Click here to Skip to main content
13,249,087 members (42,894 online)
Click here to Skip to main content
Add your own
alternative version


90 bookmarked
Posted 14 Mar 2002

Encryption/Decryption with .NET

, 14 Mar 2002
Rate this:
Please Sign up or sign in to vote.
A .NET SymmetricAlgorithm security class wrapper for in memory encryption/decryption with a private key
<!-- Download Links --> <!-- Add the rest of your HTML here -->


Encryption and Decryption

The System.Security.Cryptographic namespace within the Microsoft .NET Framework provides a variety of tools to aid in encryption and decryption. The CryptoStream class is used here to demonstrate the encryption and decryption with System.Security.Cryptographic.SymmetricAlgorithm, such as DESCryptoServiceProvider, RC2CryptoServiceProvider, and RijndaelManaged classes.

I have searched the Internet for some samples and all I found were based on the Microsoft sample code in KB Article Q307010 which basically uses input/output files as source and destination. I would like to have the encryption and decryption done in memory without having to specify source and destination files, so that I could use the code on a web server or so.

If you have any questions, please email to:

Frank Fang

Source Code

using System;
using System.Security.Cryptography;
using System.IO;
using System.Text;

namespace FangHome_Crypto
    /// <summary>
    /// SymmCrypto is a wrapper of System.Security.Cryptography.SymmetricAlgorithm classes
    /// and simplifies the interface. It supports customized SymmetricAlgorithm as well.
    /// </summary>
    public class SymmCrypto
        /// <remarks>
        /// Supported .Net intrinsic SymmetricAlgorithm classes.
        /// </remarks>
        public enum SymmProvEnum : int
            DES, RC2, Rijndael

        private SymmetricAlgorithm mobjCryptoService;

        /// <remarks>
        /// Constructor for using an intrinsic .Net SymmetricAlgorithm class.
        /// </remarks>
        public SymmCrypto(SymmProvEnum NetSelected)
            switch (NetSelected)
                case SymmProvEnum.DES:
                    mobjCryptoService = new DESCryptoServiceProvider();
                case SymmProvEnum.RC2:
                    mobjCryptoService = new RC2CryptoServiceProvider();
                case SymmProvEnum.Rijndael:
                    mobjCryptoService = new RijndaelManaged();

        /// <remarks>
        /// Constructor for using a customized SymmetricAlgorithm class.
        /// </remarks>
        public SymmCrypto(SymmetricAlgorithm ServiceProvider)
            mobjCryptoService = ServiceProvider;

        /// <remarks>
        /// Depending on the legal key size limitations of a specific CryptoService provider
        /// and length of the private key provided, padding the secret key with space character
        /// to meet the legal size of the algorithm.
        /// </remarks>
        private byte[] GetLegalKey(string Key)
            string sTemp;
            if (mobjCryptoService.LegalKeySizes.Length > 0)
                int lessSize = 0, moreSize = mobjCryptoService.LegalKeySizes[0].MinSize;
                // key sizes are in bits
                while (Key.Length * 8 > moreSize)
                    lessSize = moreSize;
                    moreSize += mobjCryptoService.LegalKeySizes[0].SkipSize;
                sTemp = Key.PadRight(moreSize / 8, ' ');
                sTemp = Key;

            // convert the secret key to byte array
            return ASCIIEncoding.ASCII.GetBytes(sTemp);

        public string Encrypting(string Source, string Key)
            byte[] bytIn = System.Text.ASCIIEncoding.ASCII.GetBytes(Source);
            // create a MemoryStream so that the process can be done without I/O files
            System.IO.MemoryStream ms = new System.IO.MemoryStream();

            byte[] bytKey = GetLegalKey(Key);

            // set the private key
            mobjCryptoService.Key = bytKey;
            mobjCryptoService.IV = bytKey;

            // create an Encryptor from the Provider Service instance
            ICryptoTransform encrypto = mobjCryptoService.CreateEncryptor();

            // create Crypto Stream that transforms a stream using the encryption
            CryptoStream cs = new CryptoStream(ms, encrypto, CryptoStreamMode.Write);

            // write out encrypted content into MemoryStream
            cs.Write(bytIn, 0, bytIn.Length);
            // get the output and trim the '\0' bytes
            byte[] bytOut = ms.GetBuffer();
            int i = 0;
            for (i = 0; i < bytOut.Length; i++)
                if (bytOut[i] == 0)
            // convert into Base64 so that the result can be used in xml
            return System.Convert.ToBase64String(bytOut, 0, i);

        public string Decrypting(string Source, string Key)
            // convert from Base64 to binary
            byte[] bytIn = System.Convert.FromBase64String(Source);
            // create a MemoryStream with the input
            System.IO.MemoryStream ms = new System.IO.MemoryStream(bytIn, 0, bytIn.Length);

            byte[] bytKey = GetLegalKey(Key);

            // set the private key
            mobjCryptoService.Key = bytKey;
            mobjCryptoService.IV = bytKey;

            // create a Decryptor from the Provider Service instance
            ICryptoTransform encrypto = mobjCryptoService.CreateDecryptor();
            // create Crypto Stream that transforms a stream using the decryption
            CryptoStream cs = new CryptoStream(ms, encrypto, CryptoStreamMode.Read);

            // read out the result from the Crypto Stream
            System.IO.StreamReader sr = new System.IO.StreamReader( cs );
            return sr.ReadToEnd();


This article has no explicit license attached to it but may contain usage terms in the article text or the download files themselves. If in doubt please contact the author via the discussion board below.

A list of licenses authors might use can be found here


About the Author

Frank Fang
Web Developer
United States United States
No Biography provided

You may also be interested in...

Comments and Discussions

QuestionTake this down Pin
Mark Jones12-Feb-13 5:05
memberMark Jones12-Feb-13 5:05 
GeneralMy vote of 1 Pin
Slip_915-Oct-11 1:49
memberSlip_915-Oct-11 1:49 
GeneralMy vote of 2 Pin
ganeshJoshi28-Jul-10 0:06
memberganeshJoshi28-Jul-10 0:06 
GeneralLet me see Pin
Abinash Bishoyi19-Jun-10 12:48
memberAbinash Bishoyi19-Jun-10 12:48 
GeneralMy vote of 1 Pin
Tyler Xie19-Dec-08 9:55
memberTyler Xie19-Dec-08 9:55 
GeneralPhrase I LOVE COFFEE! throws and error Pin
Dave Sopko2-Aug-07 9:23
memberDave Sopko2-Aug-07 9:23 
GeneralRe: Phrase I LOVE COFFEE! throws and error Pin
blackjack215017-Jul-08 0:46
memberblackjack215017-Jul-08 0:46 
GeneralRe: Phrase I LOVE COFFEE! throws and error Pin
Bruce Burge22-Apr-09 6:57
memberBruce Burge22-Apr-09 6:57 
QuestionInvalid Length Pin
Naeem Hassan25-Jan-07 2:10
memberNaeem Hassan25-Jan-07 2:10 
AnswerRe: Invalid Length Pin
sweemeng.koh23-Sep-07 14:19
membersweemeng.koh23-Sep-07 14:19 
AnswerRe: Invalid Length Pin
bluebeetleRCC15-Aug-08 6:27
memberbluebeetleRCC15-Aug-08 6:27 
I can confirm this with AES as well.

Use ms.ToArray() -- do NOT scan for the first zero byte!!

The ms buffer is zero padded, yes, which means the unused portion of the buffer will be filled with zeros. However, there is a reasonable probability that a zero will appear within the used portion as well! So, if you just iterate the buffer and cut it at the first zero you are running the risk of throwing out relevant data (unlikely for small streams (but it happens), more likely for larger streams).

This can explain why a source like "I LOVE COFFEE!" might fail but "I LOVE COFFEE?" and other variants might not. Any given particular key and source text combination has a (usually small, for small sources) chance of producing this failure.

If, as in my case, your stream contains dynamic data (I was encrypting a timestamp, which, of course, changed ever time it was encrypted) then the failure will seem intermittent and will really drive you crazy!

While digging around for a solution to this (having first stupidly missed the one on this site) I discovered that there are a lot of people making this mistake -- if there is any way (except comments) to more visibly mark or correct the error in the code above that would be worthwhile, I think (it's easy to see this working well and only later, with bigger/more dynamic sources notice the flaw). (Overall this is a very good article and a lot of people have (apparently) been using it as reference.)

Also, I found that you can see the same behavior (with Aes, at least) in web apps on a web farm. This is not related to the buffer truncation, but can produce the same errors. It is caused by different machineKey values among servers in the same web farm.

If you are getting "Invalid Length" or "Padding is Invalid" errors, be sure first you aren't truncating the buffer (use ToArray() as above). If they are still appearing, they may be web-farm related; if so, I think you can cure this somewhere in the IIS config, by setting all the farm's machineKey attributes to the same value.
AnswerRe: Invalid Length Pin
nathan2240529-May-09 5:24
membernathan2240529-May-09 5:24 
GeneralBase64Strings Pin
lyn_s_scott26-May-05 11:33
memberlyn_s_scott26-May-05 11:33 
GeneralRe: Base64Strings Pin
dlwiii22-Aug-08 8:26
memberdlwiii22-Aug-08 8:26 
GeneralInvalid Length Pin
Anonymous16-Aug-04 17:58
sussAnonymous16-Aug-04 17:58 
GeneralRe: Invalid Length Pin
vipinjosea2-Aug-05 19:17
membervipinjosea2-Aug-05 19:17 
GeneralInvalid lenth Pin
K.Vetter15-Jul-04 0:18
sussK.Vetter15-Jul-04 0:18 
GeneralRe: Invalid lenth Pin
Anonymous10-Sep-04 0:30
sussAnonymous10-Sep-04 0:30 
GeneralRe: Invalid lenth Pin
Anonymous3-Jan-05 7:58
sussAnonymous3-Jan-05 7:58 
GeneralRe: Invalid lenth Pin
John Storer II5-Jul-06 3:31
memberJohn Storer II5-Jul-06 3:31 
GeneralRe: Invalid lenth Pin
shuchi agarwal28-Jul-06 4:14
membershuchi agarwal28-Jul-06 4:14 
GeneralThe bug in encryption found... Pin
Nikolai Serdiuk26-Feb-04 0:32
memberNikolai Serdiuk26-Feb-04 0:32 
GeneralRe: The bug in encryption found... Pin
Anonymous31-May-04 13:43
sussAnonymous31-May-04 13:43 
GeneralRe: The bug in encryption found... Pin
Nikolai Serdiuk31-May-04 22:34
memberNikolai Serdiuk31-May-04 22:34 
GeneralRe: The bug in encryption found... Pin
Nikolai Serdiuk31-May-04 22:56
memberNikolai Serdiuk31-May-04 22:56 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink | Advertise | Privacy | Terms of Use | Mobile
Web02 | 2.8.171114.1 | Last Updated 15 Mar 2002
Article Copyright 2002 by Frank Fang
Everything else Copyright © CodeProject, 1999-2017
Layout: fixed | fluid