How to perform RSAES-OAEP encryption and decryption using .NET Framework?

Question

The question is fairly straightforward - is RSAES-OAEP possible with the built-in cryptographic primitives? If not, is a 3rd party library such as BouncyCastle able to provide such functionality?

The purpose of this is to encrypt a 256-bit AES key.

Answer 1

Yes it is possible with the .NET Framework, and yes it is also possible with BouncyCastle (latter confirmed from inspection of source, as official documentation for the .NET version of BouncyCastle seems to be scarce).

Some .NET framework classes you should have a look at:

1. RSACryptoServiceProvider (MSDN) - there is an example on the bottom of that page for basic encryption and decryption. Note the boolean second parameter to both Encrypt and Decrypt should be passed as true for OAEP padding.

2. RSAOAEPKeyExchangeFormatter / RSAOAEPKeyExchangeDeformatter (MSDN) which also has an example at the bottom of the page, in this case illustrating your specific scenario of exchanging an AES key.