Skip to main content

C# example

using System.Security.Cryptography;
using System.Text;
using Keepz_Aes_Encryption.models;

namespace Keepz_Aes_Encryption.utils
{
    public static class EncryptionUtils
    {
        public static string EncryptUsingPublicKey(string data, string publicKey, bool usePkcsPadding = false)
        {
            // Convert the base64 encoded key to PEM format
            string pemPublicKey = "-----BEGIN PUBLIC KEY-----\n" + publicKey + "\n-----END PUBLIC KEY-----";

            // Create RSA instance and import the public key
            using RSA rsa = RSA.Create();
            rsa.ImportFromPem(pemPublicKey);
            RSAEncryptionPadding padding = usePkcsPadding ? RSAEncryptionPadding.Pkcs1 : RSAEncryptionPadding.OaepSHA256; // Choose padding scheme
            byte[] dataBytes = rsa.Encrypt(Encoding.UTF8.GetBytes(data), padding); // Encrypt the data

            return Convert.ToBase64String(dataBytes);
        }

        public static string DecryptUsingPrivateKey(string encryptedData, string privateKey, bool usePkcsPadding = false)
        {
            // Convert the base64 encoded key to PEM format
            string pemPrivateKey = "-----BEGIN PRIVATE KEY-----\n" + privateKey + "\n-----END PRIVATE KEY-----";

            // Create RSA instance and import the private key
            using RSA rsa = RSA.Create();
            rsa.ImportFromPem(pemPrivateKey);
            RSAEncryptionPadding padding = usePkcsPadding ? RSAEncryptionPadding.Pkcs1 : RSAEncryptionPadding.OaepSHA256; // Choose padding scheme

            byte[] encryptedDataBytes = Convert.FromBase64String(encryptedData); // Decode the base64 encoded data

            byte[] decryptedDataBytes = rsa.Decrypt(encryptedDataBytes, padding); // Decrypt the data

            return Encoding.UTF8.GetString(decryptedDataBytes);
        }

        public static EncryptedResponse EncryptWithAes(string data, string publicKey, bool usePkcsPadding = false)
        {
            // Generate AES key and IV
            using Aes aes = Aes.Create();
            aes.KeySize = 256;
            aes.GenerateKey();
            aes.GenerateIV();

            // Encrypt the data using AES
            byte[] encryptedDataBytes;
            using (ICryptoTransform encryptor = aes.CreateEncryptor(aes.Key, aes.IV))
            {
                byte[] dataBytes = Encoding.UTF8.GetBytes(data);
                encryptedDataBytes = encryptor.TransformFinalBlock(dataBytes, 0, dataBytes.Length);
            }

            string encryptedDataBase64 = Convert.ToBase64String(encryptedDataBytes); // Convert encrypted data to base64 for easy transport
            string aesProperties = Convert.ToBase64String(aes.Key) + "." + Convert.ToBase64String(aes.IV); // Concatenate AES key and IV with a separator
            string encryptedAesProperties = EncryptUsingPublicKey(aesProperties, publicKey, usePkcsPadding); // Encrypt AES properties using RSA

            return new EncryptedResponse(encryptedDataBase64, encryptedAesProperties, true);
        }

        public static string DecryptWithAes(string encryptedAesProperties, string encryptedData, string privateKey, bool usePkcsPadding = false)
        {
            string decryptedAesProperties = DecryptUsingPrivateKey(encryptedAesProperties, privateKey, usePkcsPadding); // Decrypt AES properties using RSA

            // Extract AES key and IV
            string[] aesProps = decryptedAesProperties.Split('.');
            byte[] aesIV = Convert.FromBase64String(aesProps[1]);
            byte[] aesKey = Convert.FromBase64String(aesProps[0]);

            // Initialize AES for decryption
            using Aes aes = Aes.Create();
            aes.Key = aesKey;
            aes.IV = aesIV;

            // Decrypt the data using AES
            byte[] decryptedDataBytes;
            using (ICryptoTransform decryptor = aes.CreateDecryptor(aes.Key, aes.IV))
            {
                byte[] encryptedDataBytes = Convert.FromBase64String(encryptedData);
                decryptedDataBytes = decryptor.TransformFinalBlock(encryptedDataBytes, 0, encryptedDataBytes.Length);
            }

            return Encoding.UTF8.GetString(decryptedDataBytes);
        }
    }
}