Thursday, April 14, 2011

C# Encryption Decryption (Asymmetric key)

Asymmetric key encryption uses different keys for encryption and decryption. These two keys are mathematically related and they form a key pair. One of these two keys should be kept private, called private-key, and the other can be made public (it can even be sent in mail), called public-key. Hence this is also called Public Key Encryption.
Simple as it may sound, but it trouble me for a week, as I could not find any good articles after googling so many days. Going through the API’s I stumbled upon few classes (RSACryptoServiceProvider) and methods that really helped me a LOT.
So here I am writing this article, to help all those looking for the same.
Firstly you will need to install a certificate, of which public and private key you intend to use. Once installed the certificate can be viewed in Internet Explorer > Tools Internet Options > Content Certificates.
There you will find a lot of information related to the installed certificates, such as Issuer Name, Expiry Date, etc. But the most important one for now is the SERIAL NUMBER.
Copy this SERIAL NUMBER and save it.
Now use, the following code to get your (required) certificate.
public X509Certificate2 Get_Certificate(string serial_number)
X509Certificate2 x_cert2 = null;
X509Store x_store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
X509Store newstore = new X509Store(x_store.Name);
int count = x_store.Certificates.Count;
foreach (X509Certificate2 cert2 in x_store.Certificates)
string s = cert2.SerialNumber;
if (cert2.SerialNumber == serial_number)
x_cert2 = cert2;
return x_cert2;

This will return the certificate with the matching serial number.
Now, the next step is to Encrypt the message (which i have assumed to be of type string.) using the public key and later decrypt using private key. (You may also do the other way round.)
Use the following function to encrypt: Here we have passed the certificate found previously (using the function written above) and the message which is to be encrypted. RSACryptoServiceProvider is the class which we have used, i suggest you explore this class a bit using the API’s.
public string Encrypt_Message(string str_msg, X509Certificate2 cert)
//Gets the public key.
string public_key = cert.GetPublicKeyString();
// Encrypts the message using public key.
var providerSender = (RSACryptoServiceProvider)cert.PublicKey.Key;
var plainSender = Encoding.ASCII.GetBytes(str_msg);
var cipher = providerSender.Encrypt(plainSender, false);
string e_msg = Encoding.Default.GetString(cipher);
return e_msg;

Now you have the encrypted message with you, now you may need to decrypt it using  the private key of the same certificate for that use the following.
public string Decrypt_Message(string encryptd_message, X509Certificate2 cert)
// Decrypts the Encrypted message using the private key.
var providerReceiver = (RSACryptoServiceProvider)cert.PrivateKey;
var plainReceiver = providerReceiver.Decrypt(Encoding.Default.GetBytes(encryptd_message), false);
string decryptd_message = Encoding.Default.GetString(plainReceiver);
return decryptd_message;

And you’ll have the decrypted message. Hope this will be helpful. If you have any question or suggestion related to the article, feel free to leave a reply. tc. :)


massachusetts solar power said...

just couldn’t leave your website before telling you that we really enjoyed the quality information you offer to your visitors… Will be back often to check up on new posts.

Post a Comment


2011 ·Code-Studio by yrus.