How to use asymmetric encryption in ASP.NET in VB.NET

If you have to use asymmetric encryption in your ASP.NET project you can use the class described in the article How to create asymmetric encryption utility class in ASP.NET in VB.NET. To illustrate this you can create a page that permits you to generate a key and enter clear-text data through a text box. You can output the encrypted data through Convert.ToBase64String(). For decryption you should call Convert.FromBase64String() to get the encrypted bytes back and pass them into the DecryptData method.
Imports System
Imports System.IO
Imports System.Text
Imports System.Security.Cryptography
Public Class Asymmetric
Inherits System.Web.UI.Page
Private KeyFileName As String
Protected Sub Page_Load(ByVal sender As Object, ByVal e As System.EventArgs) Handles Me.Load
KeyFileName = Server.MapPath(“~/”) & “\asymmetric_key.config”
End Sub
Protected Sub GenerateKeyCommand_Click(sender As Object, e As EventArgs) Handles GenerateKeyCommand.Click
Try
PublicKeyText.Text = AsymmetricEncryptionUtility.GenerateKey(KeyFileName)
Response.Write(“Key generated successfully!<br/>”)
Catch
Response.Write(“Exception occured when encrypting key!”)
End Try
End Sub
Protected Sub EncryptCommand_Click(sender As Object, e As EventArgs) Handles EncryptCommand.Click
‘ Check for encryption key
If Not File.Exists(KeyFileName) Then
Response.Write(“Missing encryption key. Please generate key!”)
End If
Try
Dim data As Byte() = AsymmetricEncryptionUtility.EncryptData(ClearDataText.Text, PublicKeyText.Text)
EncryptedDataText.Text = Convert.ToBase64String(data)
Catch
Response.Write(“Unable to encrypt data!”)
End Try
End Sub
Protected Sub DecryptCommand_Click(sender As Object, e As EventArgs) Handles DecryptCommand.Click
‘ Check for encryption key
If Not File.Exists(KeyFileName) Then
Response.Write(“Missing encryption key. Please generate key!”)
End If
Try
Dim data As Byte() = Convert.FromBase64String(EncryptedDataText.Text)
ClearDataText.Text = AsymmetricEncryptionUtility.DecryptData(data, KeyFileName)
Catch
Response.Write(“Unable to decrypt data!”)
End Try
End Sub
Protected Sub ClearCommand_Click(sender As Object, e As EventArgs) Handles ClearCommand.Click
EncryptedDataText.Text = “”
ClearDataText.Text = “”
End Sub
End Class
The next picture shows the web page:
The web page for asymmetric algorithms in VB.NET

The web page for asymmetric algorithms in VB.NET

Important note:
Probably your aspx page for asymmetric encryption will generates the next error message:
Request Validation has detected a potentially dangerous client input value, and processing of the request has been aborted. This value may indicate an attempt to compromise the security of your application, such as a cross-site scripting attack. To allow pages to override application request validation settings, set the requestValidationMode attribute in the httpRuntime configuration section to requestValidationMode=”2.0″. Example: <httpRuntime requestValidationMode=”2.0″ />. After setting this value, you can then disable request validation by setting validateRequest=”false” in the Page directive or in the <pages> configuration section. However, it is strongly recommended that your application explicitly check all inputs in this case. For more information, see http://go.microsoft.com/fwlink/?LinkId=153133.
In this case you should follow the proposed settings.