Buscar contenidos

miércoles, 8 de noviembre de 2017

Encrypt/Decrypt using Self-signed Certificates

Link artículo




        static void Main(string[] args)
        {
            try
            {
                X509Certificate2 myCert =
                   LoadCertificate(StoreLocation.CurrentUser,
                   "CN=test");

                string myText = "This is the text I wish to encrypt";
                Console.WriteLine("UNENCRYPTED: " + myText);

                string encrypted = Encrypt(myCert, myText);

                Console.WriteLine("ENCRYPTED: " + encrypted);

                string decrypted = Decrypt(myCert, encrypted);

                Console.WriteLine("DECRYPTED: " + decrypted);
            }
            catch (Exception e)
            {
                Console.WriteLine("EXCEPTION: {0}", e.Message);
            }

        }

        public static X509Certificate2
   LoadCertificate(StoreLocation storeLocation,
   string certificateName)
        {
            X509Store store = new X509Store(storeLocation);
            store.Open(OpenFlags.ReadOnly);
            X509Certificate2Collection certCollection =
               store.Certificates;
            X509Certificate2 cert =
               certCollection.Cast<X509Certificate2>().FirstOrDefault
               (c => c.Subject == certificateName);
            if (cert == null)
                Console.WriteLine("NO Certificate named " +
                   certificateName + " was found in your certificate store");
            store.Close();
            return cert;
        }


        private static string Encrypt(X509Certificate2 x509, string stringToEncrypt)
        {
            if (x509 == null || string.IsNullOrEmpty(stringToEncrypt))
                throw new Exception("A x509 certificate and string for encryption must be provided");

            RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PublicKey.Key;
            byte[] bytestoEncrypt = ASCIIEncoding.ASCII.GetBytes(stringToEncrypt);
            byte[] encryptedBytes = rsa.Encrypt(bytestoEncrypt, false);
            return Convert.ToBase64String(encryptedBytes);
        }

        private static string Decrypt(X509Certificate2 x509, string stringTodecrypt)
        {
            if (x509 == null || string.IsNullOrEmpty(stringTodecrypt))
                throw new Exception("A x509 certificate and string for decryption must be provided");

            if (!x509.HasPrivateKey)
                throw new Exception("x509 certicate does not contain a private key for decryption");

            RSACryptoServiceProvider rsa = (RSACryptoServiceProvider)x509.PrivateKey;
            byte[] bytestodecrypt = Convert.FromBase64String(stringTodecrypt);
            byte[] plainbytes = rsa.Decrypt(bytestodecrypt, false);
            System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
            return enc.GetString(plainbytes);
        }


No hay comentarios:

Publicar un comentario