Walkthrough: Creating a Cryptographic ApplicationÂ
This walkthrough provides code examples for encrypting and decrypting content. The code examples are designed for a Windows Forms application. This application does not demonstrate real world scenarios, such as using smart cards, but instead demonstrates the fundamentals of encryption and decryption.
This walkthrough uses the following guidelines for encryption:
Use the RijndaelManaged class, a symmetric algorithm, to encrypt and decrypt data by using its automatically generated Key and IV.
Use the RSACryptoServiceProvider, an asymmetric algorithm, to encrypt and decrypt the key to the data encrypted by RijndaelManaged. Asymmetric algorithms are best used for smaller amounts of data, such as a key.
.gif)
NoteIf your purpose is to protect data on your computer instead of exchanging encrypted content with other people, consider using the ProtectedData or ProtectedMemory classes.
The following table summarizes the cryptographic tasks in this topic.
| Task | Description |
|---|---|
Creating a Windows Forms application |
Lists the controls that are required to run the application. |
Declaring global objects |
Declares string path variables, the CspParameters, and the RSACryptoServiceProvider to have global context of the Form class. |
Creating an asymmetric key |
Creates an asymmetric public and private key value pair and assigns it a key container name. |
Encrypting a file |
Displays a dialog box to select a file for encryption and encrypts the file. |
Decrypting a file |
Displays a dialog box to select an encrypted file for decryption and decrypts the file. |
Getting a private key |
Gets the full key pair using the key container name. |
Exporting a public key |
Saves the key to an XML file with only public parameters. |
Importing a public key |
Loads the key from an XML file into the key container. |
Testing the application |
Lists procedures for testing this application. |
This application requires references to the following namespaces:
System.IO
System.Security.Cryptography
Creating a Windows Forms Application
Most of the code examples are designed to be event handlers for button controls. The following table lists the controls required for the sample application and their required names to match the code examples:
| Control | Name | Text Property (as needed) |
|---|---|---|
|
Encrypt File |
|
Button |
|
Decrypt File |
Button |
|
Create Keys |
Button |
|
Export Public Key |
Button |
|
Import Public Key |
Button |
|
Get Private Key |
|
||
|
||
OpenFileDialog |
|
Double click the buttons in the Visual Studio designer to create their event handlers.
Declaring Global Objects
Add the following code example to the Form's constructor. Edit the string variables for your environment and preferences.
' Declare CspParmeters and RsaCryptoServiceProvider
' objects with global scope of your Form class.
Dim cspp As CspParameters = New System.Security.Cryptography.CspParameters
Dim rsa As RSACryptoServiceProvider
' Path variables for source, encryption, and
' decryption folders. Must end with a backslash.
Dim EncrFolder As String = "c:\Encrypt\"
Dim DecrFolder As String = "c:\Decrypt\"
Dim SrcFolder As String = "c:\docs\"
' Public key file
Dim PubKeyFile As String = "c:\encrypt\rsaPublicKey.txt"
' Key container name for
' private/public key value pair.
Dim keyName As String = "Key01"
// Declare CspParmeters and RsaCryptoServiceProvider
// objects with global scope of your Form class.
CspParameters cspp = new CspParameters();
RSACryptoServiceProvider rsa;
// Path variables for source, encryption, and
// decryption folders. Must end with a backslash.
const string EncrFolder = @"c:\Encrypt\";
const string DecrFolder = @"c:\Decrypt\";
const string SrcFolder = @"c:\docs\";
// Public key file
const string PubKeyFile = @"c:\encrypt\rsaPublicKey.txt";
// Key container name for
// private/public key value pair.
const string keyName = "Key01";
Creating an Asymmetric Key
This task creates an asymmetric key that encrypts and decrypts the RijndaelManaged key, which was used to encrypt the content and displays the key container name on the label control.
Add the following code example as the Click event handler for the Create Keys button: buttonCreateAsmKeys_Click.
Private Sub buttonCreateAsmKeys_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles buttonCreateAsmKeys.Click
' Stores a key pair in the key container.
cspp.KeyContainerName = keyName
rsa = New RSACryptoServiceProvider(cspp)
rsa.PersistKeyInCsp = True
If rsa.PublicOnly = True Then
Label1.Text = "Key: " + cspp.KeyContainerName + " - Public Only"
Else
Label1.Text = "Key: " + cspp.KeyContainerName + " - Full Key Pair"
End If
End Sub
private void buttonCreateAsmKeys_Click(object sender, System.EventArgs e)
{
// Stores a key pair in the key container.
cspp.KeyContainerName = keyName;
rsa = new RSACryptoServiceProvider(cspp);
rsa.PersistKeyInCsp = true;
if (rsa.PublicOnly == true)
label1.Text = "Key: " + cspp.KeyContainerName + " - Public Only";
else
label1.Text = "Key: " + cspp.KeyContainerName + " - Full Key Pair";
}
Encrypting a File
This task involves two methods, the event handler method for the Encrypt File button, buttonEncryptFile_Click, and the EncryptFile method. The first method displays a dialog box for selecting a file and passes the file name to the second method which performs the encryption.
The encrypted content, key, and IV are all saved to one FileStream referred to as the encryption package.
The EncryptFile method does the following:
Creates a RijndaelManaged symmetric algorithm to encrypt the content.
Creates an instance of the RSACryptoServiceProvider to encrypt the RijndaelManaged key.
Uses a CryptoStream to read and encrypt the FileStream of the source file, in blocks of bytes, into a destination FileStream for the encrypted file.
Determines the lengths of the encrypted key and IV and creates byte arrays of their length values.
Writes the Key, IV, and their length values to the encrypted package.
The encryption package the following format:
Key length, bytes 0 - 3
IV length, bytes 4 - 7
Encrypted key
IV
Cipher text
By having the lengths of the key and IV, you can determine the starting points and lengths of all parts of the encryption package for decrypting the file.
Add the following code example as the Click event handler for the Encrypt File button: buttonEncryptFile_Click.
Private Sub buttonEncryptFile_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles buttonEncryptFile.Click
If rsa Is Nothing Then
MsgBox("Key not set.")
Else
' Display a dialog box to select a file to encrypt.
OpenFileDialog1.InitialDirectory = SrcFolder
If OpenFileDialog1.ShowDialog = Windows.Forms.DialogResult.OK Then
Try
Dim fName As String = OpenFileDialog1.FileName
If (Not (fName) Is Nothing) Then
Dim fInfo As FileInfo = New FileInfo(fName)
' Use just the file name without path.
Dim name As String = fInfo.Name
EncryptFile(name)
End If
Catch ex As Exception
MsgBox(ex.Message)
End Try
End If
End If
End Sub
private void buttonEncryptFile_Click(object sender, System.EventArgs e)
{
if (rsa == null)
MessageBox.Show("Key not set.");
else
{
// Display a dialog box to select a file to encrypt.
openFileDialog1.InitialDirectory = SrcFolder;
if (openFileDialog1.ShowDialog() == DialogResult.OK)
{
string fName = openFileDialog1.FileName;
if (fName != null)
{
FileInfo fInfo = new FileInfo(fName);
// Pass the file name without the path.
string name = fInfo.Name;
EncryptFile(name);
}
}
}
}
Add the following EncryptFile method to the form.
Private Sub EncryptFile(ByVal inFile As String)
' Create instance of Rijndael for
' symetric encryption of the data.
Dim rjndl As RijndaelManaged = New RijndaelManaged
rjndl.KeySize = 256
rjndl.BlockSize = 256
rjndl.Mode = CipherMode.CBC
Dim transform As ICryptoTransform = rjndl.CreateEncryptor
' Use RSACryptoServiceProvider to
' enrypt the Rijndael key.
Dim keyEncrypted() As Byte = rsa.Encrypt(rjndl.Key, False)
' Create byte arrays to contain
' the length values of the key and IV.
Dim LenK() As Byte = New Byte((4) - 1) {}
Dim LenIV() As Byte = New Byte((4) - 1) {}
Dim lKey As Integer = keyEncrypted.Length
LenK = BitConverter.GetBytes(lKey)
Dim lIV As Integer = rjndl.IV.Length
LenIV = BitConverter.GetBytes(lIV)
' Write the following to the FileStream
' for the encrypted file (outFs):
' - length of the key
' - length of the IV
' - ecrypted key
' - the IV
' - the encrypted cipher content
' Change the file's extension to ".enc"
Dim outFile As String = (EncrFolder _
+ (inFile.Substring(0, inFile.LastIndexOf(".")) + ".enc"))
Using outFs As FileStream = New FileStream(outFile, FileMode.Create)
outFs.Write(LenK, 0, 4)
outFs.Write(LenIV, 0, 4)
outFs.Write(keyEncrypted, 0, lKey)
outFs.Write(rjndl.IV, 0, lIV)
' Now write the cipher text using
' a CryptoStream for encrypting.
Using outStreamEncrypted As CryptoStream = New CryptoStream(outFs, transform, CryptoStreamMode.Write)
' By encrypting a chunk at
' a time, you can save memory
' and accommodate large files.
Dim count As Integer = 0
Dim offset As Integer = 0
' blockSizeBytes can be any arbitrary size.
Dim blockSizeBytes As Integer = (rjndl.BlockSize / 8)
Dim data() As Byte = New Byte((blockSizeBytes) - 1) {}
Dim bytesRead As Integer = 0
Using inFs As FileStream = New FileStream(inFile, FileMode.Open)
Do
count = inFs.Read(data, 0, blockSizeBytes)
offset = (offset + count)
outStreamEncrypted.Write(data, 0, count)
bytesRead = (bytesRead + blockSizeBytes)
Loop Until (count = 0)
outStreamEncrypted.FlushFinalBlock()
inFs.Close()
End Using
outStreamEncrypted.Close()
End Using
outFs.Close()
End Using
End Sub
private void EncryptFile(string inFile)
{
// Create instance of Rijndael for
// symetric encryption of the data.
RijndaelManaged rjndl = new RijndaelManaged();
rjndl.KeySize = 256;
rjndl.BlockSize = 256;
rjndl.Mode = CipherMode.CBC;
ICryptoTransform transform = rjndl.CreateEncryptor();
// Use RSACryptoServiceProvider to
// enrypt the Rijndael key.
byte[] keyEncrypted = rsa.Encrypt(rjndl.Key, false);
// Create byte arrays to contain
// the length values of the key and IV.
byte[] LenK = new byte[4];
byte[] LenIV = new byte[4];
int lKey = keyEncrypted.Length;
LenK = BitConverter.GetBytes(lKey);
int lIV = rjndl.IV.Length;
LenIV = BitConverter.GetBytes(lIV);
// Write the following to the FileStream
// for the encrypted file (outFs):
// - length of the key
// - length of the IV
// - ecrypted key
// - the IV
// - the encrypted cipher content
// Change the file's extension to ".enc"
string outFile = EncrFolder + inFile.Substring(0, inFile.LastIndexOf(".")) + ".enc";
using (FileStream outFs = new FileStream(outFile, FileMode.Create))
{
outFs.Write(LenK, 0, 4);
outFs.Write(LenIV, 0, 4);
outFs.Write(keyEncrypted, 0, lKey);
outFs.Write(rjndl.IV, 0, lIV);
// Now write the cipher text using
// a CryptoStream for encrypting.
using (CryptoStream outStreamEncrypted = new CryptoStream(outFs, transform, CryptoStreamMode.Write))
{
// By encrypting a chunk at
// a time, you can save memory
// and accommodate large files.
int count = 0;
int offset = 0;
// blockSizeBytes can be any arbitrary size.
int blockSizeBytes = rjndl.BlockSize / 8;
byte[] data = new byte[blockSizeBytes];
int bytesRead = 0;
using (FileStream inFs = new FileStream(inFile, FileMode.Open))
{
do
{
count = inFs.Read(data, 0, blockSizeBytes);
offset += count;
outStreamEncrypted.Write(data, 0, count);
bytesRead += blockSizeBytes;
}
while (count > 0);
inFs.Close();
}
outStreamEncrypted.FlushFinalBlock();
outStreamEncrypted.Close();
}
outFs.Close();
}
}
Decrypting a File
This task involves two methods, the event handler method for the Decrypt File button, buttonEncryptFile_Click, and the DecryptFile method. The first method displays a dialog box for selecting a file and passes its file name to the second method which performs the decryption.
The Decrypt method does the following:
Creates a RijndaelManaged symmetric algorithm to decrypt the content.
Reads the first eight bytes of the FileStream of the encrypted package into byte arrays to obtain the lengths of the encrypted key and the IV.
Extracts key and IV from the encryption package into byte arrays.
Creates an instance of the RSACryptoServiceProvider to decrypt the RijndaelManaged key.
Uses a CryptoStream to read and decrypt the cipher text section of the FileStream encryption package, in blocks of bytes, into the FileStream for the decrypted file. When this is finished, the decryption is completed.
Add the following code example as the Click event handler for the Decrypt File button.
Private Sub buttonDecryptFile_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles buttonDecryptFile.Click
If rsa Is Nothing Then
MsgBox("Key not set.")
Else
' Display a dialog box to select the encrypted file.
OpenFileDialog2.InitialDirectory = EncrFolder
If (OpenFileDialog2.ShowDialog = Windows.Forms.DialogResult.OK) Then
Try
Dim fName As String = OpenFileDialog2.FileName
If (Not (fName) Is Nothing) Then
Dim fi As FileInfo = New FileInfo(fName)
Dim name As String = fi.Name
DecryptFile(name)
End If
Catch ex As Exception
MessageBox.Show(ex.Message)
End Try
End If
End If
End Sub
private void buttonDecryptFile_Click(object sender, EventArgs e)
{
if (rsa == null)
MessageBox.Show("Key not set.");
else
{
// Display a dialog box to select the encrypted file.
openFileDialog2.InitialDirectory = EncrFolder;
if (openFileDialog2.ShowDialog() == DialogResult.OK)
{
string fName = openFileDialog2.FileName;
if (fName != null)
{
FileInfo fi = new FileInfo(fName);
string name = fi.Name;
DecryptFile(name);
}
}
}
}
Add the following DecryptFile method to the form.
Private Sub DecryptFile(ByVal inFile As String)
' Create instance of Rijndael for
' symetric decryption of the data.
Dim rjndl As RijndaelManaged = New RijndaelManaged
rjndl.KeySize = 256
rjndl.BlockSize = 256
rjndl.Mode = CipherMode.CBC
' Create byte arrays to get the length of
' the encrypted key and IV.
' These values were stored as 4 bytes each
' at the beginning of the encrypted package.
Dim LenK() As Byte = New Byte(4 - 1) {}
Dim LenIV() As Byte = New Byte(4 - 1) {}
' Construct the file name for the decrypted file.
Dim outFile As String = (DecrFolder _
+ (inFile.Substring(0, inFile.LastIndexOf(".")) + ".txt"))
' Use FileStream objects to read the encrypted
' file (inFs) and save the decrypted file (outFs).
Using inFs As FileStream = New FileStream((EncrFolder + inFile), FileMode.Open)
inFs.Seek(0, SeekOrigin.Begin)
inFs.Read(LenK, 0, 3)
inFs.Seek(4, SeekOrigin.Begin)
inFs.Read(LenIV, 0, 3)
Dim lengthK As Integer = BitConverter.ToInt32(LenK, 0)
Dim lengthIV As Integer = BitConverter.ToInt32(LenIV, 0)
Dim startC As Integer = (lengthK + lengthIV + 8)
Dim lenC As Integer = (CType(inFs.Length, Integer) - startC)
Dim KeyEncrypted() As Byte = New Byte(lengthK - 1) {}
Dim IV() As Byte = New Byte(lengthIV - 1) {}
' Extract the key and IV
' starting from index 8
' after the length values.
inFs.Seek(8, SeekOrigin.Begin)
inFs.Read(KeyEncrypted, 0, lengthK)
inFs.Seek(8 + lengthK, SeekOrigin.Begin)
inFs.Read(IV, 0, lengthIV)
Dim KeyDecrypted() As Byte = rsa.Decrypt(KeyEncrypted, False)
' Decrypt the key.
Dim transform As ICryptoTransform = rjndl.CreateDecryptor(KeyDecrypted, IV)
' Decrypt the cipher text from
' from the FileSteam of the encrypted
' file (inFs) into the FileStream
' for the decrypted file (outFs).
Using outFs As FileStream = New FileStream(outFile, FileMode.Create)
Dim count As Integer = 0
Dim offset As Integer = 0
' blockSizeBytes can be any arbitrary size.
Dim blockSizeBytes As Integer = (rjndl.BlockSize / 8)
Dim data() As Byte = New Byte(blockSizeBytes - 1) {}
' By decrypting a chunk a time,
' you can save memory and
' accommodate large files.
' Start at the beginning
' of the cipher text.
inFs.Seek(startC, SeekOrigin.Begin)
Using outStreamDecrypted As CryptoStream = New CryptoStream(outFs, transform, CryptoStreamMode.Write)
Do
count = inFs.Read(data, 0, blockSizeBytes)
offset = (offset + count)
outStreamDecrypted.Write(data, 0, count)
Loop Until (count = 0)
outStreamDecrypted.FlushFinalBlock()
outStreamDecrypted.Close()
End Using
outFs.Close()
End Using
inFs.Close()
End Using
End Sub
private void DecryptFile(string inFile)
{
// Create instance of Rijndael for
// symetric decryption of the data.
RijndaelManaged rjndl = new RijndaelManaged();
rjndl.KeySize = 256;
rjndl.BlockSize = 256;
rjndl.Mode = CipherMode.CBC;
rjndl.Padding = PaddingMode.None;
// Create byte arrays to get the length of
// the encrypted key and IV.
// These values were stored as 4 bytes each
// at the beginning of the encrypted package.
byte[] LenK = new byte[4];
byte[] LenIV = new byte[4];
// Consruct the file name for the decrypted file.
string outFile = DecrFolder + inFile.Substring(0, inFile.LastIndexOf(".")) + ".txt";
// Use FileStream objects to read the encrypted
// file (inFs) and save the decrypted file (outFs).
using (FileStream inFs = new FileStream(EncrFolder + inFile, FileMode.Open))
{
inFs.Seek(0, SeekOrigin.Begin);
inFs.Seek(0, SeekOrigin.Begin);
inFs.Read(LenK, 0, 3);
inFs.Seek(4, SeekOrigin.Begin);
inFs.Read(LenIV, 0, 3);
// Convert the lengths to integer values.
int lenK = BitConverter.ToInt32(LenK, 0);
int lenIV = BitConverter.ToInt32(LenIV, 0);
// Determine the start postition of
// the ciphter text (startC)
// and its length(lenC).
int startC = lenK + lenIV + 8;
int lenC = (int)inFs.Length - startC;
// Create the byte arrays for
// the encrypted Rijndael key,
// the IV, and the cipher text.
byte[] KeyEncrypted = new byte[lenK];
byte[] IV = new byte[lenIV];
// Extract the key and IV
// starting from index 8
// after the length values.
inFs.Seek(8, SeekOrigin.Begin);
inFs.Read(KeyEncrypted, 0, lenK);
inFs.Seek(8 + lenK, SeekOrigin.Begin);
inFs.Read(IV, 0, lenIV);
// Use RSACryptoServiceProvider
// to decrypt the Rijndael key.
byte[] KeyDecrypted = rsa.Decrypt(KeyEncrypted, false);
// Decrypt the key.
ICryptoTransform transform = rjndl.CreateDecryptor(KeyDecrypted, IV);
// Decrypt the cipher text from
// from the FileSteam of the encrypted
// file (inFs) into the FileStream
// for the decrypted file (outFs).
using (FileStream outFs = new FileStream(outFile, FileMode.Create))
{
int count = 0;
int offset = 0;
// blockSizeBytes can be any arbitrary size.
int blockSizeBytes = rjndl.BlockSize / 8;
byte[] data = new byte[blockSizeBytes];
// By decrypting a chunk a time,
// you can save memory and
// accommodate large files.
// Start at the beginning
// of the cipher text.
inFs.Seek(startC, SeekOrigin.Begin);
using (CryptoStream outStreamDecrypted = new CryptoStream(outFs, transform, CryptoStreamMode.Write))
{
do
{
count = inFs.Read(data, 0, blockSizeBytes);
offset += count;
outStreamDecrypted.Write(data, 0, count);
}
while (count > 0);
outStreamDecrypted.FlushFinalBlock();
outStreamDecrypted.Close();
}
outFs.Close();
}
inFs.Close();
}
}
Exporting a Public Key
This task saves the key, as created by the Create Keys button, to a file exporting only the public parameters.
This task simulates the scenario of Alice giving Bob her pubic key so that he can encrypt files for her. He and others who have that public key won’t be able to decrypt them because they do not have the full key pair with private parameters.
Add the following code example as the Click event handler for the Create Keys button: buttonExportPublicKey_Click.
Private Sub buttonExportPublicKey_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles buttonExportPublicKey.Click
' Save the public key created by the RSA
' to a file. Caution, persisting the
' key to a file is a security risk.
Dim sw As StreamWriter = New StreamWriter(PubKeyFile)
sw.Write(rsa.ToXmlString(False))
sw.Close()
End Sub
void buttonExportPublicKey_Click(object sender, System.EventArgs e)
{
// Save the public key created by the RSA
// to a file. Caution, persisting the
// key to a file is a security risk.
StreamWriter sw = new StreamWriter(PubKeyFile);
sw.Write(rsa.ToXmlString(false));
sw.Close();
}
Importing a Public Key
This task loads the key with only public parameters, as created by the Export Public Key button, and sets it as the key container name.
This task simulates the scenario of Bob loading Alice's key with only public parameters so he can encrypt files for her.
Add the following code example as the Click event handler for the Import Public Key button: buttonImportPublicKey_Click.
Private Sub buttonImportPublicKey_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles buttonImportPublicKey.Click
Dim sr As StreamReader = New StreamReader(PubKeyFile)
cspp.KeyContainerName = keyName
rsa = New RSACryptoServiceProvider(cspp)
Dim keytxt As String = sr.ReadToEnd
rsa.FromXmlString(keytxt)
rsa.PersistKeyInCsp = True
If rsa.PublicOnly = True Then
Label1.Text = "Key: " + cspp.KeyContainerName + " - Public Only"
Else
Label1.Text = "Key: " + cspp.KeyContainerName + " - Full Key Pair"
End If
sr.Close()
End Sub
void buttonImportPublicKey_Click(object sender, System.EventArgs e)
{
StreamReader sr = new StreamReader(PubKeyFile);
cspp.KeyContainerName = keyName;
rsa = new RSACryptoServiceProvider(cspp);
string keytxt = sr.ReadToEnd();
rsa.FromXmlString(keytxt);
rsa.PersistKeyInCsp = true;
if (rsa.PublicOnly == true)
label1.Text = "Key: " + cspp.KeyContainerName + " - Public Only";
else
label1.Text = "Key: " + cspp.KeyContainerName + " - Full Key Pair";
sr.Close();
}
Getting a Private Key
This task sets the key container name to the name of the key created by using the Create Keys button and is the full key pair with private parameters.
This task simulates the scenario of Alice using her private key to decrypt files encrypted by Bob.
Add the following code example as the Click event handler for the Get Private Key button: buttonGetPrivateKey_Click.
Private Sub buttonGetPrivateKey_Click(ByVal sender As System.Object, _
ByVal e As System.EventArgs) Handles buttonGetPrivateKey.Click
cspp.KeyContainerName = keyName
rsa = New RSACryptoServiceProvider(cspp)
rsa.PersistKeyInCsp = True
If rsa.PublicOnly = True Then
Label1.Text = "Key: " + cspp.KeyContainerName + " - Public Only"
Else
Label1.Text = "Key: " + cspp.KeyContainerName + " - Full Key Pair"
End If
End Sub
private void buttonGetPrivateKey_Click(object sender, EventArgs e)
{
cspp.KeyContainerName = keyName;
rsa = new RSACryptoServiceProvider(cspp);
rsa.PersistKeyInCsp = true;
if (rsa.PublicOnly == true)
label1.Text = "Key: " + cspp.KeyContainerName + " - Public Only";
else
label1.Text = "Key: " + cspp.KeyContainerName + " - Full Key Pair";
}
Testing the Application
After you have built the application, perform the following testing scenarios.
To create keys, encrypt, and decrypt
Click the Create Keys button. The label displays the key name and that it is a full key pair.
Click the Export Public Key button. Note that exporting the public key parameters does not change the current key.
Click the Encrypt File button and select a file.
Click the Decrypt File button and select the file just encrypted.
Examine the file just decrypted.
Close the application and restart to test retrieving persisted key containers in the next scenario.
To encrypt using the public key
Click the Import Public Key button. The label displays the key name and that it is public only.
Click the Encrypt File button and select a file.
Click the Decrypt File button and select the file just encrypted. This will fail because you must have the private key to decrypt.
This scenario demonstrates having only the public key to encrypt a file for another person. Typically that person would give you only the public key and withhold the private key for decryption.
To decrypt using the private key
Click the Get Private Key button. The label displays the key name and whether it is the full key pair.
Click the Decrypt File button and select the file just encrypted. This will be successful because you have the full key pair to decrypt.