All about Cryptography in .NET

Introduction

While going through lot of articles on MSDN and on other sites, I wasn't able to get enough information in one go. So, I thought to write up an article which will cover up all the cryptography and that too with an example.

Description

The .NET Framework provides the following classes that implement:

Secret key encryption algorithms: Private-key algorithms are relatively fast and can be used to encrypt and decrypt large streams of data. Private-key algorithms are known as block ciphers because they encrypt data one block at a time. A block cipher will encrypt the same input block into the same output block based on the algorithm and key. If anything were known about the structure of the data, patterns could be detected and the key could possibly be reverse engineered. To combat this, the classes in the .NET Framework use a process known as chaining where information from the previous block is used in encrypting the current block. This helps prevent the key from being discovered. It requires an initialization vector (IV) be given to encrypt the first block of data.

DESCryptoServiceProvider - Data Encryption Standard (DES) algorithm encrypts and decrypts data in 64-bit blocks, using a 64-bit key. Even though the key is 64-bit, the effective key strength is only 56-bits. There are hardware devices advanced enough that they can search all possible DES keys in a reasonable amount of time. This makes the DES algorithm breakable, and the algorithm is considered somewhat obsolete.
RC2CryptoServiceProvider - RC2 is a variable key-size block cipher. The key size can vary from 8-bit up to 64-bits for the key. It was specifically designed as a more secure replacement to DES. The processing speed is two to three times faster than DES. However, the RC2CryptoServiceProvider available in the .NET Framework is limited to 8 characters, or a 64-bit key. The 8-character limitation makes it susceptible to the same brute force attack as DES.
RijndaelManaged - Rijndael algorithm, one of the Advanced Encryption Standard (AES) algorithms, was designed as a replacement for the DES algorithms. The key strength is stronger than DES and was designed to out perform DES. The key can vary in length from 128, 192, to 256 bits in length.
TripleDESCryptoServiceProvider - TripleDES algorithm uses three successive iterations of the DES algorithm. The algorithm uses either two or three keys. Just as the DES algorithm, the key size is 64-bit per key with an effective key strength of 56-bit per key. The TripleDES algorithm was designed to fix the shortcomings of the DES algorithm, but the three iterations result in a processing speed three times slower than DES alone.

Algo Name	Algo Class (Abstract)	Valid Key Size (bit)	Default Key Size (Bit)	Default Implementation Class
DES	DES	64	64	`DESCryptoServiceProvider`
TripleDES	TripleDES	128, 192	192	`TripleDESCryptoServiceProvider`
RC2	RC2	40-128	128	`RC2CryptoServiceProvider`
RijnDael	RijnDael	128, 192, 256	256	`RijnDaelManaged`

Public-key encryption algorithms: Public-key encryption has a much larger keyspace, or range of possible values for the key, and is therefore less susceptible to exhaustive attacks that try every possible key. A public key is easy to distribute because it does not have to be secured. Public-key algorithms can be used to create digital signatures to verify the identity of the sender of data. However, public-key algorithms are extremely slow (compared to secret-key algorithms) and are not designed to encrypt large amounts of data. Public-key algorithms are useful only for transferring very small amounts of data. Typically, public-key encryption is used to encrypt a key and IV to be used by a secret-key algorithm. After the key and IV are transferred, then secret-key encryption is used for the remainder of the session.
- DSACryptoServiceProvider
- RSACryptoServiceProvider
Digital signature algorithms (Hash): The .NET Framework provides support for the following hash algorithms.
- HMACSHA1 - An HMAC can be used to determine whether a message sent over an insecure channel has been tampered with, provided that the sender and receiver share a secret key. The sender computes the HMAC for the original data and sends both the original data and HMAC as a single message. The receiver recomputes the HMAC on the received message and checks that the computed HMAC matches the transmitted HMAC.
  Any change to the data or the HMAC will result in a mismatch, because knowledge of the secret key is required to change the message and reproduce the correct HMAC. Therefore, if the codes match, the message is authenticated.
  
  HMACSHA1 accepts keys of any size, and produces a hash sequence of length 20 bytes.
- MACTripleDES - A MAC can be used to determine whether a message sent over an insecure channel has been tampered with, provided that the sender and receiver share a secret key. The sender computes the MAC for the original data and sends both as a single message. The receiver recomputes the MAC on the received message, and checks that the computed MAC matches the transmitted MAC.
  Any change to the data or the MAC will result in a mismatch, because knowledge of the secret key is required to change the message and reproduce the correct MAC. Therefore, if the codes match, the message is authenticated.
  
  MACTripleDES uses a key of length 8, 16 or 24 bytes, and produces a hash sequence of length 8 bytes.
- MD5CryptoServiceProvider
- SHA1Managed - The hash is used as a unique value of fixed size representing a large amount of data. Hashes of two sets of data should match if and only if the corresponding data also matches. Small changes to the data result in large unpredictable changes in the hash.
  This is a purely managed implementation of SHA1 that does not wrap CAPI.
  
  The hash size for the SHA1Managed algorithm is 160 bits.
- SHA256Managed - The hash size for the SHA256Managed algorithm is 256 bits.
- SHA384Managed - The hash size for the SHA384Managed algorithm is 384 bits.
  This is an abstract class. The only implementation of this class is SHA384Managed.
- SHA512Managed - The hash size for the SHA512Managed algorithm is 512 bits.

Till now we have studied a lot about the Cryptography and the support given in .NET Framework 1.1. Let's take up a example for Encryption/Decryption of text.

Following is the Code of Encryption with �Rijndael� Algorithm. This is a class library developed in C#. You can use this code as a plug-in and use it for Encryption, Decryption and Hashing.

using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
using System.Diagnostics;

namespace JackTheGreat.Encryption.Cryptography
{
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
using System.Diagnostics;

namespace JackTheGreat.Encryption.Cryptography
{
  /// <summary>

  /// Summary description for EncryptData.

  /// </summary>

  public class CryptoLib
  {

    public System.Security.Cryptography.SymmetricAlgorithm mCryptProv;
    public System.Diagnostics.EventLog objEventLog;

    #region "Encrypt Function"
    public string Encrypt(string EncryptProvider, string EncryptStr, 
        int BlckSize, int KySize, string Key, string IV)
    {
      //Check if something Algo is Selected 

      if(EncryptProvider.Length<=0)
      {
        return("Pass an Algo to use to Encrypt.");
      }
    
      //Since, The selected algo may not be Symmetric, So Try it

      try
      {
        mCryptProv = SymmetricAlgorithm.Create(EncryptProvider);
        mCryptProv.Mode = CipherMode.CBC;
      }
      catch(Exception ee)
      {
        return("Exception : " + ee.Message);
      }
      try
      {
        //Each Algo has different Size of Key and Block, So let's try

        mCryptProv.BlockSize = BlckSize;
        mCryptProv.KeySize = KySize;
      }
      catch
      {
        //Invalid Block or Key Size. Show the Default Ones

        string mStr;
        mStr = mCryptProv.BlockSize.ToString();
        mStr += "Invalid Block or Key Size.Valid Sizes are : "; 
        mStr += "Block Size = " + 
             mCryptProv.LegalBlockSizes[0].MinSize.ToString() + 
             " - " + mCryptProv.LegalBlockSizes[0].MaxSize.ToString() + 
             " With Increment of " + 
             mCryptProv.LegalBlockSizes[0].SkipSize.ToString();
        mStr += "Key  Size = " + 
             mCryptProv.LegalKeySizes[0].MinSize.ToString() + 
             " - " + mCryptProv.LegalKeySizes[0].MaxSize.ToString() + 
             " With Increment of " + 
             mCryptProv.LegalKeySizes[0].SkipSize.ToString();
        return(mStr);
        //Show the Valid Block Size 

      }
      
      try
      {
        //Change the supplied key to a byte array

        byte[] thisKey = stringtoByte(Key,KySize);
        
        //Hash the Supplied Secret key

        byte[] resultKey = HashOfByteArray(thisKey);
        
        int loopTill=0;
        if(BlckSize==128)loopTill=16;
        if(BlckSize==192)loopTill=24;
        if(BlckSize==256)loopTill=32;

        byte[] BlockKey = new byte[loopTill];
        for(int loop=0; loop<loopTill; loop++ ) 
          BlockKey[loop] = resultKey[loop];


        //Change the supplied IV to a byte array

        byte[] thisIV = stringtoByte(IV,BlckSize);
        //Hash the Supplied IV


        byte[] resultIV = HashOfByteArray(thisIV);
        //byte[] resultIV = thisIV;


      
        byte[] BlockIV = new byte[loopTill];
        for( int loop=0; loop<loopTill; loop++ )
          BlockIV[loop] = resultIV[loop];

        //Create the Encryptor, Passing that the Key and IV

        
        ICryptoTransform mEncryptor = 
             mCryptProv.CreateEncryptor(BlockKey, BlockIV);
      
        //Create Memory Stream

        System.IO.MemoryStream mMemStr = new MemoryStream();

        //Create the Crypto Stream,

        // Passing that the Memory Stream and Encryptor

        CryptoStream mCryptStr= new CryptoStream(mMemStr, 
                 mEncryptor, CryptoStreamMode.Write);
      
        //Convert the Supplied plaintext into a byte array

        byte[] bInput = stringtoByte(EncryptStr,512);
        //System.Text.Encoding.UTF8.GetBytes(EncryptStr);

        //stringtoByte(EncryptStr,512);


        // write out encrypted content into MemoryStream 

        mCryptStr.Write(bInput, 0, bInput.Length); 
        mCryptStr.FlushFinalBlock(); 
        
        // get the output and trim the '\0' bytes 

        byte[] bOutput = mMemStr.GetBuffer(); 

        int MemLength = System.Convert.ToInt32(mMemStr.Length);
      
        //Clean up the memory

        mCryptStr.Close();
        mMemStr.Close();
        mEncryptor.Dispose();

        // convert into Base64 so that the result can be used in xml 

        
        return Convert.ToBase64String(bOutput,0,MemLength); 
      }
      catch(System.Security.Cryptography.CryptographicException ee)
      {
        objEventLog = new System.Diagnostics.EventLog();
        objEventLog.Source = "SMP-CryptoGraphy";
        objEventLog.WriteEntry("Exception Occured in Encryption Process." +
                  " Error is = " +
                  ee.Message ,System.Diagnostics.EventLogEntryType.Error);
        objEventLog.Dispose();
        return("");
      }
     }
    #endregion
  
    #region "Decrypt Function"
    public string Decrypt(string EncryptProvider, string EncryptStr, 
            int BlckSize, int KySize, string Key, string IV)
    {
      //Check if something Algo is Selected 

      if(EncryptProvider.Length<=0)
      {
        return("Pass an Algo to use to Encrypt.");
      }
    
      //Since, The selected algo may not be Symmetric, So Try it

      try
      {
        mCryptProv = SymmetricAlgorithm.Create(EncryptProvider);
        mCryptProv.Mode = CipherMode.CBC;
      }
      catch(Exception ee)
      {
        return("Exception-1: " + ee.Message);
      }
      try
      {
        //Each Algo has different Size of Key and Block, So let's try

        mCryptProv.BlockSize = BlckSize;
        mCryptProv.KeySize = KySize;
      }
      catch
      {
        //Invalid Block or Key Size. Show the Default Ones

        string mStr;
        mStr = mCryptProv.BlockSize.ToString();
        mStr += "Invalid Block or Key Size.Valid Sizes are : "; 
        mStr += "Block Size = " + 
              mCryptProv.LegalBlockSizes[0].MinSize.ToString() + 
              " - " + mCryptProv.LegalBlockSizes[0].MaxSize.ToString() + 
              " With Increment of " + 
              mCryptProv.LegalBlockSizes[0].SkipSize.ToString();
        mStr += "Key  Size = " + 
              mCryptProv.LegalKeySizes[0].MinSize.ToString() + 
              " - " + mCryptProv.LegalKeySizes[0].MaxSize.ToString() + 
              " With Increment of " + 
              mCryptProv.LegalKeySizes[0].SkipSize.ToString();
        return(mStr);
        //Show the Valid Block Size 

      }
      
      try
      {
        //Change the supplied key to a byte array

        byte[] thisKey = stringtoByte(Key,KySize);
        //Hash the Supplied Secret key


        byte[] resultKey = HashOfByteArray(thisKey);
        int loopTill=0;
        if(BlckSize==128)loopTill=16;
        if(BlckSize==192)loopTill=24;
        if(BlckSize==256)loopTill=32;

        byte[] BlockKey = new byte[loopTill];
        for(int loop=0; loop<loopTill; loop++ ) 
          BlockKey[loop] = resultKey[loop];

        //Change the supplied IV to a byte array

        byte[] thisIV = stringtoByte(IV,BlckSize);

        //Hash the Supplied IV

        byte[] resultIV = HashOfByteArray(thisIV);
      
        byte[] BlockIV = new byte[loopTill];
        for( int loop=0; loop<loopTill; loop++ )
          BlockIV[loop] = resultIV[loop];

        //Try to Decrypt values in the memory

        //First Create the Decryptor, By Passing Key and IV

        ICryptoTransform mDecrypt = 
            mCryptProv.CreateDecryptor(thisKey, thisIV);
          
        byte[] bInput = System.Convert.FromBase64String(EncryptStr); 
        
        // create a MemoryStream with the input 

        System.IO.MemoryStream ms = 
              new System.IO.MemoryStream(bInput, 0, bInput.Length); 

        //Create Crypto Stream

        CryptoStream mCSReader = 
              new CryptoStream(ms, mDecrypt, CryptoStreamMode.Read);

        // read out the result from the Crypto Stream 

        System.IO.StreamReader sr = new System.IO.StreamReader(mCSReader); 
      
        //Close the crypto stream

        mCSReader.Close();
        ms.Close();
        mDecrypt.Dispose();
        return sr.ReadToEnd(); 
      }
      catch(System.Exception ee)
      {
        return("Exception in processing " + ee.Message);
      }
    }
    #endregion

    #region "Hashing of a BYTE Array by using SHA512Managed -" +
            " return value is a Byte Array"
    private byte[] HashOfByteArray(byte[] ByteArray)
    {
      SHA512Managed sha512Key = new SHA512Managed();
      Sha512Key.ComputeHash(ByteArray);
      return(sha512Key.Hash);
    }
    #endregion
  
    #region "Hashing of a String by using SHA512Managed - " +
             "return value is a Base64 string"
    public string HashOfString(string PlainText)
    {
      //Change the supplied string to a byte array

      try
      {
        int thisSize = PlainText.Length*8;
        int temp;
        if(PlainText.Length<1)
        {
          return("Please enter a Valid String to Hash. String passed is " + 
                    PlainText.ToString());
          
        }
        byte[] thisStr = new byte[thisSize];
        int lastBound = PlainText.Length;
        if(lastBound > thisSize)lastBound = thisSize;
        for(temp = 0;temp<=lastBound - 1;temp++)
        {
          thisStr[temp] = Convert.ToByte(PlainText[temp]);
        }
      
        SHA512Managed sha512Key = new SHA512Managed();
        Sha512Key.ComputeHash(thisStr);
        return(Convert.ToBase64String(sha512Key.Hash));
      }
      catch(System.Security.Cryptography.CryptographicException ee)
      {
        return("Exception Occured in Hashing Process. Error is = " +
                ee.Message);
    
      }
    }
    #endregion
    
    #region "String to a byte array conversion -" +
          " return value is a BYTE array"
    private byte[] stringtoByte(string textdata,int keySize)
    {
      int thisSize = (keySize / 8);
      int temp;
      byte[] returnByteArray = new byte[thisSize];
      int lastBound = textdata.Length;
      if(lastBound > thisSize)lastBound = thisSize;
      for(temp = 0;temp<=lastBound - 1;temp++)
      {
        returnByteArray[temp] = Convert.ToByte(textdata[temp]);
      }
      return(returnByteArray);
    }
    #endregion
  }

}
/// <summary>

  /// Summary description for EncryptData.

  /// </summary>

  public class CryptoLib
  {

    public System.Security.Cryptography.SymmetricAlgorithm mCryptProv;
    public System.Diagnostics.EventLog objEventLog;

    #region "Encrypt Function"
    public string Encrypt(string EncryptProvider, string EncryptStr, 
         int BlckSize, int KySize, string Key, string IV)
    {
      //Check if something Algo is Selected 

      if(EncryptProvider.Length<=0)
      {
              return("Pass an Algo to use to Encrypt.");
      }
    
      //Since, The selected algo may not be Symmetric, So Try it

      try
      {
        mCryptProv = SymmetricAlgorithm.Create(EncryptProvider);
        mCryptProv.Mode = CipherMode.CBC;
      }
      catch(Exception ee)
      {
        return("Exception : " + ee.Message);
      }
      try
      {
        //Each Algo has different Size of Key and Block, So let's try

        mCryptProv.BlockSize = BlckSize;
        mCryptProv.KeySize = KySize;
      }
      catch
      {
        //Invalid Block or Key Size. Show the Default Ones

        string mStr;
        mStr = mCryptProv.BlockSize.ToString();
        mStr += "Invalid Block or Key Size.Valid Sizes are : "; 
        mStr += "Block Size = " + 
              mCryptProv.LegalBlockSizes[0].MinSize.ToString() + 
              " - " + mCryptProv.LegalBlockSizes[0].MaxSize.ToString() + 
              " With Increment of " + 
              mCryptProv.LegalBlockSizes[0].SkipSize.ToString();
        mStr += "Key  Size = " + 
              mCryptProv.LegalKeySizes[0].MinSize.ToString() + 
              " - " + mCryptProv.LegalKeySizes[0].MaxSize.ToString() + 
              " With Increment of " + 
              mCryptProv.LegalKeySizes[0].SkipSize.ToString();
        return(mStr);
        //Show the Valid Block Size 

      }
      
      try
      {
        //Change the supplied key to a byte array

        byte[] thisKey = stringtoByte(Key,KySize);
        
        //Hash the Supplied Secret key

        byte[] resultKey = HashOfByteArray(thisKey);
        
        int loopTill=0;
        if(BlckSize==128)loopTill=16;
        if(BlckSize==192)loopTill=24;
        if(BlckSize==256)loopTill=32;

        byte[] BlockKey = new byte[loopTill];
        for(int loop=0; loop<loopTill; loop++ ) 
          BlockKey[loop] = resultKey[loop];


        //Change the supplied IV to a byte array

        byte[] thisIV = stringtoByte(IV,BlckSize);
        //Hash the Supplied IV


        byte[] resultIV = HashOfByteArray(thisIV);
        //byte[] resultIV = thisIV;


      
        byte[] BlockIV = new byte[loopTill];
        for( int loop=0; loop<loopTill; loop++ )
          BlockIV[loop] = resultIV[loop];

        //Create the Encryptor, Passing that the Key and IV

        
        ICryptoTransform mEncryptor = 
             mCryptProv.CreateEncryptor(BlockKey, BlockIV);
      
        //Create Memory Stream

        System.IO.MemoryStream mMemStr = new MemoryStream();

        //Create the Crypto Stream, 

        //Passing that the Memory Stream and Encryptor

        CryptoStream mCryptStr= 
           new CryptoStream(mMemStr, mEncryptor, CryptoStreamMode.Write);
      
        //Convert the Supplied plaintext into a byte array

        byte[] bInput = stringtoByte(EncryptStr,512);
        //System.Text.Encoding.UTF8.GetBytes(EncryptStr);

        //stringtoByte(EncryptStr,512);


        // write out encrypted content into MemoryStream 

        mCryptStr.Write(bInput, 0, bInput.Length); 
        mCryptStr.FlushFinalBlock(); 
        
        // get the output and trim the '\0' bytes 

        byte[] bOutput = mMemStr.GetBuffer(); 

        int MemLength = System.Convert.ToInt32(mMemStr.Length);
      
        //Clean up the memory

        mCryptStr.Close();
        mMemStr.Close();
        mEncryptor.Dispose();

        // convert into Base64 so that the result can be used in xml 

        
        return Convert.ToBase64String(bOutput,0,MemLength); 
      }
      catch(System.Security.Cryptography.CryptographicException ee)
      {
        objEventLog = new System.Diagnostics.EventLog();
        objEventLog.Source = "SMP-CryptoGraphy";
        objEventLog.WriteEntry("Exception Occured in Encryption " +
                "Process. Error is = " + ee.Message, 
                System.Diagnostics.EventLogEntryType.Error);
        objEventLog.Dispose();
        return("");
      }
     }
    #endregion
  
    #region "Decrypt Function"
    public string Decrypt(string EncryptProvider, string EncryptStr, 
           int BlckSize, int KySize, string Key, string IV)
    {
      //Check if something Algo is Selected 

      if(EncryptProvider.Length<=0)
      {
        return("Pass an Algo to use to Encrypt.");
      }
    
      //Since, The selected algo may not be Symmetric, So Try it

      try
      {
        mCryptProv = SymmetricAlgorithm.Create(EncryptProvider);
        mCryptProv.Mode = CipherMode.CBC;
      }
      catch(Exception ee)
      {
        return("Exception-1: " + ee.Message);
      }
      try
      {
        //Each Algo has different Size of Key and Block, So let's try

        mCryptProv.BlockSize = BlckSize;
        mCryptProv.KeySize = KySize;
      }
      catch
      {
        //Invalid Block or Key Size. Show the Default Ones

        string mStr;
        mStr = mCryptProv.BlockSize.ToString();
        mStr += "Invalid Block or Key Size.Valid Sizes are : "; 
        mStr += "Block Size = " + 
               mCryptProv.LegalBlockSizes[0].MinSize.ToString() + 
               " - " + mCryptProv.LegalBlockSizes[0].MaxSize.ToString() + 
               " With Increment of " + 
               mCryptProv.LegalBlockSizes[0].SkipSize.ToString();
        mStr += "Key  Size = " + 
               mCryptProv.LegalKeySizes[0].MinSize.ToString() + 
               " - " + mCryptProv.LegalKeySizes[0].MaxSize.ToString() + 
               " With Increment of " + 
               mCryptProv.LegalKeySizes[0].SkipSize.ToString();
        return(mStr);
        //Show the Valid Block Size 

      }
      
      try
      {
        //Change the supplied key to a byte array

        byte[] thisKey = stringtoByte(Key,KySize);
        //Hash the Supplied Secret key


        byte[] resultKey = HashOfByteArray(thisKey);
        int loopTill=0;
        if(BlckSize==128)loopTill=16;
        if(BlckSize==192)loopTill=24;
        if(BlckSize==256)loopTill=32;

        byte[] BlockKey = new byte[loopTill];
        for(int loop=0; loop<loopTill; loop++ )
          BlockKey[loop] = resultKey[loop];

        //Change the supplied IV to a byte array

        byte[] thisIV = stringtoByte(IV,BlckSize);

        //Hash the Supplied IV

        byte[] resultIV = HashOfByteArray(thisIV);
      
        byte[] BlockIV = new byte[loopTill];
        for( int loop=0; loop<loopTill; loop++ )
          BlockIV[loop] = resultIV[loop];

        //Try to Decrypt values in the memory

        //First Create the Decryptor, By Passing Key and IV

        ICryptoTransform mDecrypt = 
             mCryptProv.CreateDecryptor(thisKey, thisIV);
          
        byte[] bInput = System.Convert.FromBase64String(EncryptStr); 
        
        // create a MemoryStream with the input 

        System.IO.MemoryStream ms = 
             new System.IO.MemoryStream(bInput, 0, bInput.Length); 

        //Create Crypto Stream

        CryptoStream mCSReader = 
             new CryptoStream(ms, mDecrypt, CryptoStreamMode.Read);

        // read out the result from the Crypto Stream 

        System.IO.StreamReader sr = new System.IO.StreamReader(mCSReader); 
      
        //Close the crypto stream

        mCSReader.Close();
        ms.Close();
        mDecrypt.Dispose();
        return sr.ReadToEnd(); 
      }
      catch(System.Exception ee)
      {
        return("Exception in processing " + ee.Message);
      }
    }
    #endregion

    #region "Hashing of a BYTE Array by using SHA512Managed -" +
                   " return value is a Byte Array"
    private byte[] HashOfByteArray(byte[] ByteArray)
    {
      SHA512Managed sha512Key = new SHA512Managed();
      Sha512Key.ComputeHash(ByteArray);
      return(sha512Key.Hash);
    }
    #endregion
  
    #region "Hashing of a String by using SHA512Managed - " +
                   "return value is a Base64 string"
    public string HashOfString(string PlainText)
    {
      //Change the supplied string to a byte array

      try
      {
        int thisSize = PlainText.Length*8;
        int temp;
        if(PlainText.Length<1)
        {
          return("Please enter a Valid String to Hash. String passed is " + 
                  PlainText.ToString());
          
        }
        byte[] thisStr = new byte[thisSize];
        int lastBound = PlainText.Length;
        if(lastBound > thisSize)lastBound = thisSize;
        for(temp = 0;temp<=lastBound - 1;temp++)
        {
          thisStr[temp] = Convert.ToByte(PlainText[temp]);
        }
      
        SHA512Managed sha512Key = new SHA512Managed();
        Sha512Key.ComputeHash(thisStr);
        return(Convert.ToBase64String(sha512Key.Hash));
      }
      catch(System.Security.Cryptography.CryptographicException ee)
      {
        return("Exception Occured in Hashing Process. Error is = " + 
                 ee.Message);
    
      }
    }
    #endregion
    
    #region "String to a byte array conversion - " +
          "return value is a BYTE array"
    private byte[] stringtoByte(string textdata,int keySize)
    {
      int thisSize = (keySize / 8);
      int temp;
      byte[] returnByteArray = new byte[thisSize];
      int lastBound = textdata.Length;
      if(lastBound > thisSize)lastBound = thisSize;
      for(temp = 0;temp<=lastBound - 1;temp++)
      {
        returnByteArray[temp] = Convert.ToByte(textdata[temp]);
      }
      return(returnByteArray);
    }
    #endregion
  }

}

You must Sign In to use this message board.


Per page

Two other related encryption articles in CodeProject ...
Tony Selke

8:05 27 Sep '07

You may also be interested in looking at the following, related Code Project articles:

Generic SymmetricAlgorithm Helper[^]
This is a generic helper class that exposes simplified Encrypt and Decrypt functionality for strings, byte arrays and streams for any SymmetricAlgorithm derivative (DES, RC2, Rijndael, TripleDES, etc.).

Making TripleDES Simple in VB.NET and C#[^]
This is a simple wrapper class that provides an easy interface for encrypting and decrypting byte arrays and strings using the 3DES algorithm.

Problem with DES secret key
sortgnz

6:22 16 May '07

Hello friend.

Now I am developing an application and i've got problems trying to use .net framework Cryptography:

- I am not allowed to Cipher/Decipher any data with key {0,0,0,0,0,0,0,0}

The frameworks said to me that is a "weak key", but some devices use this key on default (some kind of cards).

Is any way to avoid this .net check ?
Or Have I to develop my own Des class?

Thanks for your help.

Nacho

Help with TripleDES Cryptography
Sreerag Gopinath

2:02 10 Oct '06

Hi Atul,
   I read your article "All about Cryptography in .NET" on codeproject.com.
   I myself faced (am still facing) the same problem of insufficent information on .net cryptography.
   I am developing a project that uses all the encryption and decryption algorithms provided by .net.
   My aim is to perform cryptography by allowing the user to enter a password (I derive the key from this password). The user may save the ciphertext and terminate the program. Later, he may want to retrieve the plaintext form the saved ciphertext. He has to enter the same password for this.
I wrote the following code for this, but it gives me an exception.
   I'd be very grateful if you could help me.

**************************************************************************************

/* Provides TripleDES encryption and decryption using classes in the .net Framework 1.1 */
     public class TripleDES_Cryptography
     {

          public static byte[] createRandomSalt(int Length)
          {
               // Create a buffer
               byte[] randBytes;

               if (Length >= 1)
               {
                    randBytes = new byte[Length];
               }
               else
               {
                    randBytes = new byte[1];
               }

               // Create a new RNGCryptoServiceProvider.
               RNGCryptoServiceProvider rand = new RNGCryptoServiceProvider();

               // Fill the buffer with random bytes.
               rand.GetBytes(randBytes);

               // return the bytes.
               return randBytes;
          }

          public static void clearBytes(byte[] Buffer)
          {
               // Check arguments.
               if (Buffer == null)
               {
                    throw new ArgumentException("Buffer");
               }

               // Set each byte in the buffer to 0.
               for (int x = 0; x <= Buffer.Length - 1; x++)
               {
                    Buffer[x] = 0;
               }

          }


          public static string Encrypt(string plaintext, string key, string IV)
          {
               TripleDES des3 = new TripleDESCryptoServiceProvider();
               des3.Mode = CipherMode.CBC;

               byte[] salt            =   createRandomSalt(7);
               byte[] by_plaintext =     Encoding.ASCII.GetBytes(plaintext);                          byte[] by_IV          =     Encoding.ASCII.GetBytes(IV);


               string     strPassWd = key;
               PasswordDeriveBytes pdb = new PasswordDeriveBytes(strPassWd,salt);

               des3.IV   = by_IV;
               des3.Key = pdb.CryptDeriveKey("TripleDES","SHA1",192,des3.IV);

               ICryptoTransform Encryptor = des3.CreateEncryptor(des3.Key,des3.IV);

               MemoryStream ms = new MemoryStream();
               ms.Write(by_plaintext,0,by_plaintext.Length);
               CryptoStream cs = new CryptoStream(ms,Encryptor,CryptoStreamMode.Write);

               byte[] by_ciphertext = ms.ToArray();
                    string ciphertext      = Convert.ToBase64String( by_ciphertext );

               cs.Close();
               clearBytes(salt);
               des3.Clear();

               return ciphertext;

          }

          public static string Decrypt(string ciphertext, string key, string IV)
          {
               DES des3 = new DESCryptoServiceProvider();
               des3.Mode = CipherMode.CBC;

               byte[] salt                 =   createRandomSalt(7);
               byte[] by_ciphertext = Convert.FromBase64String(ciphertext);
               byte[] by_IV        =     Encoding.ASCII.GetBytes(IV);

               string strPw     = key;
               PasswordDeriveBytes pdb = new PasswordDeriveBytes(strPw,salt);

               des3.IV   = by_IV;
               des3.Key = pdb.CryptDeriveKey("TripleDES","SHA1",192,des3.IV);

               ICryptoTransform Decryptor = des3.CreateDecryptor(des3.Key,des3.IV);

               MemoryStream ms = new MemoryStream();
               ms.Write(by_ciphertext,0,by_ciphertext.Length);
               CryptoStream cs = new CryptoStream(ms,Decryptor,CryptoStreamMode.Write);

               byte[] by_plaintext = ms.ToArray();
               string plaintext      =     Encoding.ASCII.GetString(by_plaintext);

               cs.Close();

               clearBytes(salt);
               des3.Clear();
               return plaintext;
          }
     }

Empty result from decrypt
eugenevd

6:22 17 Aug '05

Hi, I've been trying out this code today, and it seems like the encrypter works fine, it returns an encrypted string. Yet, when I send this string to be decrypted, I get an empty string "". Any tips/help? ---narf!
Sign In·View Thread·PermaLink	1.00/5