Mã hóa dữ liệu (edit)
- Mã hóa cổ điển
- Mã hóa một chiều
- Mã hóa đối xứng
- Mã hóa bất đối xứng
Tổng quan các loại thuật toán mã hoá dữ liệu - TEDU
Tham khảo ở đây: https://tedu.com.vn/bao-mat/tong-quan-cac-loai-thuat-toan-ma-hoa-du-lieu-106.html
- Mã hóa cổ điển: Ví dụ "Di hoc ve" thành "Ek ipd xg"
- Mã hóa một chiều: Chỉ có thể mã hóa chứ không thể giải mã, sử dụng một hàm băm (hash function), thuật toán hay sử dụng là MD5 và SHA.
- Mã hóa đối xứng: Hay còn gọi là mã hóa khóa bí mật là phương pháp mã hóa mà key mã hóa và key giải mã là như nhau, thuật toán hay sử dụng DES, AES.
- Mã hóa bất đối xứng: Ứng dụng chính của mã hóa bất đối xứng là dùng để bảo mật secret key cho mã hóa đối xứng, thuật toán hay sử dụng là RSA
Và ở đây: https://tinhte.vn/threads/tim-hieu-ve-ma-hoa-theo-kieu-binh-dan.2532192/
Ultimate Javascript Object Signing and Encryption (JOSE) and JSON Web Token (JWT) Implementation for .NET and .NET Core
Implementation of the RSA algorithm in C#
RSA Algorithm With C#
https://www.c-sharpcorner.com/UploadFile/75a48f/rsa-algorithm-with-C-Sharp2/
OpenSSL
https://askubuntu.com/questions/848471/generating-signing-and-verifying-digital-certificates
Can RSACryptoServiceProvider (.NET's RSA) use SHA256 for encryption (not signing) instead of SHA1?
How can I sign a file using RSA and SHA256 with .NET?
https://stackoverflow.com/questions/7444586/how-can-i-sign-a-file-using-rsa-and-sha256-with-net
C# – How to fix “Invalid algorithm specified” when signing with SHA256
http://hintdesk.com/2011/07/29/c-how-to-fix-invalid-algorithm-specified-when-signing-with-sha256/
Using RSACryptoServiceProvider for RSA-SHA256 signatures
Mã hóa dữ liệu với public key và private key sử dụng OpenSSL
openssl genrsa -des3 -out private.pem 2048 $123@_ openssl rsa -in private.pem -outform PEM -pubout -out public.pem openssl rsa -in private.pem -out private_unencrypted.pem -outform PEM
Hướng dẫn
https://rietta.com/blog/2012/01/27/openssl-generating-rsa-key-from-command/
http://manhng.com/blog/ma-hoa-du-lieu/
Download OpenSSL
https://sourceforge.net/projects/opensslui/?source=typ_redirect
https://sourceforge.net/projects/openssl/?source=typ_redirect
Code sử dụng Private key & Public key
using System;
using System.IO;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Cryptography;
using System.Text;
namespace VASJ.BI.ConsoleApp
{
internal class Program
{
private static void Main(string[] args)
{
string partnerCode = "text123";
var util = new RSACryptography();
RSACryptoServiceProvider readFilePrivateKey = PemKeyUtils.GetRSAProviderFromPemFile("private_unencrypted.pem");
RSACryptoServiceProvider readFilePublicKey = PemKeyUtils.GetRSAProviderFromPemFile("public.pem");
string cache_value_privateKey = readFilePrivateKey.ToXmlString(true);
string cache_value_publicKey = readFilePublicKey.ToXmlString(false);
string encode = util.Encrypt(cache_value_publicKey, partnerCode);
string decode = util.Decrypt(cache_value_privateKey, encode);
Console.WriteLine("");
}
}
public static class PemKeyUtils
{
private const String pemprivheader = "-----BEGIN RSA PRIVATE KEY-----";
private const String pemprivfooter = "-----END RSA PRIVATE KEY-----";
private const String pempubheader = "-----BEGIN PUBLIC KEY-----";
private const String pempubfooter = "-----END PUBLIC KEY-----";
private const String pemp8header = "-----BEGIN PRIVATE KEY-----";
private const String pemp8footer = "-----END PRIVATE KEY-----";
private const String pemp8encheader = "-----BEGIN ENCRYPTED PRIVATE KEY-----";
private const String pemp8encfooter = "-----END ENCRYPTED PRIVATE KEY-----";
private static bool verbose = false;
public static RSACryptoServiceProvider GetRSAProviderFromPemFile(String pemfile)
{
bool isPrivateKeyFile = true;
string pemstr = File.ReadAllText(pemfile).Trim();
if (pemstr.StartsWith(pempubheader) && pemstr.EndsWith(pempubfooter))
isPrivateKeyFile = false;
byte[] pemkey;
if (isPrivateKeyFile)
pemkey = DecodeOpenSSLPrivateKey(pemstr);
else
pemkey = DecodeOpenSSLPublicKey(pemstr);
if (pemkey == null)
return null;
if (isPrivateKeyFile)
return DecodeRSAPrivateKey(pemkey);
else
return DecodeX509PublicKey(pemkey);
}
//-------- Get the binary RSA PUBLIC key --------
private static byte[] DecodeOpenSSLPublicKey(String instr)
{
const String pempubheader = "-----BEGIN PUBLIC KEY-----";
const String pempubfooter = "-----END PUBLIC KEY-----";
String pemstr = instr.Trim();
byte[] binkey;
if (!pemstr.StartsWith(pempubheader) || !pemstr.EndsWith(pempubfooter))
return null;
StringBuilder sb = new StringBuilder(pemstr);
sb.Replace(pempubheader, ""); //remove headers/footers, if present
sb.Replace(pempubfooter, "");
String pubstr = sb.ToString().Trim(); //get string after removing leading/trailing whitespace
try
{
binkey = Convert.FromBase64String(pubstr);
}
catch (System.FormatException)
{//if can't b64 decode, data is not valid
return null;
}
return binkey;
}
private static RSACryptoServiceProvider DecodeX509PublicKey(byte[] x509Key)
{
// encoded OID sequence for PKCS #1 rsaEncryption szOID_RSA_RSA = "1.2.840.113549.1.1.1"
byte[] seqOid = { 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00 };
// --------- Set up stream to read the asn.1 encoded SubjectPublicKeyInfo blob ------
using (var mem = new MemoryStream(x509Key))
{
using (var binr = new BinaryReader(mem)) //wrap Memory Stream with BinaryReader for easy reading
{
try
{
var twobytes = binr.ReadUInt16();
switch (twobytes)
{
case 0x8130:
binr.ReadByte(); //advance 1 byte
break;
case 0x8230:
binr.ReadInt16(); //advance 2 bytes
break;
default:
return null;
}
var seq = binr.ReadBytes(15);
if (!CompareBytearrays(seq, seqOid)) //make sure Sequence for OID is correct
return null;
twobytes = binr.ReadUInt16();
if (twobytes == 0x8103) //data read as little endian order (actual data order for Bit String is 03 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8203)
binr.ReadInt16(); //advance 2 bytes
else
return null;
var bt = binr.ReadByte();
if (bt != 0x00) //expect null byte next
return null;
twobytes = binr.ReadUInt16();
if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8230)
binr.ReadInt16(); //advance 2 bytes
else
return null;
twobytes = binr.ReadUInt16();
byte lowbyte = 0x00;
byte highbyte = 0x00;
if (twobytes == 0x8102) //data read as little endian order (actual data order for Integer is 02 81)
lowbyte = binr.ReadByte(); // read next bytes which is bytes in modulus
else if (twobytes == 0x8202)
{
highbyte = binr.ReadByte(); //advance 2 bytes
lowbyte = binr.ReadByte();
}
else
return null;
byte[] modint = { lowbyte, highbyte, 0x00, 0x00 }; //reverse byte order since asn.1 key uses big endian order
int modsize = BitConverter.ToInt32(modint, 0);
byte firstbyte = binr.ReadByte();
binr.BaseStream.Seek(-1, SeekOrigin.Current);
if (firstbyte == 0x00)
{ //if first byte (highest order) of modulus is zero, don't include it
binr.ReadByte(); //skip this null byte
modsize -= 1; //reduce modulus buffer size by 1
}
byte[] modulus = binr.ReadBytes(modsize); //read the modulus bytes
if (binr.ReadByte() != 0x02) //expect an Integer for the exponent data
return null;
int expbytes = binr.ReadByte(); // should only need one byte for actual exponent data (for all useful values)
byte[] exponent = binr.ReadBytes(expbytes);
// We don't really need to print anything but if we insist to...
//showBytes("\nExponent", exponent);
//showBytes("\nModulus", modulus);
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider();
RSAParameters rsaKeyInfo = new RSAParameters
{
Modulus = modulus,
Exponent = exponent
};
rsa.ImportParameters(rsaKeyInfo);
return rsa;
}
catch (Exception)
{
return null;
}
}
}
}
//------- Parses binary ans.1 RSA private key; returns RSACryptoServiceProvider ---
private static RSACryptoServiceProvider DecodeRSAPrivateKey(byte[] privkey)
{
byte[] MODULUS, E, D, P, Q, DP, DQ, IQ;
// --------- Set up stream to decode the asn.1 encoded RSA private key ------
MemoryStream mem = new MemoryStream(privkey);
BinaryReader binr = new BinaryReader(mem); //wrap Memory Stream with BinaryReader for easy reading
byte bt = 0;
ushort twobytes = 0;
int elems = 0;
try
{
twobytes = binr.ReadUInt16();
if (twobytes == 0x8130) //data read as little endian order (actual data order for Sequence is 30 81)
binr.ReadByte(); //advance 1 byte
else if (twobytes == 0x8230)
binr.ReadInt16(); //advance 2 bytes
else
return null;
twobytes = binr.ReadUInt16();
if (twobytes != 0x0102) //version number
return null;
bt = binr.ReadByte();
if (bt != 0x00)
return null;
//------ all private key components are Integer sequences ----
elems = GetIntegerSize(binr);
MODULUS = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
E = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
D = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
P = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
Q = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DP = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
DQ = binr.ReadBytes(elems);
elems = GetIntegerSize(binr);
IQ = binr.ReadBytes(elems);
Console.WriteLine("showing components ..");
if (verbose)
{
showBytes("\nModulus", MODULUS);
showBytes("\nExponent", E);
showBytes("\nD", D);
showBytes("\nP", P);
showBytes("\nQ", Q);
showBytes("\nDP", DP);
showBytes("\nDQ", DQ);
showBytes("\nIQ", IQ);
}
// ------- create RSACryptoServiceProvider instance and initialize with public key -----
RSACryptoServiceProvider RSA = new RSACryptoServiceProvider();
RSAParameters RSAparams = new RSAParameters();
RSAparams.Modulus = MODULUS;
RSAparams.Exponent = E;
RSAparams.D = D;
RSAparams.P = P;
RSAparams.Q = Q;
RSAparams.DP = DP;
RSAparams.DQ = DQ;
RSAparams.InverseQ = IQ;
RSA.ImportParameters(RSAparams);
return RSA;
}
catch (Exception)
{
return null;
}
finally { binr.Close(); }
}
private static int GetIntegerSize(BinaryReader binr)
{
byte bt = 0;
byte lowbyte = 0x00;
byte highbyte = 0x00;
int count = 0;
bt = binr.ReadByte();
if (bt != 0x02) //expect integer
return 0;
bt = binr.ReadByte();
if (bt == 0x81)
count = binr.ReadByte(); // data size in next byte
else
if (bt == 0x82)
{
highbyte = binr.ReadByte(); // data size in next 2 bytes
lowbyte = binr.ReadByte();
byte[] modint = { lowbyte, highbyte, 0x00, 0x00 };
count = BitConverter.ToInt32(modint, 0);
}
else
{
count = bt; // we already have the data size
}
while (binr.ReadByte() == 0x00)
{ //remove high order zeros in data
count -= 1;
}
binr.BaseStream.Seek(-1, SeekOrigin.Current); //last ReadByte wasn't a removed zero, so back up a byte
return count;
}
//----- Get the binary RSA PRIVATE key, decrypting if necessary ----
private static byte[] DecodeOpenSSLPrivateKey(String instr)
{
const String pemprivheader = "-----BEGIN RSA PRIVATE KEY-----";
const String pemprivfooter = "-----END RSA PRIVATE KEY-----";
String pemstr = instr.Trim();
byte[] binkey;
if (!pemstr.StartsWith(pemprivheader) || !pemstr.EndsWith(pemprivfooter))
return null;
StringBuilder sb = new StringBuilder(pemstr);
sb.Replace(pemprivheader, ""); //remove headers/footers, if present
sb.Replace(pemprivfooter, "");
String pvkstr = sb.ToString().Trim(); //get string after removing leading/trailing whitespace
try
{ // if there are no PEM encryption info lines, this is an UNencrypted PEM private key
binkey = Convert.FromBase64String(pvkstr);
return binkey;
}
catch (System.FormatException)
{//if can't b64 decode, it must be an encrypted private key
Console.WriteLine("Not an unencrypted OpenSSL PEM private key");
}
StringReader str = new StringReader(pvkstr);
//-------- read PEM encryption info. lines and extract salt -----
if (!str.ReadLine().StartsWith("Proc-Type: 4,ENCRYPTED"))
return null;
String saltline = str.ReadLine();
if (!saltline.StartsWith("DEK-Info: DES-EDE3-CBC,"))
return null;
String saltstr = saltline.Substring(saltline.IndexOf(",") + 1).Trim();
byte[] salt = new byte[saltstr.Length / 2];
for (int i = 0; i < salt.Length; i++)
salt[i] = Convert.ToByte(saltstr.Substring(i * 2, 2), 16);
if (!(str.ReadLine() == ""))
return null;
//------ remaining b64 data is encrypted RSA key ----
String encryptedstr = str.ReadToEnd();
try
{ //should have b64 encrypted RSA key now
binkey = Convert.FromBase64String(encryptedstr);
}
catch (System.FormatException)
{ // bad b64 data.
return null;
}
//------ Get the 3DES 24 byte key using PDK used by OpenSSL ----
SecureString despswd = GetSecPswd("Enter password to derive 3DES key==>");
//Console.Write("\nEnter password to derive 3DES key: ");
//String pswd = Console.ReadLine();
byte[] deskey = GetOpenSSL3deskey(salt, despswd, 1, 2); // count=1 (for OpenSSL implementation); 2 iterations to get at least 24 bytes
if (deskey == null)
return null;
//showBytes("3DES key", deskey) ;
//------ Decrypt the encrypted 3des-encrypted RSA private key ------
byte[] rsakey = DecryptKey(binkey, deskey, salt); //OpenSSL uses salt value in PEM header also as 3DES IV
if (rsakey != null)
return rsakey; //we have a decrypted RSA private key
else
{
Console.WriteLine("Failed to decrypt RSA private key; probably wrong password.");
return null;
}
}
// ----- Decrypt the 3DES encrypted RSA private key ----------
private static byte[] DecryptKey(byte[] cipherData, byte[] desKey, byte[] IV)
{
MemoryStream memst = new MemoryStream();
TripleDES alg = TripleDES.Create();
alg.Key = desKey;
alg.IV = IV;
try
{
CryptoStream cs = new CryptoStream(memst, alg.CreateDecryptor(), CryptoStreamMode.Write);
cs.Write(cipherData, 0, cipherData.Length);
cs.Close();
}
catch (Exception exc)
{
Console.WriteLine(exc.Message);
return null;
}
byte[] decryptedData = memst.ToArray();
return decryptedData;
}
//----- OpenSSL PBKD uses only one hash cycle (count); miter is number of iterations required to build sufficient bytes ---
private static byte[] GetOpenSSL3deskey(byte[] salt, SecureString secpswd, int count, int miter)
{
IntPtr unmanagedPswd = IntPtr.Zero;
int HASHLENGTH = 16; //MD5 bytes
byte[] keymaterial = new byte[HASHLENGTH * miter]; //to store contatenated Mi hashed results
byte[] psbytes = new byte[secpswd.Length];
unmanagedPswd = Marshal.SecureStringToGlobalAllocAnsi(secpswd);
Marshal.Copy(unmanagedPswd, psbytes, 0, psbytes.Length);
Marshal.ZeroFreeGlobalAllocAnsi(unmanagedPswd);
//UTF8Encoding utf8 = new UTF8Encoding();
//byte[] psbytes = utf8.GetBytes(pswd);
// --- contatenate salt and pswd bytes into fixed data array ---
byte[] data00 = new byte[psbytes.Length + salt.Length];
Array.Copy(psbytes, data00, psbytes.Length); //copy the pswd bytes
Array.Copy(salt, 0, data00, psbytes.Length, salt.Length); //concatenate the salt bytes
// ---- do multi-hashing and contatenate results D1, D2 ... into keymaterial bytes ----
MD5 md5 = new MD5CryptoServiceProvider();
byte[] result = null;
byte[] hashtarget = new byte[HASHLENGTH + data00.Length]; //fixed length initial hashtarget
for (int j = 0; j < miter; j++)
{
// ---- Now hash consecutively for count times ------
if (j == 0)
result = data00; //initialize
else
{
Array.Copy(result, hashtarget, result.Length);
Array.Copy(data00, 0, hashtarget, result.Length, data00.Length);
result = hashtarget;
//Console.WriteLine("Updated new initial hash target:") ;
//showBytes(result) ;
}
for (int i = 0; i < count; i++)
result = md5.ComputeHash(result);
Array.Copy(result, 0, keymaterial, j * HASHLENGTH, result.Length); //contatenate to keymaterial
}
//showBytes("Final key material", keymaterial);
byte[] deskey = new byte[24];
Array.Copy(keymaterial, deskey, deskey.Length);
Array.Clear(psbytes, 0, psbytes.Length);
Array.Clear(data00, 0, data00.Length);
Array.Clear(result, 0, result.Length);
Array.Clear(hashtarget, 0, hashtarget.Length);
Array.Clear(keymaterial, 0, keymaterial.Length);
return deskey;
}
private static SecureString GetSecPswd(String prompt)
{
SecureString password = new SecureString();
Console.ForegroundColor = ConsoleColor.Gray;
Console.Write(prompt);
Console.ForegroundColor = ConsoleColor.Magenta;
while (true)
{
ConsoleKeyInfo cki = Console.ReadKey(true);
if (cki.Key == ConsoleKey.Enter)
{
Console.ForegroundColor = ConsoleColor.Gray;
Console.WriteLine();
return password;
}
else if (cki.Key == ConsoleKey.Backspace)
{
// remove the last asterisk from the screen...
if (password.Length > 0)
{
Console.SetCursorPosition(Console.CursorLeft - 1, Console.CursorTop);
Console.Write(" ");
Console.SetCursorPosition(Console.CursorLeft - 1, Console.CursorTop);
password.RemoveAt(password.Length - 1);
}
}
else if (cki.Key == ConsoleKey.Escape)
{
Console.ForegroundColor = ConsoleColor.Gray;
Console.WriteLine();
return password;
}
else if (Char.IsLetterOrDigit(cki.KeyChar) || Char.IsSymbol(cki.KeyChar))
{
if (password.Length < 20)
{
password.AppendChar(cki.KeyChar);
Console.Write("*");
}
else
{
Console.Beep();
}
}
else
{
Console.Beep();
}
}
}
private static bool CompareBytearrays(byte[] a, byte[] b)
{
if (a.Length != b.Length)
return false;
int i = 0;
foreach (byte c in a)
{
if (c != b[i])
return false;
i++;
}
return true;
}
private static void showBytes(String info, byte[] data)
{
Console.WriteLine("{0} [{1} bytes]", info, data.Length);
for (int i = 1; i <= data.Length; i++)
{
Console.Write("{0:X2} ", data[i - 1]);
if (i % 16 == 0)
Console.WriteLine();
}
Console.WriteLine("\n\n");
}
}
///
/// Performs asymmetric encryption and decryption using the implementation of
/// the System.Security.Cryptography.RSA algorithm provided by the cryptographic
/// service provider (CSP). This class cannot be inherited.
/// Reference:
/// http://jamiekurtz.com/2013/01/14/asp-net-web-api-security-basics/
/// http://blogs.msdn.com/b/alejacma/archive/2008/10/23/how-to-generate-key-pairs-encrypt-and-decrypt-data-with-net-c.aspx
/// http://www.technical-recipes.com/2013/using-rsa-to-encrypt-large-data-files-in-c/
/// http://codebetter.com/johnvpetersen/2012/04/02/making-your-asp-net-web-apis-secure/
///
public sealed class RSACryptography
{
#region Private Fields
private const int KEY_SIZE = 2048; // The size of the RSA key to use in bits.
private bool fOAEP = false;
private RSACryptoServiceProvider rsaProvider = null;
#endregion Private Fields
#region Constructors
///
/// Initializes a new instance of the System.Security.Cryptography.RSACryptoServiceProvider
/// class with the predefined key size and parameters.
///
public RSACryptography()
{
}
#endregion Constructors
#region Private Methods
///
/// Initializes a new instance of the System.Security.Cryptography.CspParameters class.
///
///An instance of the System.Security.Cryptography.CspParameters class.
private CspParameters GetCspParameters()
{
// Create a new key pair on target CSP
CspParameters cspParams = new CspParameters();
cspParams.ProviderType = 1; // PROV_RSA_FULL
// cspParams.ProviderName; // CSP name
// cspParams.Flags = CspProviderFlags.UseArchivableKey;
cspParams.KeyNumber = (int)KeyNumber.Exchange;
return cspParams;
}
///
/// Gets the maximum data length for a given key
///
///The RSA key length
///The maximum allowable data length
private int GetMaxDataLength()
{
if (fOAEP)
return ((KEY_SIZE - 384) / 8) + 7;
return ((KEY_SIZE - 384) / 8) + 37;
}
///
/// Checks if the given key size if valid
///
///The RSA key length
///True if valid; false otherwise
private static bool IsKeySizeValid()
{
return KEY_SIZE >= 384 &&
KEY_SIZE <= 16384 &&
KEY_SIZE % 8 == 0;
}
#endregion Private Methods
#region Public Methods
///
/// Generate a new RSA key pair.
///
///An XML string containing ONLY THE PUBLIC RSA KEY.
///An XML string containing a PUBLIC AND PRIVATE RSA KEY.
public void GenerateKeys(out string publicKey, out string privateKey)
{
try
{
CspParameters cspParams = GetCspParameters();
cspParams.Flags = CspProviderFlags.UseArchivableKey;
rsaProvider = new RSACryptoServiceProvider(KEY_SIZE, cspParams);
// Export public key
publicKey = rsaProvider.ToXmlString(false);
// Export private/public key pair
privateKey = rsaProvider.ToXmlString(true);
}
catch (Exception ex)
{
// Any errors? Show them
throw new Exception("Exception generating a new RSA key pair! More info: " + ex.Message);
}
finally
{
// Do some clean up if needed
}
}
///
/// Encrypts data with the System.Security.Cryptography.RSA algorithm.
///
///An XML string containing the public RSA key.
///The data to be encrypted.
///The encrypted data.
public string Encrypt(string publicKey, string plainText)
{
if (string.IsNullOrWhiteSpace(plainText))
throw new ArgumentException("Data are empty");
int maxLength = GetMaxDataLength();
if (Encoding.Unicode.GetBytes(plainText).Length > maxLength)
throw new ArgumentException("Maximum data length is " + maxLength / 2);
if (!IsKeySizeValid())
throw new ArgumentException("Key size is not valid");
if (string.IsNullOrWhiteSpace(publicKey))
throw new ArgumentException("Key is null or empty");
byte[] plainBytes = null;
byte[] encryptedBytes = null;
string encryptedText = "";
try
{
CspParameters cspParams = GetCspParameters();
cspParams.Flags = CspProviderFlags.NoFlags;
rsaProvider = new RSACryptoServiceProvider(KEY_SIZE, cspParams);
// [1] Import public key
rsaProvider.FromXmlString(publicKey);
// [2] Get plain bytes from plain text
plainBytes = Encoding.Unicode.GetBytes(plainText);
// Encrypt plain bytes
encryptedBytes = rsaProvider.Encrypt(plainBytes, false);
// Get encrypted text from encrypted bytes
// encryptedText = Encoding.Unicode.GetString(encryptedBytes); => NOT WORKING
encryptedText = Convert.ToBase64String(encryptedBytes);
}
catch (Exception ex)
{
// Any errors? Show them
throw new Exception("Exception encrypting file! More info: " + ex.Message);
}
finally
{
// Do some clean up if needed
}
return encryptedText;
} // Encrypt method
///
/// Decrypts data with the System.Security.Cryptography.RSA algorithm.
///
///An XML string containing a public and private RSA key.
///The data to be decrypted.
/// The decrypted data, which is the original plain text before encryption.
public string Decrypt(string privateKey, string encryptedText)
{
if (string.IsNullOrWhiteSpace(encryptedText))
throw new ArgumentException("Data are empty");
if (!IsKeySizeValid())
throw new ArgumentException("Key size is not valid");
if (string.IsNullOrWhiteSpace(privateKey))
throw new ArgumentException("Key is null or empty");
byte[] encryptedBytes = null;
byte[] plainBytes = null;
string plainText = "";
try
{
CspParameters cspParams = GetCspParameters();
cspParams.Flags = CspProviderFlags.NoFlags;
rsaProvider = new RSACryptoServiceProvider(KEY_SIZE, cspParams);
// [1] Import private/public key pair
rsaProvider.FromXmlString(privateKey);
// [2] Get encrypted bytes from encrypted text
// encryptedBytes = Encoding.Unicode.GetBytes(encryptedText); => NOT WORKING
encryptedBytes = Convert.FromBase64String(encryptedText);
// Decrypt encrypted bytes
plainBytes = rsaProvider.Decrypt(encryptedBytes, false);
// Get decrypted text from decrypted bytes
plainText = Encoding.Unicode.GetString(plainBytes);
}
catch (Exception ex)
{
// Any errors? Show them
throw new Exception("Exception decrypting file! More info: " + ex.Message);
}
finally
{
// Do some clean up if needed
}
return plainText;
}
#endregion Public Methods
}
}
