encrypt and decrypt password

Question

0.00/5 (No votes)

See more:

VB

ASP.NET

How to encrypt and decrypt password using VB.Net and store it to sql server database?

Posted 1-Feb-11 0:53am

varsha p

Updated 1-Feb-11 1:04am

Prerak Patel

v2

Add a Solution

3 solutions

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

#realJSOP · Answer 1 · 2011-02-01T01:01:00

You should store it in its encrypted form, and when the user enters his password, you should encrypt it, and compare it with the version in the database. Here's some encryption code. Converting it to VB shouldn't be an issue - if you want to do it fast, use one of the free online converters. Of course, you could just put this code into a C# assembly, and use it as is:

C#

using System;
using System.IO;
using System.Text;
using System.Security.Cryptography;

namespace Paddedwall.CryptoLib
{
	/// <summary>
	/// basic Encrption/decryption functionaility
	/// </summary>
	public class Crypto
	{
		#region enums, constants & fields
		//types of symmetric encyption
		public enum CryptoTypes
		{
			encTypeDES = 0,
			encTypeRC2,
			encTypeRijndael,
			encTypeTripleDES
		}

        private const string CRYPT_DEFAULT_PASSWORD = "CB06cfE507a1";
		private const CryptoTypes CRYPT_DEFAULT_METHOD = CryptoTypes.encTypeRijndael;

		private byte[] mKey = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24};
		private byte[] mIV = {65, 110, 68, 26, 69, 178, 200, 219};
		private byte[] SaltByteArray  = {0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76};
		private CryptoTypes mCryptoType = CRYPT_DEFAULT_METHOD;
		private string mPassword = CRYPT_DEFAULT_PASSWORD;
		#endregion

		#region Constructors

		public Crypto()
		{
			calculateNewKeyAndIV();
		}

		public Crypto(CryptoTypes CryptoType)
		{
			this.CryptoType = CryptoType;
		}
		#endregion

		#region Props

		/// <summary>
		///		type of encryption / decryption used
		/// </summary>
		public CryptoTypes CryptoType
		{
			get 
			{
				return mCryptoType;
			}
			set
			{
				if (mCryptoType != value) 
				{
					mCryptoType = value;
					calculateNewKeyAndIV();
				}
			}
		}

		/// <summary>
		///		Passsword Key Property.
		///		The password key used when encrypting / decrypting
		/// </summary>
		public string Password
		{
			get 
			{
				return mPassword;
			}
			set 
			{	
				if (mPassword != value)
				{
					mPassword = value;
					calculateNewKeyAndIV();
				}
			}
		}
		#endregion

		#region Encryption

		/// <summary>
		///		Encrypt a string
		/// </summary>
		/// <param name="inputText">text to encrypt</param>
		/// <returns>an encrypted string</returns>
		public string Encrypt(string inputText)
		{
			//declare a new encoder
			UTF8Encoding UTF8Encoder = new UTF8Encoding();
			//get byte representation of string
			byte[] inputBytes = UTF8Encoder.GetBytes(inputText);
			
			//convert back to a string
			return Convert.ToBase64String(EncryptDecrypt(inputBytes,true));
		}

		/// <summary>
		///		Encrypt string with user defined password
		/// </summary>
		/// <param name="inputText">text to encrypt</param>
		/// <param name="password">password to use when encrypting</param>
		/// <returns>an encrypted string</returns>
		public string Encrypt(string inputText, string password)
		{
			this.Password = password;
			return this.Encrypt(inputText);
		}

		/// <summary>
		///		Encrypt string acc. to cryptoType and with user defined password
		/// </summary>
		/// <param name="inputText">text to encrypt</param>
		/// <param name="password">password to use when encrypting</param>
		/// <param name="cryptoType">type of encryption</param>
		/// <returns>an encrypted string</returns>
		public string Encrypt(string inputText, string password, CryptoTypes cryptoType)
		{
			mCryptoType = cryptoType;
			return this.Encrypt(inputText,password);
		}
		
		/// <summary>
		///		Encrypt string acc. to cryptoType
		/// </summary>
		/// <param name="inputText">text to encrypt</param>
		/// <param name="cryptoType">type of encryption</param>
		/// <returns>an encrypted string</returns>
		public string Encrypt(string inputText, CryptoTypes cryptoType)
		{
			this.CryptoType = cryptoType;
			return this.Encrypt(inputText);
		}

		#endregion

		#region Decryption

		/// <summary>
		///		decrypts a string
		/// </summary>
		/// <param name="inputText">string to decrypt</param>
		/// <returns>a decrypted string</returns>
		public string Decrypt(string inputText)
		{	
			//declare a new encoder
			UTF8Encoding UTF8Encoder = new UTF8Encoding();
			//get byte representation of string
			byte[] inputBytes = Convert.FromBase64String(inputText);

			//convert back to a string
			return UTF8Encoder.GetString(EncryptDecrypt(inputBytes,false));
		}

		/// <summary>
		///		decrypts a string using a user defined password key
		/// </summary>
		/// <param name="inputText">string to decrypt</param>
		/// <param name="password">password to use when decrypting</param>
		/// <returns>a decrypted string</returns>
		public string Decrypt(string inputText, string password)
		{
			this.Password = password;
			return Decrypt(inputText);
		}

		/// <summary>
		///		decrypts a string acc. to decryption type and user defined password key
		/// </summary>
		/// <param name="inputText">string to decrypt</param>
		/// <param name="password">password key used to decrypt</param>
		/// <param name="cryptoType">type of decryption</param>
		/// <returns>a decrypted string</returns>
		public string Decrypt(string inputText, string password, CryptoTypes cryptoType)
		{
			mCryptoType = cryptoType;
			return Decrypt(inputText,password);
		}

		/// <summary>
		///		decrypts a string acc. to the decryption type
		/// </summary>
		/// <param name="inputText">string to decrypt</param>
		/// <param name="cryptoType">type of decryption</param>
		/// <returns>a decrypted string</returns>
		public string Decrypt(string inputText, CryptoTypes cryptoType)
		{
			this.CryptoType = cryptoType;
			return Decrypt(inputText);
		}
		#endregion

		#region Symmetric Engine

		/// <summary>
		///		performs the actual enc/dec.
		/// </summary>
		/// <param name="inputBytes">input byte array</param>
		/// <param name="Encrpyt">wheather or not to perform enc/dec</param>
		/// <returns>byte array output</returns>
		private byte[] EncryptDecrypt(byte[] inputBytes, bool Encrpyt)
		{
			//get the correct transform
			ICryptoTransform transform = getCryptoTransform(Encrpyt);

			//memory stream for output
			MemoryStream memStream = new MemoryStream();	

			try 
			{
				//setup the cryption - output written to memstream
				CryptoStream cryptStream = new CryptoStream(memStream,transform,CryptoStreamMode.Write);

				//write data to cryption engine
				cryptStream.Write(inputBytes,0,inputBytes.Length);

				//we are finished
				cryptStream.FlushFinalBlock();
				
				//get result
				byte[] output = memStream.ToArray();

				//finished with engine, so close the stream
				cryptStream.Close();

				return output;
			}
			catch (Exception e) 
			{
				//throw an error
				throw new Exception("Error in symmetric engine. Error : " + e.Message,e);
			}
		}

		/// <summary>
		///		returns the symmetric engine and creates the encyptor/decryptor
		/// </summary>
		/// <param name="encrypt">whether to return a encrpytor or decryptor</param>
		/// <returns>ICryptoTransform</returns>
		private ICryptoTransform getCryptoTransform(bool encrypt)
		{
			SymmetricAlgorithm SA = selectAlgorithm();
			SA.Key = mKey;
			SA.IV = mIV;
			if (encrypt) 
			{
				return SA.CreateEncryptor();
			}else 
			{
				return SA.CreateDecryptor();
			}
		}
		/// <summary>
		///		returns the specific symmetric algorithm acc. to the cryptotype
		/// </summary>
		/// <returns>SymmetricAlgorithm</returns>
		private SymmetricAlgorithm selectAlgorithm()
		{
			SymmetricAlgorithm SA;
			switch (mCryptoType)
			{
				case CryptoTypes.encTypeDES:
					SA = DES.Create();
					break;
				case CryptoTypes.encTypeRC2:
					SA = RC2.Create();
					break;
				case CryptoTypes.encTypeRijndael:
					SA = Rijndael.Create();
					break;
				case CryptoTypes.encTypeTripleDES:
					SA = TripleDES.Create();
					break;
				default:
					SA = TripleDES.Create();
					break;
			}
			return SA;
		}

		/// <summary>
		///		calculates the key and IV acc. to the symmetric method from the password
		///		key and IV size dependant on symmetric method
		/// </summary>
		private void calculateNewKeyAndIV()
		{
			//use salt so that key cannot be found with dictionary attack
			PasswordDeriveBytes pdb = new PasswordDeriveBytes(mPassword,SaltByteArray);
			SymmetricAlgorithm algo = selectAlgorithm();
			mKey = pdb.GetBytes(algo.KeySize / 8);
			mIV = pdb.GetBytes(algo.BlockSize / 8);
		}

		#endregion
	}

	/// <summary>
	/// Hashing class. Only static members so no need to create an instance
	/// </summary>
	public class Hashing
	{
		#region enum, constants and fields
		//types of hashing available
		public enum HashingTypes
		{
			SHA, SHA256, SHA384, SHA512, MD5
		}
		#endregion

		#region static members
		public static string Hash(String inputText)
		{
			return ComputeHash(inputText,HashingTypes.MD5);
		}
		
		public static string Hash(String inputText, HashingTypes hashingType)
		{
			return ComputeHash(inputText,hashingType);
		}

		/// <summary>
		///		returns true if the input text is equal to hashed text
		/// </summary>
		/// <param name="inputText">unhashed text to test</param>
		/// <param name="hashText">already hashed text</param>
		/// <returns>boolean true or false</returns>
		public static bool isHashEqual(string inputText, string hashText)
		{
			return (Hash(inputText) == hashText);
		}

		public static bool isHashEqual(string inputText, string hashText, HashingTypes hashingType)
		{
			return (Hash(inputText,hashingType) == hashText);
		}
		#endregion

		#region Hashing Engine

		/// <summary>
		///		computes the hash code and converts it to string
		/// </summary>
		/// <param name="inputText">input text to be hashed</param>
		/// <param name="hashingType">type of hashing to use</param>
		/// <returns>hashed string</returns>
		private static string ComputeHash(string inputText, HashingTypes hashingType)
		{
			HashAlgorithm HA = getHashAlgorithm(hashingType);

			//declare a new encoder
			UTF8Encoding UTF8Encoder = new UTF8Encoding();
			//get byte representation of input text
			byte[] inputBytes = UTF8Encoder.GetBytes(inputText);
			
			
			//hash the input byte array
			byte[] output = HA.ComputeHash(inputBytes);

			//convert output byte array to a string
			return Convert.ToBase64String(output);
		}

		/// <summary>
		///		returns the specific hashing alorithm
		/// </summary>
		/// <param name="hashingType">type of hashing to use</param>
		/// <returns>HashAlgorithm</returns>
		private static HashAlgorithm getHashAlgorithm(HashingTypes hashingType)
		{
			switch (hashingType)
			{
				case HashingTypes.MD5 :
					return new MD5CryptoServiceProvider();
				case HashingTypes.SHA :
					return new SHA1CryptoServiceProvider();
				case HashingTypes.SHA256 :
					return new SHA256Managed();
				case HashingTypes.SHA384 :
					return new SHA384Managed();
				case HashingTypes.SHA512 :
					return new SHA512Managed();
				default :
					return new MD5CryptoServiceProvider();
			}
		}
		#endregion

	}

    //public class testCrypt
    //{
    //    public void testEncryption()
    //    {
    //        string input = "Thi$ is @ str!&n to tEst encrypti0n!";
    //        Crypto c = new Crypto(Utils.Crypto.CryptoTypes.encTypeTripleDES);
    //        string s1 = c.Encrypt(input);
    //        string s2 = c.Decrypt(s1);
    //        Assert.IsTrue(s2 == input);

    //        s1 = Hashing.Hash(input);
    //        s2 = Hashing.Hash(input,Utils.Hashing.HashingTypes.MD5);
    //        Assert.IsTrue(s1 == s2);
    //        Assert.IsTrue( Hashing.isHashEqual(input,s1));

    //        s1 = Hashing.Hash(input,Utils.Hashing.HashingTypes.SHA512);
    //    }
    //}
}

Prerak Patel · Answer 2 · 2011-02-01T01:04:00

I searched the exact title in Google[^]

VB

Imports System.IO
Imports System.Text
Imports System.Security.Cryptography

Public Class Crypto

    Private Shared DES As New TripleDESCryptoServiceProvider
    Private Shared MD5 As New MD5CryptoServiceProvider

    Public Shared Function MD5Hash(ByVal value As String) As Byte()
        Return MD5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(value))
    End Function

    Public Shared Function Encrypt(ByVal stringToEncrypt As String, ByVal key As String) As String
        DES.Key = Crypto.MD5Hash(key)
        DES.Mode = CipherMode.ECB
        Dim Buffer As Byte() = ASCIIEncoding.ASCII.GetBytes(stringToEncrypt)
        Return Convert.ToBase64String(DES.CreateEncryptor().TransformFinalBlock(Buffer, 0, Buffer.Length))
    End Function

    Public Shared Function Decrypt(ByVal encryptedString As String, ByVal key As String) As String
        Try
            DES.Key = Crypto.MD5Hash(key)
            DES.Mode = CipherMode.ECB
            Dim Buffer As Byte() = Convert.FromBase64String(encryptedString)
            Return ASCIIEncoding.ASCII.GetString(DES.CreateDecryptor().TransformFinalBlock(Buffer, 0, Buffer.Length))
        Catch ex As Exception
            MessageBox.Show("Invalid Key", "Decryption Failed", MessageBoxButtons.OK, MessageBoxIcon.Exclamation)
        End Try
    End Function

End Class

You can use any key.

Mohd Wasif · Answer 3 · 2011-05-22T20:58:00

Use these two function for encryption & decryption of a value and then save in database.

Public Function base64Encode(sData As String) As String
Try
Dim encData_byte As Byte() = New Byte(sData.Length - 1) {}

encData_byte = System.Text.Encoding.UTF8.GetBytes(sData)

Dim encodedData As String = Convert.ToBase64String(encData_byte)

Return encodedData
Catch ex As Exception
Throw New Exception("Error in base64Encode" + ex.Message)
End Try
End Function
'Method To Decode Password

Public Function base64Decode(sData As String) As String

Dim encoder As New System.Text.UTF8Encoding()

Dim utf8Decode As System.Text.Decoder = encoder.GetDecoder()

Dim todecode_byte As Byte() = Convert.FromBase64String(sData)

Dim charCount As Integer = utf8Decode.GetCharCount(todecode_byte, 0, todecode_byte.Length)

Dim decoded_char As Char() = New Char(charCount - 1) {}

utf8Decode.GetChars(todecode_byte, 0, todecode_byte.Length, decoded_char, 0)

Dim result As String = New [String](decoded_char)

Return result

End Function

encrypt and decrypt password

3 solutions

Solution 1

Solution 2

Solution 5

Add your solution here

Preview 0