Get Up and Running with .NET Cryptography Providers

<%@ Page Language="C#"%>
<%@ Import namespace="System.Security.Cryptography" %>

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" >

<html>
<head>
<title>WebForm1</title>
<meta name="GENERATOR" Content="Microsoft Visual Studio 7.0">
<meta name="CODE_LANGUAGE" Content="C#">
<meta name=vs_defaultClientScript content="JavaScript">
<meta name=vs_targetSchema content="http://schemas.microsoft.com/intellisense/ie5">
<script language="C#" runat="server">
void btnEncrypt_Click(Object sender, EventArgs e)
{
// structure that holds the public/private key pair
RSAParameters rsaParam;

// create an instance of the RSA cryptography provider
// at this point a new public/private key pair has been created
// You have to instruct RSACryptoServiceProvider or DSACryptoServiceProvider to use
// machine key store (as in the following sample
// code) in scenarios such as a Web service, ASP Page, or COM+, where the user profile
// is not loaded by the system for performance
// reasons. You can use the CspParameters parameter in
// the RSACryptoServiceProvider() constructor, as follows:
// Refer to Q322371 @ http://support.microsoft.com/defaul...b;en-us;Q322371
// Only other way to get around is run the aspnet_wp.exe worker process with SYSTEM
//credentials which I'd not recommend!

CspParameters CSPParam = new CspParameters();
CSPParam.Flags = CspProviderFlags.UseMachineKeyStore;
RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(CSPParam);

// get a byte array representing the first string
byte[] byteInput = (new System.Text.UnicodeEncoding()).GetBytes(textBox1.T ext);

// encrypt the string using the provider and save the result to the byteEncrypted array
byte[] byteEncrypted = rsa.Encrypt(byteInput, false);

// the rsaParam structure contains the public/private key pair.
// by passing true to ExportParameters, we tell the provider to include the private key
rsaParam = rsa.ExportParameters(true);

// for illustration purposes show the encrypted string in the second textbox
// this string should not be readable.
textBox2.Text = (new System.Text.UnicodeEncoding()).GetString(byteEncry pted);

/************************************************** ***********************/
// normally we would stop at this point
// and save the public/private key some where.
// but let's go on to see how we would use the RSAParameters
// structure to decrypt the string
/************************************************** ***********************/

// import the RSAParameters structure that we used previously.
// normally at this point we would have to create another instance of the provider,
// which would generate another public/private key pair
// that could not be used to decrypt the string. So we must use the original public/private
// key pair from the RSAParameters structure
rsa.ImportParameters(rsaParam);

// get the encrypted string from the second textbox and store it in a byte array
byte[] byteEncryptedString = (new System.Text.UnicodeEncoding()).GetBytes(textBox2.T ext);

// decrypt the data in the byte array using the provider
// we pass false in the second parameter to tell the provider that we do not want to use
// OAEP padding, but don't worry about that for this example.
byte[] byteDecryptedString = rsa.Decrypt(byteEncryptedString, false);

// assign the resulting decrypted string to the third textbox
textBox3.Text = (new System.Text.UnicodeEncoding()).GetString(byteDecry ptedString);
}
</script>
</head>
<body>

<form id="Form1" method="post" runat="server">
string:<asp:textbox id="textBox1" runat="server"/>

encrypted string:<asp:textbox id="textBox2" runat="server"/>

decrypted string:<asp:textbox id="textBox3" runat="server"/>

<asp:button id="btnEncrypt" text="Encrypt" OnClick="btnEncrypt_Click" runat="server"/>
</form>

</body>
</html>

Read Complete Article