C# RSA Encrypt Private Decrypt Public

asp.netasp.net-mvccencryptionrsa

Here is the problem I am trying to solve. Let's say I was releasing some web software built on ASP.NET MVC and I only wanted the end user to be able to add X users to the system. The software would be hosted on their servers.

I want to include an encrypted file that when the user tries to add a new user, it goes out and reads from the file an encrypted string. When the website decodes it, the clear text will be the number of allowed users.

What is the best/simplest way on my end to encrypt to generate this string on my end then decode it back to clear text in my application? Obviously I want to ensure that the end user cannot be spinning up their own encrypted string and just replace mine. I don't want to worry about having to try and obfuscate my source so that they would not be able to see how I decode the string.

Is it possible to encrypt with a private rsa key, then decrypt it with the public one? I haven't had luck with that in the code below:

        var rsa = new RSACryptoServiceProvider();

        var pubicKey = rsa.ToXmlString(false);
        var privateKey = rsa.ToXmlString(true);

        var test = "this string needs to be encrypted then decrypted";

        var rsa2 = new RSACryptoServiceProvider();
        rsa2.FromXmlString(privateKey);

        var encryptedBytes = rsa2.Encrypt(Encoding.UTF8.GetBytes(test), false);
        var encryptedString = Convert.ToBase64String(encryptedBytes);

        var rsa3 = new RSACryptoServiceProvider();
        rsa3.FromXmlString(pubicKey);

        encryptedBytes = Convert.FromBase64String(encryptedString);

        var decryptedString = Encoding.UTF8.GetString(rsa3.Decrypt(encryptedBytes,                        false));

Best Answer

You can use a signature strategy, where the private key is used to generate a signature that verifies that your message is authentic.

// Create message and signature on your end
string message = "Here is the license message";

var converter = new ASCIIEncoding();
byte[] plainText = converter.GetBytes(secret);

var rsaWrite = new RSACryptoServiceProvider();
var privateParams = rsaWrite.ExportParameters(true);

// Generate the public key / these can be sent to the user.
var publicParams = rsaWrite.ExportParameters(false);

byte[] signature =
    rsaWrite.SignData(plainText, new SHA1CryptoServiceProvider());

// Verify from the user's side. Note that only the public parameters
// are needed.
var rsaRead = new RSACryptoServiceProvider();
rsaRead.ImportParameters(publicParams);
if (rsaRead.VerifyData(plainText,
                       new SHA1CryptoServiceProvider(),
                       signature))
{
    Console.WriteLine("Verified!");
}
else
{
    Console.WriteLine("NOT verified!");
}

This example was largely copied from Microsoft's site:

RSACryptoServiceProvider.SignData Method (Byte[], Object)

And here is web page that explains the concept:

Using RSA for Signing Messages

Access modifiers

From docs.microsoft.com:

public

The type or member can be accessed by any other code in the same assembly or another assembly that references it.

private

The type or member can only be accessed by code in the same class or struct.

protected

The type or member can only be accessed by code in the same class or struct, or in a derived class.

private protected (added in C# 7.2)

The type or member can only be accessed by code in the same class or struct, or in a derived class from the same assembly, but not from another assembly.

internal

The type or member can be accessed by any code in the same assembly, but not from another assembly.

protected internal

The type or member can be accessed by any code in the same assembly, or by any derived class in another assembly.

When no access modifier is set, a default access modifier is used. So there is always some form of access modifier even if it's not set.

`static` modifier

The static modifier on a class means that the class cannot be instantiated, and that all of its members are static. A static member has one version regardless of how many instances of its enclosing type are created.

A static class is basically the same as a non-static class, but there is one difference: a static class cannot be externally instantiated. In other words, you cannot use the new keyword to create a variable of the class type. Because there is no instance variable, you access the members of a static class by using the class name itself.

However, there is a such thing as a static constructor. Any class can have one of these, including static classes. They cannot be called directly & cannot have parameters (other than any type parameters on the class itself). A static constructor is called automatically to initialize the class before the first instance is created or any static members are referenced. Looks like this:

static class Foo()
{
    static Foo()
    {
        Bar = "fubar";
    }
    
    public static string Bar { get; set; }
}

Static classes are often used as services, you can use them like so:

MyStaticClass.ServiceMethod(...);

.net – Encrypted data size using RSA encryption (RSACryptoServiceProvider)

You are mistaken. RSA is not a block cipher, so you cannot really talk about the block size of it.

The output of a RSA encryption will have the same length as the RSA modulus. You have not indicated any RSA key in your code, so the runtime will (as far as I recall) use a default key. That key apparently has a 1024 bit modulus, which explains the output length.

You might want to look into AES encryption instead. For many reasons you should normally only use RSA to encrypt a key and then use AES or a similar symmetric cipher algorithm to encrypt your actual text.

AES is a block cipher with block size 16 bytes, so that will (depending on which padding you use and how you transport your initialization vector) encrypt 16 bytes of plain data to 16 bytes of encrypted data.

Best Answer

Related Solutions

C# – In C#, what is the difference between public, private, protected, and having no access modifier

Access modifiers

static modifier

.net – Encrypted data size using RSA encryption (RSACryptoServiceProvider)

Related Topic

`static` modifier