Introduction
The cryptography, before the arrival of .NET, was meant to use the Unmanaged Win32 APIs which was very obscure way to encrypt or decrypt the data. .NET provides a set of classes (and actually a complete namespace) for the subject. Now you have a number of classes using different pre defined algorithms which can help you to secure your data using cryptography. In .NET, there are three types of cryptography defined under the tree of Cryptography namespace. Those are AsymmetricAlgorithm, SymmetricAlgorithm and HashAlgorithm. All these three classes (and also types of cryptography in .NET) are abstract classes. We are going to discuss SymmetricAlgorithm in this article. The rest will be discussed in coming articles.
NOTE: Although most of the encryption classes are implemented in the managed code many classes uses the CryptoAPI library. You can predict them if you see the CryptoServiceProvider in the class name like DESCryptoServiceProvider.
Basics of SymmetricAlgorithms
Symmetric Algorithms works using a user defined secret key (or password). It means, whenever you are going to implement and Symmetric Algorithm to encrypt/decrypt your data, you must have to define a password or secret key which will be used to encrypt or decrypt your data. Following are the characteristics of Symmetric based encryption.
- The strength of the encryption depends on the secured key (password). If you provide the larger key, it will be harder to hack that code. Since it will take more time to the hackers to find out the key.
- It is based on a simple mathematical operation. So it works faster. Hence, it is the best choice if you are working with a large amount of data.
- One drawback of this type of algorithm is that the secret key should be known to both parties (that who is encrypting and that who needs that information/data to decrypt.)
- Symmetric based encryption can be broken by the hackers using brute force. But if you defines a good key, then it may take a long time (or even impossible) to hack.
- Since the secret key is user defined, which normally, as the nature of the users, exists in the dictionary. So a hacker can decode/decrypt your information using brute force and dictionary. But larger key can protect the data for a long time since it takes long time to be cracked.
Beside the Secret Key or password, there is one thing more which involves in the encryption or decryption process of Symmetric algorithm. That is Initialization Vector (IV). IV is used to initialize the encoding (encryption/decryption). We have a property in all Symmetric algorithm classes named Mode. This is where IV is used. If we set the Mode property to CipherMode.CBC (Cipher Block Chaining), then using this mode, each block of the data is processed by taking values from the previous block. Means if the system is processing third block of data, then it will use some information from the second block (which has been processed). And it will take values from first block when it was processing second block. But since there is no block before the first block, so it will use IV to process first block. This technique makes sure that no two same blocks generates equal output and hence data becomes more secure. While if you use Mode = CipherMode.ECB (Electronic Codebook Mode), then it do not use chaining (using previously processed block information to process next block). This mode is helpful if you want to process large messages since it takes less resources and time. It also let's you to process from the mid of data, if some data is corrupted.
So, up to here we saw that there are two important things involved in the Symmetric encryptions. Those are, Key (Secret Key or password) and Initialization Vector (IV). Now let's take a look on some algorithms which supports Symmetric encryption
Symmetric Algorithms and SymmertricAlgorithm Class
The following are the Symmetric algorithms and their classes with some information of Key.
| Algo Name |
Algo Class (Abstract) |
Valid Key Size (bit) |
Default Key Size (Bit) |
Default Implementation Class |
| DES |
DES |
64 |
64 |
DESCryptoServiceProvider |
| TripleDES |
TripleDES |
128, 192 |
192 |
TripleDESCryptoServiceProvider |
| RC2 |
RC2 |
40-128 |
128 |
RC2CryptoServiceProvider |
| RijnDael |
RijnDael |
128, 192, 256 |
256 |
RijnDaelManaged |
It should be noted here that all these algorithm classes are derived from Abstract class named SymmetricAlgorithm. And you can see that each class supports different Key Sizes. In the same way, these also supports for different IV size. As I told earlier that all these classes are abstract, so we can not directly create any instance of any of these classes. But the SymmetricAlgorithm Class (which is also an abstract class) expose a shared method named create which can be used to create a concrete instance of the class without worrying about that how it is implemented. Means, you can use it in this way
Dim mRC2 As RC2 = RC2.Create()
This will return you the instance of the default implementation of RC2 without worrying about that how to implement the RC2 class (which is an abstract class). This technique is useful if you need a generic code since it is possible that Microsoft may update the changes in implementation of RC2 class later. In that case, you code will pick these changes automatically and will work fine. Or maybe, RC2 class code is written as Managed code in future and hence your code will accept that. In the same way, you can use the following statement as well.
Dim mCrypto as RC2 = SymmetricAlgorithm.Create("RC2")
This will also return you the RC2 object (default implementation). In this case you are using overloaded create function which takes the algorithm name as parameter and returns the object of that algorithm. This create method is used from SymmetricAlgorithm class and as I said earlier all other classes which uses Symmetric Algorithm inherits the SymmetricAlgorithm class, hence, you will find this Create method in all classes defined above. It means that if you use RC2.Create("DES") then it will also work and will return the object of DES. But it doesn't seem good to get DES object using RC2 class.
The above mechanism is more useful then it seems. We can define our own class using our own algorithm and use that in the same way. But for that, we have to made a little changes in the machine.config file. I am not going to describe that here. You can consult the Wrox Book on Cryptography (mentioned in Bibliography section of this article) for more reference.
Now let's take a look at some properties and methods of the SymmetricAlgorithm Class
- BlockSize: The size of the block(data) which will be processed at a time. A long data will be broken into chunks of data (blocks) to process and if the data is less than the block size, then it will be padded (filled using some default value).
- Key: The secret value which will be used to process the data. This key is provided using a byte array.
- KeySize: Total Size of the Key (in bits).
- IV: Initialization Vector for data processing (discussed above). Provided as an array of byte.
- LegalBlockSizes: Returns the BlockSize Enumeration which tells you legal values for block size including max value, min value and Skip value. Skip value means that how much value should be added to last legal value to get next value. Like if min value is 32 and Skipvalue is 16, it means next legal values will be 48, 64 and so on.
- Mode: Gets or sets the Mode for the operation. Discussed above. Value is one of the CipherMode enumeration.
- Padding: Gets or Sets the padding (how empty area of the block should be filled) Value is one of the PaddingMode enumiration value
- LegalKeySizes: Same as LegalBlockSizes, but deals with KeySize.
- Create: Discuessed above, used to create the default algo implementation class.
- CreateEncryptor: Returns the ICryptoTransform Object which can be used to encrypt data manually. will be discussed shortly.
- CreateDecryptor: Returns the ICryptoTransform Object which can be used to decrypt data manually. will be discussed shortly.
- GenerateKey and GenerateIV: If the Key and IV is found null during the encryption or decryption process, then these methods are used to Generate the default key and IV.
- ValidKeySize: Checks either the given key is valid for this algo or not.
- Clear: Clears all the resources and removes memory information like key and IV.
Now before writing a code, let's discuss two more things which will be usefull for us to understand the code.
CreateEncryptor and CreateDecryptor
CreateEncryptor and CreateDecryptor methods of SymmetricAlgorithm class returns the object of ICryptoTransform. ICryptoTransform is an interface which is implemented by the class which wants to process data block wise. This processing may be encryption, decryption, hashing, base 64 encoding/decoding etc. The basic purpose of this Interface is to perform Blockwize processing of data. You can use its instance directly, but in most cases, for convenience, we pass it to another class named CryptoStream. Let's see an example that how to use it.
Dim mCrypt as DES = SymmetricAlgorithm.Create("DES")
Dim mTransform as ICryptoTransform = mCrypt.CreateEncryptor()
CreateEncryptor or CreateDecryptor are overloaded functions. If you do not pass anything to it, then default Key and IV (using GenerateKey and GenerateIV methods of SymmetricAlgoruthm class) will be used to get Key and IV. In other case, you can pass IV and Key to CreateEncryptor and CreateDecryptor object. So that the encryption or decryption should be made using our defined key and IV.
CryptoStream Class
CryptoStream class is used to read or write the data and also encrypt or decrypt that while reading or writing. It simly wraps the ordinary Stream class. It uses the buffered access taking all worries from you to manage buffer, block sizes, padding etc. You can get it's instance using the following code.
Dim mCrypt as DES = SymmetricAlgorithm.Create("DES")
Dim mTransform as ICryptoTransform = mCrypt.CreateEncryptor()
Dim mStream as New CryptoStream(fileStream, mTransform, CryptoStreamMode.Read)
fileStream is the stream of any ordinay file (or may be MemoryStream) which is responsible for reading data from the disk (file) or memory. Now use this mStream object with StreamReader/StreamWriter object to Read/Write data. When you will read/write that, then you will have encrypted/decrypted information depending on the ICryptoTransform object (either it was created using CreateEncryptor or CreateDecryptor).
Writing the Sample Code.
Now we have enough information about SymmetricAlgorithm. Finally, let's move to a little block of code which will encrypt and then decrypt the data. I am assuming that you have a form with one textbox named txtData and a command button. Write this code on the command button's click event. This code will encrypt text inside the textbox, show you in the messagebox, write to textbox, decrypt that, show in the messagebox and then write back to textbox.
Dim mCryptProv as SymmetricAlgorithm
Dim mMemStr as MemoryStream
SymmetricAlgorithm Like DES mCryptProv = SymmetricAlgorithm.Create("Rijndael")
mMemStr = New MemoryStream()
Dim mTransform As ICryptoTransform = mCryptProv.CreateEncryptor()
Dim mCSWriter As New CryptoStream(mMemStr, mTransform, CryptoStreamMode.Write)
Dim mSWriter As New StreamWriter(mCSWriter)
mSWriter.Write(Me.txtData.Text)
mSWriter.Flush()
mCSWriter.FlushFinalBlock()
One thing you may have notice here that we didn't used IV and Key anywhere in the code. Actually, the .NET Framework will generate it for us since we are not specifying it for ease of code. But the sample included with this article uses the Key and IV defined by the user. Now the data after encryption has been written to the memory using MemoryStream object. Now let's get that data from the Memory.
Dim mBytes(mMemStr.Length - 1) As Byte
mMemStr.Position = 0
mMemStr.Read(mBytes, 0, mMemStr.Length)
Dim mEnc As New Text.UTF8Encoding()
Dim mEncData As String = mEnc.GetString(mBytes)
MsgBox("Encrypted Data is : " & vbCrLf & mEncData)
Me.txtData.Text = mEncData
Converting from Byte to string involves Encoding. I am using UTF8Encoding here. Finally, Let's us decrypt that data and then show againt in the messagebox and TextBox as well.
mMemStr.Position = 0
mTransform = mCryptProv.CreateDecryptor()
Dim mCSReader As New CryptoStream(mMemStr, mTransform, CryptoStreamMode.Read)
Dim mStrREader As New StreamReader(mCSReader)
Dim mDecData As String = mStrREader.ReadToEnd()
MsgBox("Decrypted Data is : " & vbCrLf & mDecData)
Me.txtData.Text = mDecData
That's all the work. To decrypt that data, we used the same memory stream. We first moved the position to start so that we can read from the start of the stream. Then we created the ICryptoTransform Object using CreateDecryptor method of SymmetricAlgorithm object. We reused the object which was created for encrypting data in above section of this code. You can create a new object (with new variable). Then we needed a StreamReader which will read data from the memory for us. While reading that it will also decrypt that data since we passed CryptoStream object during the creation of StreamReader object.
Final Words
Closing this article, I would like to say that .NET provides us a very managed way to secure our data using built-in set of classes. Now there is no problem of using that old fashioned Crypto APIs although many classes uses those Crypto APIs behind the scene. But we can safely use these classes without worrying about the implementation of these classes. In next article (which I hope will be published soon) I will describe the myths and usage of AsymmetricAlgorithm.
About the Sample Code
Sample code provided with this article let's you to select the algorithm to use to encrypt or decypt data (as shown in the picture above). Also it let's you to specify your own IV and Key. The code has two ways of working. One with the textbox, means you write something in the textbox and then encrypt or decrypt that. Secondly, you can choose files to encrypt or decrypt them.
Bibliography
The information provided in this article was taken from Microsoft Developers Network (MSDN) and the Wrox Publications book Cryptography in .NET. I used only a sample chapter (chapter 2) from that book. Rest I used my own experience on working with Cryptography in .NET.
About the Author
Sameers (theAngrycodeR) has did his master in computer sciences in Feb. 2002. He is the Project Manager in City Soft (Pakistan) and has developed and managed a number of projects. He proved his expertise in Visual Basic 6 and now working in VB .NET. He is the author of many articles on CodeProject.com as well as on the Microsoft .NET Community Site, GotDotNet. Also submitted many source codes on Planet-Source-Code.com. The complete information about the author can be found here.
be angry with theAngrycodeR
|
|
 |
 | asymmetric algorithm in .net
Suresh Ramasamy | 1:11 10 Sep '08 |
|
|
i want to know how to creat asymmetric algorithm in windoes mobile CE 6.0 using RSA or cryptAPI. I found it bits and pieces but I couldn't able to get the complete algorith structure out of it.
Basically Iam got public key and private key as a string. Now I need to encrypt the file in the windows mbile and decrypt the file in PC.
Thanks
Suresh ramasamy
|
|
|
|
|
 | A ready to use function
Elmue | 8:43 29 Jan '08 |
|
|
Hello
I wrote a tiny elegant function which does encryption and decryption.
If you just need rapidly a function to encrypt / decrypt, copy/paste this code and youre done.
If the decryption fails it returns null.
Elmü
using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;
public static string Crypt(string s_Data, string s_Password, bool b_Encrypt)
{
byte[] u8_Salt = new byte[] {0x26, 0x19, 0x81, 0x4E, 0xA0, 0x6D, 0x95, 0x34, 0x26, 0x75, 0x64, 0x05, 0xF6};
PasswordDeriveBytes i_Pass = new PasswordDeriveBytes(s_Password, u8_Salt);
Rijndael i_Alg = Rijndael.Create();
i_Alg.Key = i_Pass.GetBytes(32);
i_Alg.IV = i_Pass.GetBytes(16);
ICryptoTransform i_Trans = (b_Encrypt) ? i_Alg.CreateEncryptor() : i_Alg.CreateDecryptor();
MemoryStream i_Mem = new MemoryStream();
CryptoStream i_Crypt = new CryptoStream(i_Mem, i_Trans, CryptoStreamMode.Write);
byte[] u8_Data;
if (b_Encrypt) u8_Data = Encoding.Unicode.GetBytes(s_Data);
else u8_Data = Convert.FromBase64String (s_Data);
try
{
i_Crypt.Write(u8_Data, 0, u8_Data.Length);
i_Crypt.Close();
}
catch { return null; }
if (b_Encrypt) return Convert.ToBase64String (i_Mem.ToArray());
else return Encoding.Unicode.GetString(i_Mem.ToArray());
}
|
|
|
|
|
 | Two other related encryption articles in CodeProject ...
Tony Selke | 7:57 27 Sep '07 |
|
|
You may also be interested in looking at the following, related Code Project articles:
Generic SymmetricAlgorithm Helper[^]
This is a generic helper class that exposes simplified Encrypt and Decrypt functionality for strings, byte arrays and streams for any SymmetricAlgorithm derivative (DES, RC2, Rijndael, TripleDES, etc.).
Making TripleDES Simple in VB.NET and C#[^]
This is a simple wrapper class that provides an easy interface for encrypting and decrypting byte arrays and strings using the 3DES algorithm.
|
|
|
|
|
| Problem with DES secret key
sortgnz | 6:25 16 May '07 |
|
|
Hello friend.
I find your post at www.codeproject.com
Now I am developing an application and i've got problems trying to use .net framework Cryptography:
- I am not allowed to Cipher/Decipher any data with key {0,0,0,0,0,0,0,0}
The frameworks said to me that is a "weak key", but some devices use this key on default (some kind of cards).
Is any way to avoid this .net check ?
Or Have I to develop my own Des class?
Thanks for your help.
Nacho
|
|
|
|
|
| What ever happened with part 2
Scott S. | 9:00 6 Dec '06 |
|
|
I read this a long time ago and found it quite informative.
Just today I decided I need to do some encryption, but need public/private key variety and went looking for some sample code ...
So, what ever happened with part 2 where you were going to cover that?
|
|
|
|
|
| can I ignore the MSB of each byte in the key!!
alhur | 9:24 18 Dec '05 |
|
|
hi...
I have 2 Qs...
1) I am doing project in smart cards (ACOS1). this type of cards uses DES in CBC mode. However, in card manual it said
"All keys used in DES and MAC calculation are 8 bytes long. The most significant bit of each byte of
the key is not used in the calculation and is not interpreted by the card operating system."
so can I use vb.net DES with this constaint.
2)can I ignor the Initilization Vector (IV)with DES in mode CBC?
please if any body can help....
|
|
|
|
|
| Length of the data to decrypt is invalid.
arulrajas | 23:18 13 Dec '04 |
|
|
hey all,
Any one know this problem.Length of the data to decrypt is invalid.
I am using the follwing code.but encrypt was done.
Imports System.Security.Cryptography
Imports System.Text
Imports System.IO
Public mCryptProv As SymmetricAlgorithm
Public mMemStr As MemoryStream
Public mTransform As ICryptoTransform
Private Sub btnDecrypt_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnDecrypt.Click
mCryptProv = SymmetricAlgorithm.Create("RC2")
'The encrypted data will be stored in the memory, so we need a memory stream
'object
mMemStr = New MemoryStream
'Create the ICryptTransform Object. (We are using default Key and IV here).
mTransform = mCryptProv.CreateDecryptor()
'Create the Crypto Stream for writing, and pass that MemoryStream
'(where to write after encryption), and ICryptoTransform Object.
Dim mCSWriter As New CryptoStream(mMemStr, mTransform, CryptoStreamMode.Write)
'This StreamWriter object will be used to write
'Encrypted data to the Memory Stream
'Pass it the object of CryptoStream
Dim mSWriter As New StreamWriter(mCSWriter)
mSWriter.Write(Me.txtOriginal.Text)
'Write data after encryption
mSWriter.Flush() 'Make sure to write everything from Stream
mCSWriter.FlushFinalBlock() 'Flush the CryptoStream as well
'The Data has been written in the Memory, But we need to display that
'back to text box and want to show in Messagebox. So do the following
'Create byte array to receive data
Dim mBytes(mMemStr.Length - 1) As Byte
mMemStr.Position = 0 'Move to beginning of data
'Read All data from the memory
mMemStr.Read(mBytes, 0, mMemStr.Length)
'But this data is in Bytes, and we need to convert it to string.
'String conversion address to the problem of Encoding format. We are
'using UTF8 Encoding to encode data from byte to string
'Dim mEnc As New UTF8Encoding
'Dim mEncData As String = mEnc.GetString(mBytes)
'Me.txtEncrypted.Text = mEncData
'Now let's decrypt that data from the memory.
'Since our data is in the memory, So we need to reuse the same
'MemoryStream Object.
'Move Memorty position to back
'mMemStr.Position = 0
Dim mCSReader As New CryptoStream(mMemStr, mTransform, CryptoStreamMode.Read)
Dim mStrREader As New StreamReader(mCSReader)
Dim mDecData As String = mStrREader.ReadToEnd()
Me.txtDecrypted.Text = mDecData
End Sub
PLS HELP ME
RDS,
ARULRAJA
s.Arulraja.
Pranav softtamilnadu.
india.
|
|
|
|
|
| Why is this under C#??
Mark Nischalke | 9:44 29 Jun '04 |
|
|
Bad enough that's its VB, but it doesn't work either.
|
|
|
|
|
| Specified cast not valid
Antonio Barros | 1:28 11 Dec '03 |
|
|
Hello
Fisrt of all, thank you for your article. When i run the demo application
and i press de encrypt button, i receive the following Exception message:
"Specified cast not valid"
I tried to go step by step in debug, bu i can't see where is the error.
Can you help me ?
Thank you in advance
A.Barros
|
|
|
|
|
|
|
yes!I have a same error in this project.but if you change algorithm that it's ok!for example: it's ok when you select DES!
But I dont know how setting a block size.
I love dotnet.
|
|
|
|
|
| Decryption Method
hannahb | 6:25 17 Nov '03 |
|
|
I have written a matching Decryption method. Hope this helps everyone out there.
/// <summary>
/// Decrypt the given value with the Rijndael algorithm.
/// </summary>
/// <param name="EncryptValue">Value to Deccrypt</param>
/// <returns>Decrypted value. </returns>
public string Decrypt(string DecryptValue)
{
CryptoStream decryptStream = null; // Stream used to encrypt
RijndaelManaged rijndael = null; // Rijndael provider
ICryptoTransform rijndaelEncrypt = null; //Encrypting object
MemoryStream memStream = new MemoryStream(); //Stream to contain
// data
try
{
if( DecryptValue.Length > 0 )
{
// Create the crypto objects
rijndael = new RijndaelManaged();
rijndael.Key = this._Key;
rijndael.IV = this._IV;
rijndaelEncrypt = rijndael.CreateDecryptor();
decryptStream = new CryptoStream(memStream, rijndaelEncrypt, CryptoStreamMode.Write);
// Write the encrypted value into memory
byte[] input = Convert.FromBase64String(DecryptValue);
decryptStream.Write(input, 0, input.Length);
decryptStream.FlushFinalBlock();
// Retrieve the encrypted value and return it
return(Encoding.UTF8.GetString(memStream.ToArray()));
}
else
{
return "";
}
}
finally
{
if( rijndael != null ) rijndael.Clear();
if( rijndaelEncrypt != null ) rijndaelEncrypt.Dispose();
if( memStream != null ) memStream.Close();
}
}
No offence, but who writes an encryption class without a decryptor??
-Brad Hannah
|
|
|
|
|
| Craptography in asp.net
Anonymous | 20:39 7 Nov '03 |
|
|
|
| .Net + CryptoSrteam
Gagne Jean | 6:12 29 Sep '03 |
|
|
Allo dear,
I use your code to encrypt and decrypt a password in Oracle database. When I decrypt the encryted password in my DB, everything is ok the first time (after the «rebuilt solution»), but when I trying a second time (without to build the project) it's impossible to decrypt the password and I obtain this error message :
StackTrace =
at System.Security.Cryptography.CryptoAPITransform._DecryptData(IntPtr hKey, Byte[] rgb, Int32 ib, Int32 cb, Boolean fDone)
at System.Security.Cryptography.CryptoAPITransform.TransformFinalBlock(Byte[] inputBuffer, Int32 inputOffset, Int32 inputCount)
at System.Security.Cryptography.CryptoStream.FlushFinalBlock()
Source = mscorlib
Here is my code to encrypt and decrypt:
Public Shared Function Encrypt(ByVal strValue As String) As String
Dim objCrypt As DESCryptoServiceProvider = New
DESCryptoServiceProvider()
Dim ms As New MemoryStream()
Dim arrDecript() As Byte = Encoding.UTF8.GetBytes(strValue)
Dim cs As CryptoStream = New CryptoStream(ms,
objCrypt.CreateEncryptor(arrKey, Vector), CryptoStreamMode.Write)
cs.Write(arrDecript, 0, arrDecript.Length)
cs.FlushFinalBlock()
Return Convert.ToBase64String(ms.ToArray())
End Function
Public Shared Function Decrypt(ByVal strValue As String) As String
'*******
Dim file As New StreamWriter("c:\tot.txt", False)
'********
Dim objCrypt As DESCryptoServiceProvider = New
DESCryptoServiceProvider()
Dim ms As New MemoryStream()
Dim arrDecript() As Byte = Convert.FromBase64String(strValue)
Dim cs As CryptoStream = New CryptoStream(ms,
objCrypt.CreateDecryptor(arrKey, Vector), CryptoStreamMode.Write)
cs.Write(arrDecript, 0, arrDecript.Length)
Try
cs.FlushFinalBlock()
Catch e As Exception
file.WriteLine(e.InnerException)
file.WriteLine(e.StackTrace)
file.WriteLine(e.Source)
file.WriteLine(e.Message)
file.WriteLine(e.HelpLink)
file.Close()
End Try
file.Close()
Return Encoding.UTF8.GetString(ms.ToArray())
End Function
|
|
|
|
|
|
|
Instead of DES algorithm, I use the Rijndael one and evrything is all right now ! I also change how I use the IV. Here is my code:
Public Sub GenerateKey(ByVal strSecretPhrase As String)
Dim arrByte() As Byte = Encoding.ASCII.GetBytes(strSecretPhrase)
Dim sha384 As SHA384Managed = New SHA384Managed()
sha384.ComputeHash(arrByte)
Dim arrResult() As Byte = sha384.Hash
Dim i As Integer
For i = 0 To 39
If i < 24 Then
arrKey(i) = arrResult(i)
Else
arrVector(i - 24) = arrResult(i)
End If
Next
End Sub
Public Function Encrypt(ByVal strValue As String) As String
Dim rijndael As RijndaelManaged
Dim rijndaelEncrypt As ICryptoTransform
Dim memStream As New MemoryStream()
Try
rijndael = New RijndaelManaged()
rijndael.Key() = arrKey
rijndael.IV() = arrVector
rijndaelEncrypt = rijndael.CreateEncryptor()
Dim encryptStream As CryptoStream
encryptStream = New CryptoStream(memStream, rijndaelEncrypt,
CryptoStreamMode.Write)
Dim input() As Byte = Encoding.UTF8.GetBytes(strValue)
encryptStream.Write(input, 0, input.Length)
ncryptStream.FlushFinalBlock()
Return Convert.ToBase64String(memStream.ToArray())
Finally
rijndael.Clear()
rijndaelEncrypt.Dispose()
memStream.Close()
End Try
End Function
Public Function Decrypt(ByVal strValue As String) As String
Dim rijndael As RijndaelManaged
Dim rijndaelDecrypt As ICryptoTransform
Dim memStream As New MemoryStream()
Try
rijndael = New RijndaelManaged()
rijndael.Key() = arrKey
rijndael.IV() = arrVector
rijndaelDecrypt = rijndael.CreateDecryptor()
Dim decryptStream As CryptoStream
decryptStream = New CryptoStream(memStream, rijndaelDecrypt,
CryptoStreamMode.Write)
Dim input() As Byte = Convert.FromBase64String(strValue)
decryptStream.Write(input, 0, input.Length)
decryptStream.FlushFinalBlock()
Return Encoding.UTF8.GetString(memStream.ToArray())
Finally
rijndael.Clear()
rijndaelDecrypt.Dispose()
memStream.Close()
End Try
End Function
|
|
|
|
|
| Error: data that has to be encrypted has the wrong length
tec-behind | 7:22 16 Sep '03 |
|
|
Hey,
i always get an error by decrypting the data with Rijndael algorythm. Not only with your samples but generally. It means that the to decrypt is has the wrong lenth. Here i have Windows 2000 Professional. I dont understand it. Is there anyone out that knows what can be the problem here!?
|
|
|
|
|
| Cryptography in .NET (part 2)?
caidong | 16:20 26 Aug '03 |
|
|
Where is "Cryptography in .NET (part 2)"?
Thanks in advance.
|
|
|
|
|
| Yo, why does this not work??
mikasa | 8:15 27 Jun '03 |
|
|
Ok, I've used the example you have to Create a Class with Shared Functions for Encrypting / Decrypting Data....
Now, why the heck can't I Decrypt any Data?? The Encryption workds perfectly!
Public Shared Function Decrypt(ByVal Data As String, ByVal Password As String) As String
Dim provCrypto As Cryptography.SymmetricAlgorithm
Dim mDecryptor As ICryptoTransform
Dim stCrypto As Cryptography.CryptoStream
Dim stMemory As IO.MemoryStream, stWriter As IO.StreamWriter, stReader As IO.StreamReader
Dim mBytes() As Byte
Dim sData As String
Try
provCrypto = Cryptography.RC2.Create()
provCrypto.KeySize = 128
provCrypto.BlockSize = 64
mBytes = ConvertStringToBytes(Data)
stMemory = New IO.MemoryStream(mBytes, 0, mBytes.Length) : stMemory.Position = 0
mDecryptor = provCrypto.CreateDecryptor(GetKey(Password, provCrypto.KeySize), GetIV("Initialization Vector", provCrypto.BlockSize))
stCrypto = New CryptoStream(stMemory, mDecryptor, CryptoStreamMode.Read)
stReader = New IO.StreamReader(stCrypto)
sData = stReader.ReadToEnd()
Catch
Call Globals.ErrorMessage("ICryptography.Decrypt")
Finally
If (Not IsNothing(stWriter)) Then stWriter.Close() : stWriter = Nothing
If (Not IsNothing(stMemory)) Then stMemory.Close() : stMemory = Nothing
If (Not IsNothing(stReader)) Then stReader.Close() : stReader = Nothing
If (Not IsNothing(stCrypto)) Then stCrypto.Clear() : stCrypto.Close() : stCrypto = Nothing
If (Not IsNothing(mDecryptor)) Then mDecryptor.Dispose() : mDecryptor = Nothing
If (Not IsNothing(provCrypto)) Then provCrypto.Clear() : provCrypto = Nothing
End Try
Return sData
End Function
'Function to Convert a String to a Byte Array
Private Shared Function ConvertStringToBytes(ByVal Data As String) As Byte()
Return System.Text.UTF8Encoding.UTF8.GetBytes(Data)
'Return (New UnicodeEncoding()).GetBytes(Data)
End Function
'Function to Convert Bytes to a String
Private Shared Function ConvertBytesToString(ByVal Bytes() As Byte) As String
Return System.Text.UTF8Encoding.UTF8.GetString(Bytes)
'Return (New System.Text.UnicodeEncoding().GetString(Bytes))
End Function
|
|
|
|
|
| Saving to a database
"" | 12:29 11 Jun '03 |
|
|
Hopefully this thread is still monitored. First off, thank you for the article and source code. I have actually created a drummed down web version of this but I do have a couple of questions. I would like to take my encrypted data and save it to a database (SQL 2000). Where would you do that in your code? (After the mCryptStr.FlushFinalBlock()?) Also, do you know what type of field type this would require? (Binary, ##)?
Thank you in advance for any help,
Mike
|
|
|
|
|
|
|
In my Database (SQL 2000) I use an NVarChar(128) to store the Encrypted Values. Now, however, I am using the CryptoAPI and not the Managed Classes so I cannot tell you YET how to get the Data derived from Encrypting it. I hope to Implement the Managed methods soon because for some reasons, the CryptoAPI does NOT work on some PCs in our organization!?
|
|
|
|
|
| AsymmetricAlgorithm with certificate public key
djinni | 2:21 9 May '03 |
|
|
First of all your article is great, but once my reqirement is diffrent ,
i'll have a diffirent problem; i want to make a tool that encrypts data or files according to the Microsoft CA server issued certificate public key, hence it uses Asymmetric sha1RSA algorithm for signature and RSA for the public key, if it is possible how can i do that? because there are many properties used in the algorithm in your sample program, but i do not know exactly what they are in my case. (VI...)
|
|
|
|
|
| Salting keys
Furty | 19:54 6 Mar '03 |
|
|
I have to admit that I haven't yet read this article in-depth, but from just skimming over the source code I have found a problem with the way they Key and IV are being generated.
Keys derived from strings should always be generated using the System.Security.Cryptography.PasswordDeriveBytes method, and further, all keys should be Salted with random bytes to increase their strength, and limit the usefulness of a dictionary attack.
When I get more time I'll go over it more closely.
|
|
|
|
|
|
|
Thanks for your comments.
Yes, Salt is the best option to generate keys but I didn't used them just to simplify the code.
Sameers
Problem is the lack of knowledge
|
|
|
|
|
|
|
I would like to know how this salting is done. And also how to use PasswordDeriveBytes. I am new to C# but find this very interesting.
|
|
|
|
|
|
|
Last Updated 6 Mar 2003 |
Advertise |
Privacy |
Terms of Use |
Copyright ©
CodeProject, 1999-2010
