How to encrypt and decrypt in .NET using CryptoNet

CryptoNet banner

Few years back I wrote an encryption and decryption code for protecting sensitive person data for fin-tech business.

Since that time, I wished I could have time to putted all together in a library that can befit the community. I succussed upon Christmas 2021 holiday time to brush it up and re-write it and make a simple cryptographic library.

The library is open source released under MIT license and written in C# with out depending on external or 3rd party library.

The library can use its own self-generated RSA key pairs (Private/Public key) to encrypt and decrypt content.

You can store the private key on one or more machines. The public key can easily distribute to all clients.

Note: Please be aware of not to distribute private key publicly and keep it in a safe place. If private key mistakenly gets exposed, you need to re-issue new keys. The content that is already encrypted with private key, can not be decrypted back with the new generated private key. So before updating private key or deleting the old key ensure all your content are decrypted, other wise you lose the content.

Maytham Fahmi

It is also possible to use asymmetric keys of X509 Certificate instead of generating your own keys.

CryptoNet
CryptoNet Logo

The main concept with asymmetric encryption, is that you have a Private and Public key. You use Public key to encrypt the content with and use Private key to decrypt the content back again.

I will show some simple example of the library with explanation:

Encrypt and Decrypt Content With Self-Generated Asymmetric Key

ICryptoNet cryptoNet = new CryptoNet();

var privateKey = cryptoNet.ExportPrivateKey();
var publicKey = cryptoNet.ExportPublicKey();

ICryptoNet encryptClient = new CryptoNet(publicKey);
var encrypt = encryptClient.EncryptFromString(ConfidentialDummyData);
Console.WriteLine($"1- We will encrypt following text:\n{ConfidentialDummyData}\n");
Console.WriteLine($"2- To:\n{CryptoNetUtils.BytesToString(encrypt)}\n");

ICryptoNet decryptClient = new CryptoNet(privateKey);
var decrypt = decryptClient.DecryptToString(encrypt);
Console.WriteLine($"3- And we will decrypt it back to:\n{decrypt}\n");

Encrypt with Public Key and later Decrypt with Private Key

var certificate = CryptoNetUtils.LoadFileToString(RsaKeyPair);
// Export public key
ICryptoNet cryptoNet = new CryptoNet(certificate, true);
var publicKey = cryptoNet.ExportPublicKey();
CryptoNetUtils.SaveKey(PublicKeyFile, publicKey);

// Import public key and encrypt
var importPublicKey = CryptoNetUtils.LoadFileToString(PublicKeyFile);
ICryptoNet cryptoNetEncryptWithPublicKey = new CryptoNet(importPublicKey, true);
var encryptWithPublicKey = cryptoNetEncryptWithPublicKey.EncryptFromString(ConfidentialDummyData);
Console.WriteLine("1- This time we use a certificate public key to encrypt");
Console.WriteLine(CryptoNetUtils.BytesToString(encryptWithPublicKey));

ICryptoNet cryptoNetDecryptWithPublicKey = new CryptoNet(certificate, true);
var decryptWithPrivateKey = cryptoNetDecryptWithPublicKey.DecryptToString(encryptWithPublicKey);
Console.WriteLine("2- And use the same certificate to decrypt");
Console.WriteLine(decryptWithPrivateKey);

Check all example details here.

Please find the library source code on this GitHub repo or download NuGet package. I would be very happy if you have input or comments to the library and even contribution are welcomed.

Leave a Reply

Your email address will not be published. Required fields are marked *