rbrayb · July 26, 2018 01:13 · debs1979 · Jan 7, 2021
diff --git a/CNGRSA.cs b/CNGRSA.cs
 using System;
 using System.Security.Cryptography;

 namespace CNGMediumConsoleApp
 {
    class Program
    {
        static byte[] data = {0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20};

        static byte[] privateKey;
        static byte[] publicKey;
        private static byte[] encrypted;
        private static byte[] decrypted;
        private static byte[] signed;

        static void Main(string[] args)
        {
            try
            {
                CngKey cngKey;

                CngKeyCreationParameters cng = new CngKeyCreationParameters
                {
                    KeyUsage = CngKeyUsages.AllUsages
                };

                if (!CngKey.Exists("rsaKey"))
                    cngKey = CngKey.Create(CngAlgorithm.Rsa, "rsaKey", cng);
                else
                    cngKey = CngKey.Open("rsaKey");

                RSACng rsaKey = new RSACng(cngKey)
                {
                    KeySize = 2048
                };

                // Try importing / exporting to blobs (Example only)

                byte[] rsaPrvKeyExport = rsaKey.Key.Export(CngKeyBlobFormat.GenericPrivateBlob);
                byte[] rsaPubKeyExport = rsaKey.Key.Export(CngKeyBlobFormat.GenericPublicBlob);

                CngKey cngPrv = CngKey.Import(rsaPrvKeyExport, CngKeyBlobFormat.GenericPrivateBlob);
                CngKey cngPub = CngKey.Import(rsaPubKeyExport, CngKeyBlobFormat.GenericPublicBlob);
                
                // Try importing / exporting to parameters (Example only)

                RSAParameters pub = rsaKey.ExportParameters(false);
                RSAParameters prv = rsaKey.ExportParameters(true);

                RSACng rsaPrv = new RSACng();
                rsaPrv.ImportParameters(prv);

                RSACng rsaPub = new RSACng();
                rsaPub.ImportParameters(pub);

                // These are our keys

                privateKey = rsaKey.Key.Export(CngKeyBlobFormat.GenericPrivateBlob);
                publicKey = rsaKey.Key.Export(CngKeyBlobFormat.GenericPublicBlob);

                string prvResult = ByteArrayToHexString(privateKey, 0, privateKey.Length);
                string pubResult = ByteArrayToHexString(publicKey, 0, publicKey.Length);

                Console.WriteLine("\nPrivate key - length = " + privateKey.Length + "\n" + prvResult + "\n");
                Console.WriteLine("\nPublic key - length = " + publicKey.Length + "\n" + pubResult + "\n");

                // Encrypt / decrypt
                
                encrypted = Encrypt(publicKey, data);

                decrypted = Decrypt(privateKey, encrypted);

                bool result = ByteArrayCompare(data, decrypted);

                if (result)
                    Console.WriteLine("Encrypt / decrypt works");
                else
                    Console.WriteLine("Encrypt / decrypt fails");

                // Signing

                signed = Sign512(data, privateKey);

                bool result1 = VerifySignature512(data, signed, publicKey);

                if (result1)
                    Console.WriteLine("Signing works");
                else
                    Console.WriteLine("Signing fails");
            }

            catch (Exception e)
            {
                Console.WriteLine("Exception " + e.Message);
            }

            Console.ReadLine();
        }

        static bool ByteArrayCompare(byte[] a1, byte[] a2)
        {
            if (a1.Length != a2.Length)
                return false;

            for (int i = 0; i < a1.Length; i++)
                if (a1[i] != a2[i])
                    return false;

            return true;
        }

        public static string ByteArrayToHexString(byte[] bytes, int start, int length)
        {
            string delimitedStringValue = BitConverter.ToString(bytes, start, length);
            return delimitedStringValue.Replace("-", "");
        }

        public static byte[] Sign512(byte[] data, byte[] privateKey)
        {
            CngKey key = CngKey.Import(privateKey, CngKeyBlobFormat.GenericPrivateBlob);
            RSACng crypto = new RSACng(key);
            return crypto.SignData(data, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1);
        }

        public static bool VerifySignature512(byte[] data, byte[] signature, byte[] publicKey)
        {
            CngKey key = CngKey.Import(publicKey, CngKeyBlobFormat.GenericPublicBlob);
            RSACng crypto = new RSACng(key);
            return crypto.VerifyData(data, signature, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1);
        }

        public static byte[] Encrypt(byte[] publicKey, byte[] data)
        {
            CngKey key = CngKey.Import(publicKey, CngKeyBlobFormat.GenericPublicBlob);
            RSACng crypto = new RSACng(key);
            var result = crypto.Encrypt(data, RSAEncryptionPadding.OaepSHA512);
            return result;
        }
        public static byte[] Decrypt(byte[] privateKey, byte[] data)
        {
            CngKey key = CngKey.Import(privateKey, CngKeyBlobFormat.GenericPrivateBlob);
            RSACng crypto = new RSACng(key);
            var result = crypto.Decrypt(data, RSAEncryptionPadding.OaepSHA512);
            return result;
        }
    }
 }
	using System;
	using System.Security.Cryptography;

	namespace CNGMediumConsoleApp
	{
	class Program
	{
	static byte[] data = {0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20, 0x20};

	static byte[] privateKey;
	static byte[] publicKey;
	private static byte[] encrypted;
	private static byte[] decrypted;
	private static byte[] signed;

	static void Main(string[] args)
	{
	try
	{
	CngKey cngKey;

	CngKeyCreationParameters cng = new CngKeyCreationParameters
	{
	KeyUsage = CngKeyUsages.AllUsages
	};

	if (!CngKey.Exists("rsaKey"))
	cngKey = CngKey.Create(CngAlgorithm.Rsa, "rsaKey", cng);
	else
	cngKey = CngKey.Open("rsaKey");

	RSACng rsaKey = new RSACng(cngKey)
	{
	KeySize = 2048
	};

	// Try importing / exporting to blobs (Example only)

	byte[] rsaPrvKeyExport = rsaKey.Key.Export(CngKeyBlobFormat.GenericPrivateBlob);
	byte[] rsaPubKeyExport = rsaKey.Key.Export(CngKeyBlobFormat.GenericPublicBlob);

	CngKey cngPrv = CngKey.Import(rsaPrvKeyExport, CngKeyBlobFormat.GenericPrivateBlob);
	CngKey cngPub = CngKey.Import(rsaPubKeyExport, CngKeyBlobFormat.GenericPublicBlob);

	// Try importing / exporting to parameters (Example only)

	RSAParameters pub = rsaKey.ExportParameters(false);
	RSAParameters prv = rsaKey.ExportParameters(true);

	RSACng rsaPrv = new RSACng();
	rsaPrv.ImportParameters(prv);

	RSACng rsaPub = new RSACng();
	rsaPub.ImportParameters(pub);

	// These are our keys

	privateKey = rsaKey.Key.Export(CngKeyBlobFormat.GenericPrivateBlob);
	publicKey = rsaKey.Key.Export(CngKeyBlobFormat.GenericPublicBlob);

	string prvResult = ByteArrayToHexString(privateKey, 0, privateKey.Length);
	string pubResult = ByteArrayToHexString(publicKey, 0, publicKey.Length);

	Console.WriteLine("\nPrivate key - length = " + privateKey.Length + "\n" + prvResult + "\n");
	Console.WriteLine("\nPublic key - length = " + publicKey.Length + "\n" + pubResult + "\n");

	// Encrypt / decrypt

	encrypted = Encrypt(publicKey, data);

	decrypted = Decrypt(privateKey, encrypted);

	bool result = ByteArrayCompare(data, decrypted);

	if (result)
	Console.WriteLine("Encrypt / decrypt works");
	else
	Console.WriteLine("Encrypt / decrypt fails");

	// Signing

	signed = Sign512(data, privateKey);

	bool result1 = VerifySignature512(data, signed, publicKey);

	if (result1)
	Console.WriteLine("Signing works");
	else
	Console.WriteLine("Signing fails");
	}

	catch (Exception e)
	{
	Console.WriteLine("Exception " + e.Message);
	}

	Console.ReadLine();
	}

	static bool ByteArrayCompare(byte[] a1, byte[] a2)
	{
	if (a1.Length != a2.Length)
	return false;

	for (int i = 0; i < a1.Length; i++)
	if (a1[i] != a2[i])
	return false;

	return true;
	}

	public static string ByteArrayToHexString(byte[] bytes, int start, int length)
	{
	string delimitedStringValue = BitConverter.ToString(bytes, start, length);
	return delimitedStringValue.Replace("-", "");
	}

	public static byte[] Sign512(byte[] data, byte[] privateKey)
	{
	CngKey key = CngKey.Import(privateKey, CngKeyBlobFormat.GenericPrivateBlob);
	RSACng crypto = new RSACng(key);
	return crypto.SignData(data, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1);
	}

	public static bool VerifySignature512(byte[] data, byte[] signature, byte[] publicKey)
	{
	CngKey key = CngKey.Import(publicKey, CngKeyBlobFormat.GenericPublicBlob);
	RSACng crypto = new RSACng(key);
	return crypto.VerifyData(data, signature, HashAlgorithmName.SHA512, RSASignaturePadding.Pkcs1);
	}

	public static byte[] Encrypt(byte[] publicKey, byte[] data)
	{
	CngKey key = CngKey.Import(publicKey, CngKeyBlobFormat.GenericPublicBlob);
	RSACng crypto = new RSACng(key);
	var result = crypto.Encrypt(data, RSAEncryptionPadding.OaepSHA512);
	return result;
	}
	public static byte[] Decrypt(byte[] privateKey, byte[] data)
	{
	CngKey key = CngKey.Import(privateKey, CngKeyBlobFormat.GenericPrivateBlob);
	RSACng crypto = new RSACng(key);
	var result = crypto.Decrypt(data, RSAEncryptionPadding.OaepSHA512);
	return result;
	}
	}
	}