xml.SelectSingleNode(@"/EncryptedDataInfo/EncryptedIV").InnerText;
            encKey = xml.SelectSingleNode(@"/EncryptedDataInfo/EncryptedKey").InnerText;
         }

public string ToXml() 
         {
            XmlDocument xml = new XmlDocument();
            XmlElement root = xml.CreateElement("EncryptedDataInfo");
            XmlElement data = xml.CreateElement("EncryptedData");
            XmlElement iv = xml.CreateElement("EncryptedIV");
            XmlElement key = xml.CreateElement("EncryptedKey");

data.InnerText = encData;
            iv.InnerText = encIV;
            key.InnerText = encKey;

root.AppendChild((XmlNode)data);
            root.AppendChild((XmlNode)iv);
            root.AppendChild((XmlNode)key);
            xml.AppendChild((XmlNode)root);

return xml.OuterXml;
         }

public override string ToString()
         {
            return ToXml();
         }

public string EncryptedData { get { return encData; } }
         public string EncryptedIV { get { return encIV; } }
         public string EncryptedKey { get { return encKey; } }
      } //EncryptedDataInfo

/// Used to create and save new keys
      public class RSAKeyCreator 
      {
         private string publicKeyXml;
         private string privateKeyXml;

public RSAKeyCreator() 
         {
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(1024);
            publicKeyXml = rsa.ToXmlString(false);
            privateKeyXml = rsa.ToXmlString(true);
         }

public RSAKeyCreator(int keySize) 
         {
            RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(keySize);
            publicKeyXml = rsa.ToXmlString(false);
            privateKeyXml = rsa.ToXmlString(true);
         }

public void SavePublicKeyToFile(string filePath) 
         {
            TextWriter writer = File.CreateText(filePath);
            writer.Write(publicKeyXml);
            writer.Flush();
            writer.Close();
         }

public void SavePrivateKeyToFile(string filePath) 
         {
            TextWriter writer = File.CreateText(filePath);
            writer.Write(privateKeyXml);
            writer.Flush();
            writer.Close();
         }

public string PublicKeyXml { get { return publicKeyXml; } }
         public string PrivateKeyXml { get { return privateKeyXml; } }
      } // RSAKeyCreator
   } 
}

8 Comments:

At 9/12/2005 12:15 AM , Anonymous said...: Would you mind posting a small code showing how to use this classes?
At 9/13/2005 10:44 PM , quamtar said...: Usage:

To Create the public and private key and save them to a file:

SimpleEncryption.RSAEncryptor.RSAKeyCreator rkc = new SimpleEncryption.RSAEncryptor.RSAKeyCreator();
rkc.SavePrivateKeyToFile(privateKeyFilePath);
rkc.SavePublicKeyToFile(publicKeyFilePath);

Note: private key can decrypt and encrypt, but the public key can only encrypt.

To use the class:

SimpleEncryption.RSAEncryptor rsa = new SimpleEncryption.RSAEncryptor(pathToKeyFile);
rsa.Encrypt(data);
rsa.Decrypt(data);

I hope this helps.
At 9/16/2005 4:17 AM , Anonymous said...: I thought one of uses of asymmetric encryption WAS the ability to encrypt with the private key and deccrypt with the associateed public key (which is what I need). The code for this scenario will run OK in .Net 1.1, but not .Net 2.0

ANy ideas on how to achieve the above? Fiddling with the array of properties changes the exception message at best.
At 9/16/2005 5:40 PM , quamtar said...: I believe that you are incorrect, decrypting data with a public key would not provide any protection at all. The information needed to decrypt can also be used to encrypt the data. If this key is made public then the data will not be secure.

If two systems want to communicate with each other, they will trade public keys and use the recievers key to encrypt the data and their own private key to decrypt.

As far as this not working in 2.0, I don't know what to tell you. It's an old class and I have not tried it.
At 12/24/2005 5:11 AM , charlie said...: Traditionally you give out the Encryption key and keep the Decryption key private. Thats how you stop others reading the data.

However for digital sigunatures you simply give out the decryption key and keep the encryption one private. Enabling anyone to verify the signature, but only you can create it.

It all depeneds what you want to use it for, as to which key is the public nad which is the private.

Just remember you have to keep one of them secret. So if you need to encrypt the data and digitally sign it, u need two key pairs. Hope that helps.
At 12/24/2005 5:21 AM , charlie said...: One other thing. Due to recent advances in breaking DES, it is ragarded as past its usful life. If you have any very sensative data you should use AES.

AES is also avalible in the framework, although its 100% managed code so its not the fastest implementation on the planet.

DES will stop praying eyes, but any thing that needs more security should no longer use DES. AES can use upto 256 bit keys.

I remember reading somewhere that current top supper computers would take 4 billion years to try every combination of a 256bit AES key. So AES should be good for a few users more of the prossor performance wars.
At 2/28/2006 12:16 PM , Anonymous said...: can u help me out by posting a small code snippet to achieve multi-level encryption, ie; for eg, using the encrypted data produced by one algothirm as input for performing another level of encryption. take the order as RC4 alog' n RSA algo'
At 3/29/2007 5:20 PM , Anonymous said...: Thanks so much for posting this! It helped me out alot since i was having a hard time with the key generation and how to use them - this completely simplified everything and reduced a lot of stress for me! By the way, I was able to use this sample in asp.net 2.0 with no problems and updated your sample to use tripple DES for added security - works great!

Links to this post:

<$BlogBacklinkTitle$>: <$BlogBacklinkSnippet$>
<$I18NPostedByBacklinkAuthor$> @ <$BlogBacklinkDateTime$>

Create a Link

<< Home

RC 's Code Snippets

Wednesday, May 25, 2005

Simple C# RSA Encryption Class

8 Comments:

Links to this post:

Previous Posts