private static void TestEncryptDecryptRoundTrip(byte[] plainText, RSAEncryptionPadding paddingMode, int expectedCipherSize) { using (RSA rsaCng = new RSACng()) { byte[] cipher = rsaCng.Encrypt(plainText, paddingMode); // RSACng.Encrypt() is intentionally non-deterministic so we can verify that we got back a cipher of the right length // but nothing about the contents. Assert.Equal(expectedCipherSize, cipher.Length); // But we can test to see that it decrypts back to the original. byte[] plainTextAgain = rsaCng.Decrypt(cipher, paddingMode); Assert.Equal<byte>(plainText, plainTextAgain); } }
/// <summary> /// Decrypt the text using the specified CNG key. /// </summary> /// <param name="rsaCngProvider">RSA CNG Provider.</param> /// <param name="encryptedColumnEncryptionKey">Encrypted Column Encryption Key.</param> /// <returns>Returns the decrypted plaintext Column Encryption Key or throws an exception if there are any errors.</returns> private byte[] RSADecrypt(RSACng rsaCngProvider, byte[] encryptedColumnEncryptionKey) { Debug.Assert((encryptedColumnEncryptionKey != null) && (encryptedColumnEncryptionKey.Length != 0)); Debug.Assert(rsaCngProvider != null); return rsaCngProvider.Decrypt(encryptedColumnEncryptionKey, RSAEncryptionPadding.OaepSHA1); }
static byte[] Decrypt(CngKey key, byte[] cipherText) { var rsa = new RSACng(key); return rsa.Decrypt(cipherText, RSAEncryptionPadding.Pkcs1); }