I'm currently trying to implement a class to handle secure communications between instances of my app using RSACrytoServiceProveider class. First question : is it a good idea implement a single class to handle sender/reciever roles or should i split the roles into individual classes ?. This is what i have done so far:
using System;
using System.Text;
using System.Security.Cryptography;
namespace Agnus.Cipher
{
public class RSA
{
private byte[] plaintextBytes;
private byte[] ciphertextBytes;
private RSACryptoServiceProvider rSAProviderThis;
private RSACryptoServiceProvider rSAProviderOther;
public string PublicKey
{
get { return rSAProviderThis.ToXmlString(false); }
}
public RSA()
{
rSAProviderThis = new RSACryptoServiceProvider { PersistKeyInCsp = true };
plaintextBytes = Encoding.Unicode.GetBytes(PublicKey);
}
public void InitializeRSAProviderOther(string parameters)
{
rSAProviderOther.FromXmlString(parameters);
}
public byte[] Encrypt()
{
return rSAProviderThis.Encrypt(plaintextBytes, true);
}
public byte[] Decrypt()
{
return rSAProviderThis.Decrypt(ciphertextBytes, true);
}
public byte[] Sign()
{
using (SHA1Managed SHA1 = new SHA1Managed())
{
byte[] hash = SHA1.ComputeHash(ciphertextBytes);
byte[] signature = rSAProviderThis.SignHash(hash, CryptoConfig.MapNameToOID("SHA1"));
return signature;
}
}
public void Verify()
{
throw new NotImplementedException();
}
}
}
Second question : how do i send and receive data to be fed into the class ? i'm a green horn in this field, pointers would be appreciated.
I would make the encrypt/sign/decrypt/verify methods take parameters for the data rather than having member variables for them. Having member variables for the key and provider seems okay though. Basically I'd expect to use the same key multiple times but not the same data.
I'd also make it immutable - make all the variables readonly, taking all the parameters you'll need for the providers in the constructor instead of having a separate initialisation method.
Beyond that, it seems okay to wrap the functionality in a simpler API for your needs though, yes.