|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Decryptionfailed to bring original text back....I am not sure where to put this in this forum. So, I posted this at several topics. I created a class library that has two public methods Encrypt() and Decrypt(). I reference this dll to a window application. I used DESCryptoServiceProvider Algorithm to encrypt and decrypt then with same Key and IV. But unable to decrypt it back to original text. This project I plan to use all algorithm and Hash. This is Phase One. There is no problem ingenerating the Key and IV and at both encrypt and decrypt they are the same. Can anyone spot the mistake and know how to correct this? Thanks. [code] //Generate a Key private static void GenerateDESKey(DESCryptoServiceProvider desProv,int keySize,bool maxKeySize) { if (Key == null) { if (keySize != 0) desProv.KeySize = keySize; else { KeySizes[] keySizeSets = desProv.LegalKeySizes; int len = keySizeSets.Length; for (int x = 0; x < len; x++) { if (maxKeySize) keySize = keySizeSets[0].MaxSize; else keySize = keySizeSets[0].MinSize; } } desProv.KeySize = keySize; desProv.GenerateKey(); Key = desProv.Key; } } //Generate a IV private static void GenerateDESIV(DESCryptoServiceProvider desProv) { if (IV == null) { desProv.GenerateIV(); IV = desProv.IV; } } //Encrypting String Data passed as parameter and returns it public string Encrypt(string strData,int keySize, bool bMaxSize) { string strEncrypt = string.Empty; try { //Variable Telling if Crypto or Managed object is selected MemoryStream memStream = new MemoryStream(); CryptoStream cryptStream; UnicodeEncoding byteConvert = new UnicodeEncoding(); byte[] byteData = byteConvert.GetBytes(strData); byte[] encryptedData = { }; if (this.CRYPTOCLASS == Algorithm.DES.ToString()) { this.CreateDESCrypto(); if (des != null) { //Generate Cryptographic Key and saved it GenerateDESKey(des, keySize, bMaxSize); //Generate Cryptographic IV and saved it GenerateDESIV(des); transform = des.CreateEncryptor((byte[])Key.Clone(), (byte[])IV.Clone()); } } . . . . //Use the created algorithm object to encrypt data cryptStream = new CryptoStream(memStream, transform, CryptoStreamMode.Write); cryptStream.Write(byteData, 0, byteData.Length); cryptStream.FlushFinalBlock(); encryptedData = memStream.ToArray(); memStream.Close(); cryptStream.Close(); transform.Dispose(); //Call to dispose data this.DisposeActiveObjects(); //Convert encrypted bytes[] back to string strEncrypt = Convert.ToBase64String(encryptedData); } catch (Exception ex) { this.WriteAppendLogFile(", Encrypt() " + ex.ToString()); } return strEncrypt; } //Decrypting String Data passed as parameter and returns it public string Decrypt(string strEncrypt) { string strData = string.Empty; try { //Variable Telling if Crypto or Managed object is selected //Check if Key and IV is still has data if (Key == null || IV == null) { return "Cryptographic Key and IV cannot be null."; } MemoryStream memStream; CryptoStream cryptStream; byte[] encryptedData = Convert.FromBase64String(strEncrypt); byte[] decryptedData = new Byte[encryptedData.Length]; if (this.CRYPTOCLASS == Algorithm.DES.ToString()) { this.CreateDESCrypto(); transform = des.CreateDecryptor((byte[]) Key.Clone(),(byte[])IV.Clone()); } ........ //Use the created algorithm object to encrypt data memStream = new MemoryStream(encryptedData); cryptStream = new CryptoStream(memStream, transform, CryptoStreamMode.Read); cryptStream.Read(decryptedData, 0, decryptedData.Length); memStream.Close(); cryptStream.Close(); transform.Dispose(); //Call to dispose data this.DisposeActiveObjects(); //Convert encrypted bytes[] back to string //strEncrypt = Convert.ToBase64String(decryptedData); strData = Encoding.ASCII.GetString(decryptedData); } catch (Exception ex) { this.WriteAppendLogFile(", Decrypt() " + ex.ToString()); } return strData; } [/code] den2005 -- MCP Year 2005, Philippines Why do you encode with Unicode and convert back to string with ASCII? That
makes no sense. You have to use the same encoding to go string->binary->string. Why not also just use UTF8 for both? Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "den 2005" <den2***@discussions.microsoft.com> wrote in message news:28E79C33-C926-4C12-B79D-014381297C75@microsoft.com... > Hi everybody, > > I am not sure where to put this in this forum. So, I posted this at > several topics. I created a class library that has two public methods > Encrypt() and Decrypt(). I reference this dll to a window application. I > used > DESCryptoServiceProvider Algorithm to encrypt and decrypt then with same > Key > and IV. But unable to decrypt it back to original text. This project I > plan > to use all algorithm and Hash. This is Phase One. There is no problem > ingenerating the Key and IV and at both encrypt and decrypt they are the > same. Can anyone spot the mistake and know how to correct this? Thanks. > > [code] > > //Generate a Key > private static void GenerateDESKey(DESCryptoServiceProvider > desProv,int keySize,bool maxKeySize) > { > if (Key == null) > { > if (keySize != 0) > desProv.KeySize = keySize; > else > { > KeySizes[] keySizeSets = desProv.LegalKeySizes; > int len = keySizeSets.Length; > > for (int x = 0; x < len; x++) > { > if (maxKeySize) > keySize = keySizeSets[0].MaxSize; > else > keySize = keySizeSets[0].MinSize; > } > } > desProv.KeySize = keySize; > desProv.GenerateKey(); > Key = desProv.Key; > } > } > > //Generate a IV > private static void GenerateDESIV(DESCryptoServiceProvider desProv) > { > if (IV == null) > { > desProv.GenerateIV(); > IV = desProv.IV; > } > } > > //Encrypting String Data passed as parameter and returns it > public string Encrypt(string strData,int keySize, bool bMaxSize) > { > string strEncrypt = string.Empty; > try > { > //Variable Telling if Crypto or Managed object is selected > MemoryStream memStream = new MemoryStream(); > > CryptoStream cryptStream; > UnicodeEncoding byteConvert = new UnicodeEncoding(); > byte[] byteData = byteConvert.GetBytes(strData); > > byte[] encryptedData = { }; > > > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) > { > this.CreateDESCrypto(); > if (des != null) > { > //Generate Cryptographic Key and saved it > GenerateDESKey(des, keySize, bMaxSize); > //Generate Cryptographic IV and saved it > GenerateDESIV(des); > > transform = > des.CreateEncryptor((byte[])Key.Clone(), > (byte[])IV.Clone()); > } > } > . . . . > //Use the created algorithm object to encrypt data > cryptStream = new CryptoStream(memStream, transform, > CryptoStreamMode.Write); > > cryptStream.Write(byteData, 0, byteData.Length); > cryptStream.FlushFinalBlock(); > > encryptedData = memStream.ToArray(); > > memStream.Close(); > cryptStream.Close(); > transform.Dispose(); > > //Call to dispose data > this.DisposeActiveObjects(); > //Convert encrypted bytes[] back to string > strEncrypt = Convert.ToBase64String(encryptedData); > > } > catch (Exception ex) > { > this.WriteAppendLogFile(", Encrypt() " + ex.ToString()); > } > return strEncrypt; > } > > //Decrypting String Data passed as parameter and returns it > public string Decrypt(string strEncrypt) > { > string strData = string.Empty; > try > { > //Variable Telling if Crypto or Managed object is selected > > //Check if Key and IV is still has data > if (Key == null || IV == null) > { > return "Cryptographic Key and IV cannot be null."; > } > MemoryStream memStream; > CryptoStream cryptStream; > byte[] encryptedData = > Convert.FromBase64String(strEncrypt); > byte[] decryptedData = new Byte[encryptedData.Length]; > > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) > { > this.CreateDESCrypto(); > transform = des.CreateDecryptor((byte[]) > Key.Clone(),(byte[])IV.Clone()); > > } > ........ > > //Use the created algorithm object to encrypt data > memStream = new MemoryStream(encryptedData); > cryptStream = new CryptoStream(memStream, transform, > CryptoStreamMode.Read); > > cryptStream.Read(decryptedData, 0, decryptedData.Length); > > memStream.Close(); > cryptStream.Close(); > transform.Dispose(); > > //Call to dispose data > this.DisposeActiveObjects(); > //Convert encrypted bytes[] back to string > //strEncrypt = Convert.ToBase64String(decryptedData); > strData = Encoding.ASCII.GetString(decryptedData); > } > catch (Exception ex) > { > this.WriteAppendLogFile(", Decrypt() " + ex.ToString()); > } > return strData; > } > [/code] > > den2005 > > > > > -- > MCP Year 2005, Philippines Thanks for the reply, Joe.
Thanks for idea...I would try different approach in converting bytes[] to string using ASCII, UTF32, Unicode, UTF7, UTF8 to know which of them applies to all possible keys of text (?$%~`&^*(|\]'"). After I did this, I try using Hashing in encrypt/decrypt text. I just started learning cryptography. What is exactly Padding does to encryption/decryption process? The encrypted text has 40 bits so it will add to fill it up to 64 bits, how about if encrypted data goes over 64 bits, what happen when you decrypt the encrypted data? Dennis -- Show quoteHide quoteMCP Year 2005, Philippines "Joe Kaplan (MVP - ADSI)" wrote: > Why do you encode with Unicode and convert back to string with ASCII? That > makes no sense. You have to use the same encoding to go > string->binary->string. Why not also just use UTF8 for both? > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > "den 2005" <den2***@discussions.microsoft.com> wrote in message > news:28E79C33-C926-4C12-B79D-014381297C75@microsoft.com... > > Hi everybody, > > > > I am not sure where to put this in this forum. So, I posted this at > > several topics. I created a class library that has two public methods > > Encrypt() and Decrypt(). I reference this dll to a window application. I > > used > > DESCryptoServiceProvider Algorithm to encrypt and decrypt then with same > > Key > > and IV. But unable to decrypt it back to original text. This project I > > plan > > to use all algorithm and Hash. This is Phase One. There is no problem > > ingenerating the Key and IV and at both encrypt and decrypt they are the > > same. Can anyone spot the mistake and know how to correct this? Thanks. > > > > [code] > > > > //Generate a Key > > private static void GenerateDESKey(DESCryptoServiceProvider > > desProv,int keySize,bool maxKeySize) > > { > > if (Key == null) > > { > > if (keySize != 0) > > desProv.KeySize = keySize; > > else > > { > > KeySizes[] keySizeSets = desProv.LegalKeySizes; > > int len = keySizeSets.Length; > > > > for (int x = 0; x < len; x++) > > { > > if (maxKeySize) > > keySize = keySizeSets[0].MaxSize; > > else > > keySize = keySizeSets[0].MinSize; > > } > > } > > desProv.KeySize = keySize; > > desProv.GenerateKey(); > > Key = desProv.Key; > > } > > } > > > > //Generate a IV > > private static void GenerateDESIV(DESCryptoServiceProvider desProv) > > { > > if (IV == null) > > { > > desProv.GenerateIV(); > > IV = desProv.IV; > > } > > } > > > > //Encrypting String Data passed as parameter and returns it > > public string Encrypt(string strData,int keySize, bool bMaxSize) > > { > > string strEncrypt = string.Empty; > > try > > { > > //Variable Telling if Crypto or Managed object is selected > > MemoryStream memStream = new MemoryStream(); > > > > CryptoStream cryptStream; > > UnicodeEncoding byteConvert = new UnicodeEncoding(); > > byte[] byteData = byteConvert.GetBytes(strData); > > > > byte[] encryptedData = { }; > > > > > > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) > > { > > this.CreateDESCrypto(); > > if (des != null) > > { > > //Generate Cryptographic Key and saved it > > GenerateDESKey(des, keySize, bMaxSize); > > //Generate Cryptographic IV and saved it > > GenerateDESIV(des); > > > > transform = > > des.CreateEncryptor((byte[])Key.Clone(), > > (byte[])IV.Clone()); > > } > > } > > . . . . > > //Use the created algorithm object to encrypt data > > cryptStream = new CryptoStream(memStream, transform, > > CryptoStreamMode.Write); > > > > cryptStream.Write(byteData, 0, byteData.Length); > > cryptStream.FlushFinalBlock(); > > > > encryptedData = memStream.ToArray(); > > > > memStream.Close(); > > cryptStream.Close(); > > transform.Dispose(); > > > > //Call to dispose data > > this.DisposeActiveObjects(); > > //Convert encrypted bytes[] back to string > > strEncrypt = Convert.ToBase64String(encryptedData); > > > > } > > catch (Exception ex) > > { > > this.WriteAppendLogFile(", Encrypt() " + ex.ToString()); > > } > > return strEncrypt; > > } > > > > //Decrypting String Data passed as parameter and returns it > > public string Decrypt(string strEncrypt) > > { > > string strData = string.Empty; > > try > > { > > //Variable Telling if Crypto or Managed object is selected > > > > //Check if Key and IV is still has data > > if (Key == null || IV == null) > > { > > return "Cryptographic Key and IV cannot be null."; > > } > > MemoryStream memStream; > > CryptoStream cryptStream; > > byte[] encryptedData = > > Convert.FromBase64String(strEncrypt); > > byte[] decryptedData = new Byte[encryptedData.Length]; > > > > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) > > { > > this.CreateDESCrypto(); > > transform = des.CreateDecryptor((byte[]) > > Key.Clone(),(byte[])IV.Clone()); > > > > } > > ........ > > > > //Use the created algorithm object to encrypt data > > memStream = new MemoryStream(encryptedData); > > cryptStream = new CryptoStream(memStream, transform, > > CryptoStreamMode.Read); > > > > cryptStream.Read(decryptedData, 0, decryptedData.Length); > > > > memStream.Close(); > > cryptStream.Close(); > > transform.Dispose(); > > > > //Call to dispose data > > this.DisposeActiveObjects(); > > //Convert encrypted bytes[] back to string > > //strEncrypt = Convert.ToBase64String(decryptedData); > > strData = Encoding.ASCII.GetString(decryptedData); > > } > > catch (Exception ex) > > { > > this.WriteAppendLogFile(", Decrypt() " + ex.ToString()); > > } > > return strData; > > } > > [/code] > > > > den2005 > > > > > > > > > > -- > > MCP Year 2005, Philippines > > > The thing to know when you are encrypting string data (as opposed to
arbitrary binary data) is that if you have a .NET string object, that it Unicode. There isn't really much reason to encrypt a .NET string with anything other than a Unicode encoding like UTF8 or Unicode. That will cover all possible characters. You always decode with the same encoding you encoded with if you want to get back the same string. If you have arbitrary data, then just pass in the binary data directly. Regarding block ciphers (which is what you are talking about), they work by processing a fixed number of bytes of data at a time. They keep moving through the data X bytes at a time, encypting each block as they go. If they reach the end of the data and it isn't long enough to fill a whole block, then padding is added to make the length match the block size. The padding is generally stripped off when the data is decrypted. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "den 2005" <den2***@discussions.microsoft.com> wrote in message news:DE9A3290-447A-4309-A9E6-97F36AA301F1@microsoft.com... > Thanks for the reply, Joe. > Thanks for idea...I would try different approach in converting bytes[] to > string using ASCII, UTF32, Unicode, UTF7, UTF8 to know which of them > applies > to all possible keys of text (?$%~`&^*(|\]'"). After I did this, I try > using > Hashing in encrypt/decrypt text. I just started learning cryptography. > What > is exactly Padding does to encryption/decryption process? The encrypted > text > has 40 bits so it will add to fill it up to 64 bits, how about if > encrypted > data goes over 64 bits, what happen when you decrypt the encrypted data? > > Dennis > > > -- > MCP Year 2005, Philippines > > > "Joe Kaplan (MVP - ADSI)" wrote: > >> Why do you encode with Unicode and convert back to string with ASCII? >> That >> makes no sense. You have to use the same encoding to go >> string->binary->string. Why not also just use UTF8 for both? >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "den 2005" <den2***@discussions.microsoft.com> wrote in message >> news:28E79C33-C926-4C12-B79D-014381297C75@microsoft.com... >> > Hi everybody, >> > >> > I am not sure where to put this in this forum. So, I posted this at >> > several topics. I created a class library that has two public methods >> > Encrypt() and Decrypt(). I reference this dll to a window application. >> > I >> > used >> > DESCryptoServiceProvider Algorithm to encrypt and decrypt then with >> > same >> > Key >> > and IV. But unable to decrypt it back to original text. This project I >> > plan >> > to use all algorithm and Hash. This is Phase One. There is no problem >> > ingenerating the Key and IV and at both encrypt and decrypt they are >> > the >> > same. Can anyone spot the mistake and know how to correct this? Thanks. >> > >> > [code] >> > >> > //Generate a Key >> > private static void GenerateDESKey(DESCryptoServiceProvider >> > desProv,int keySize,bool maxKeySize) >> > { >> > if (Key == null) >> > { >> > if (keySize != 0) >> > desProv.KeySize = keySize; >> > else >> > { >> > KeySizes[] keySizeSets = desProv.LegalKeySizes; >> > int len = keySizeSets.Length; >> > >> > for (int x = 0; x < len; x++) >> > { >> > if (maxKeySize) >> > keySize = keySizeSets[0].MaxSize; >> > else >> > keySize = keySizeSets[0].MinSize; >> > } >> > } >> > desProv.KeySize = keySize; >> > desProv.GenerateKey(); >> > Key = desProv.Key; >> > } >> > } >> > >> > //Generate a IV >> > private static void GenerateDESIV(DESCryptoServiceProvider >> > desProv) >> > { >> > if (IV == null) >> > { >> > desProv.GenerateIV(); >> > IV = desProv.IV; >> > } >> > } >> > >> > //Encrypting String Data passed as parameter and returns it >> > public string Encrypt(string strData,int keySize, bool bMaxSize) >> > { >> > string strEncrypt = string.Empty; >> > try >> > { >> > //Variable Telling if Crypto or Managed object is >> > selected >> > MemoryStream memStream = new MemoryStream(); >> > >> > CryptoStream cryptStream; >> > UnicodeEncoding byteConvert = new UnicodeEncoding(); >> > byte[] byteData = byteConvert.GetBytes(strData); >> > >> > byte[] encryptedData = { }; >> > >> > >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) >> > { >> > this.CreateDESCrypto(); >> > if (des != null) >> > { >> > //Generate Cryptographic Key and saved it >> > GenerateDESKey(des, keySize, bMaxSize); >> > //Generate Cryptographic IV and saved it >> > GenerateDESIV(des); >> > >> > transform = >> > des.CreateEncryptor((byte[])Key.Clone(), >> > (byte[])IV.Clone()); >> > } >> > } >> > . . . . >> > //Use the created algorithm object to encrypt data >> > cryptStream = new CryptoStream(memStream, transform, >> > CryptoStreamMode.Write); >> > >> > cryptStream.Write(byteData, 0, byteData.Length); >> > cryptStream.FlushFinalBlock(); >> > >> > encryptedData = memStream.ToArray(); >> > >> > memStream.Close(); >> > cryptStream.Close(); >> > transform.Dispose(); >> > >> > //Call to dispose data >> > this.DisposeActiveObjects(); >> > //Convert encrypted bytes[] back to string >> > strEncrypt = Convert.ToBase64String(encryptedData); >> > >> > } >> > catch (Exception ex) >> > { >> > this.WriteAppendLogFile(", Encrypt() " + ex.ToString()); >> > } >> > return strEncrypt; >> > } >> > >> > //Decrypting String Data passed as parameter and returns it >> > public string Decrypt(string strEncrypt) >> > { >> > string strData = string.Empty; >> > try >> > { >> > //Variable Telling if Crypto or Managed object is >> > selected >> > >> > //Check if Key and IV is still has data >> > if (Key == null || IV == null) >> > { >> > return "Cryptographic Key and IV cannot be null."; >> > } >> > MemoryStream memStream; >> > CryptoStream cryptStream; >> > byte[] encryptedData = >> > Convert.FromBase64String(strEncrypt); >> > byte[] decryptedData = new Byte[encryptedData.Length]; >> > >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) >> > { >> > this.CreateDESCrypto(); >> > transform = des.CreateDecryptor((byte[]) >> > Key.Clone(),(byte[])IV.Clone()); >> > >> > } >> > ........ >> > >> > //Use the created algorithm object to encrypt data >> > memStream = new MemoryStream(encryptedData); >> > cryptStream = new CryptoStream(memStream, transform, >> > CryptoStreamMode.Read); >> > >> > cryptStream.Read(decryptedData, 0, >> > decryptedData.Length); >> > >> > memStream.Close(); >> > cryptStream.Close(); >> > transform.Dispose(); >> > >> > //Call to dispose data >> > this.DisposeActiveObjects(); >> > //Convert encrypted bytes[] back to string >> > //strEncrypt = Convert.ToBase64String(decryptedData); >> > strData = Encoding.ASCII.GetString(decryptedData); >> > } >> > catch (Exception ex) >> > { >> > this.WriteAppendLogFile(", Decrypt() " + ex.ToString()); >> > } >> > return strData; >> > } >> > [/code] >> > >> > den2005 >> > >> > >> > >> > >> > -- >> > MCP Year 2005, Philippines >> >> >> Thanks for info, Joe. Sorry it take time for me to reply...I am still in
cryptography, but now using them on web.config, any idea, I like to encrypt them when it is not being used, decrypt them when connecting to database. Dennis -- Show quoteHide quoteMCP Year 2005, Philippines "Joe Kaplan (MVP - ADSI)" wrote: > The thing to know when you are encrypting string data (as opposed to > arbitrary binary data) is that if you have a .NET string object, that it > Unicode. There isn't really much reason to encrypt a .NET string with > anything other than a Unicode encoding like UTF8 or Unicode. That will > cover all possible characters. You always decode with the same encoding you > encoded with if you want to get back the same string. > > If you have arbitrary data, then just pass in the binary data directly. > > Regarding block ciphers (which is what you are talking about), they work by > processing a fixed number of bytes of data at a time. They keep moving > through the data X bytes at a time, encypting each block as they go. If > they reach the end of the data and it isn't long enough to fill a whole > block, then padding is added to make the length match the block size. The > padding is generally stripped off when the data is decrypted. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > "den 2005" <den2***@discussions.microsoft.com> wrote in message > news:DE9A3290-447A-4309-A9E6-97F36AA301F1@microsoft.com... > > Thanks for the reply, Joe. > > Thanks for idea...I would try different approach in converting bytes[] to > > string using ASCII, UTF32, Unicode, UTF7, UTF8 to know which of them > > applies > > to all possible keys of text (?$%~`&^*(|\]'"). After I did this, I try > > using > > Hashing in encrypt/decrypt text. I just started learning cryptography. > > What > > is exactly Padding does to encryption/decryption process? The encrypted > > text > > has 40 bits so it will add to fill it up to 64 bits, how about if > > encrypted > > data goes over 64 bits, what happen when you decrypt the encrypted data? > > > > Dennis > > > > > > -- > > MCP Year 2005, Philippines > > > > > > "Joe Kaplan (MVP - ADSI)" wrote: > > > >> Why do you encode with Unicode and convert back to string with ASCII? > >> That > >> makes no sense. You have to use the same encoding to go > >> string->binary->string. Why not also just use UTF8 for both? > >> > >> Joe K. > >> > >> -- > >> Joe Kaplan-MS MVP Directory Services Programming > >> Co-author of "The .NET Developer's Guide to Directory Services > >> Programming" > >> http://www.directoryprogramming.net > >> -- > >> "den 2005" <den2***@discussions.microsoft.com> wrote in message > >> news:28E79C33-C926-4C12-B79D-014381297C75@microsoft.com... > >> > Hi everybody, > >> > > >> > I am not sure where to put this in this forum. So, I posted this at > >> > several topics. I created a class library that has two public methods > >> > Encrypt() and Decrypt(). I reference this dll to a window application. > >> > I > >> > used > >> > DESCryptoServiceProvider Algorithm to encrypt and decrypt then with > >> > same > >> > Key > >> > and IV. But unable to decrypt it back to original text. This project I > >> > plan > >> > to use all algorithm and Hash. This is Phase One. There is no problem > >> > ingenerating the Key and IV and at both encrypt and decrypt they are > >> > the > >> > same. Can anyone spot the mistake and know how to correct this? Thanks. > >> > > >> > [code] > >> > > >> > //Generate a Key > >> > private static void GenerateDESKey(DESCryptoServiceProvider > >> > desProv,int keySize,bool maxKeySize) > >> > { > >> > if (Key == null) > >> > { > >> > if (keySize != 0) > >> > desProv.KeySize = keySize; > >> > else > >> > { > >> > KeySizes[] keySizeSets = desProv.LegalKeySizes; > >> > int len = keySizeSets.Length; > >> > > >> > for (int x = 0; x < len; x++) > >> > { > >> > if (maxKeySize) > >> > keySize = keySizeSets[0].MaxSize; > >> > else > >> > keySize = keySizeSets[0].MinSize; > >> > } > >> > } > >> > desProv.KeySize = keySize; > >> > desProv.GenerateKey(); > >> > Key = desProv.Key; > >> > } > >> > } > >> > > >> > //Generate a IV > >> > private static void GenerateDESIV(DESCryptoServiceProvider > >> > desProv) > >> > { > >> > if (IV == null) > >> > { > >> > desProv.GenerateIV(); > >> > IV = desProv.IV; > >> > } > >> > } > >> > > >> > //Encrypting String Data passed as parameter and returns it > >> > public string Encrypt(string strData,int keySize, bool bMaxSize) > >> > { > >> > string strEncrypt = string.Empty; > >> > try > >> > { > >> > //Variable Telling if Crypto or Managed object is > >> > selected > >> > MemoryStream memStream = new MemoryStream(); > >> > > >> > CryptoStream cryptStream; > >> > UnicodeEncoding byteConvert = new UnicodeEncoding(); > >> > byte[] byteData = byteConvert.GetBytes(strData); > >> > > >> > byte[] encryptedData = { }; > >> > > >> > > >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) > >> > { > >> > this.CreateDESCrypto(); > >> > if (des != null) > >> > { > >> > //Generate Cryptographic Key and saved it > >> > GenerateDESKey(des, keySize, bMaxSize); > >> > //Generate Cryptographic IV and saved it > >> > GenerateDESIV(des); > >> > > >> > transform = > >> > des.CreateEncryptor((byte[])Key.Clone(), > >> > (byte[])IV.Clone()); > >> > } > >> > } > >> > . . . . > >> > //Use the created algorithm object to encrypt data > >> > cryptStream = new CryptoStream(memStream, transform, > >> > CryptoStreamMode.Write); > >> > > >> > cryptStream.Write(byteData, 0, byteData.Length); > >> > cryptStream.FlushFinalBlock(); > >> > > >> > encryptedData = memStream.ToArray(); > >> > > >> > memStream.Close(); > >> > cryptStream.Close(); > >> > transform.Dispose(); > >> > > >> > //Call to dispose data > >> > this.DisposeActiveObjects(); > >> > //Convert encrypted bytes[] back to string > >> > strEncrypt = Convert.ToBase64String(encryptedData); > >> > > >> > } > >> > catch (Exception ex) > >> > { > >> > this.WriteAppendLogFile(", Encrypt() " + ex.ToString()); > >> > } > >> > return strEncrypt; > >> > } > >> > > >> > //Decrypting String Data passed as parameter and returns it > >> > public string Decrypt(string strEncrypt) > >> > { > >> > string strData = string.Empty; > >> > try > >> > { > >> > //Variable Telling if Crypto or Managed object is > >> > selected > >> > > >> > //Check if Key and IV is still has data > >> > if (Key == null || IV == null) > >> > { > >> > return "Cryptographic Key and IV cannot be null."; > >> > } > >> > MemoryStream memStream; > >> > CryptoStream cryptStream; > >> > byte[] encryptedData = > >> > Convert.FromBase64String(strEncrypt); > >> > byte[] decryptedData = new Byte[encryptedData.Length]; > >> > > >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) > >> > { > >> > this.CreateDESCrypto(); > >> > transform = des.CreateDecryptor((byte[]) > >> > Key.Clone(),(byte[])IV.Clone()); > >> > > >> > } > >> > ........ > >> > > >> > //Use the created algorithm object to encrypt data > >> > memStream = new MemoryStream(encryptedData); > >> > cryptStream = new CryptoStream(memStream, transform, > >> > CryptoStreamMode.Read); > >> > > >> > cryptStream.Read(decryptedData, 0, > >> > decryptedData.Length); > >> > > >> > memStream.Close(); > >> > cryptStream.Close(); > >> > transform.Dispose(); > >> > > >> > //Call to dispose data > >> > this.DisposeActiveObjects(); > >> > //Convert encrypted bytes[] back to string > >> > //strEncrypt = Convert.ToBase64String(decryptedData); > >> > strData = Encoding.ASCII.GetString(decryptedData); > >> > } > >> > catch (Exception ex) > >> > { > >> > this.WriteAppendLogFile(", Decrypt() " + ex.ToString()); > >> > } > >> > return strData; > >> > } > >> > [/code] > >> > > >> > den2005 > >> > > >> > > >> > > >> > > >> > -- > >> > MCP Year 2005, Philippines > >> > >> > >> > > > I always just use enterprise library for this type of thing and it just
works, so I haven't struggled with this at all. What is the problem with what you are trying to do? Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "den 2005" <den2***@discussions.microsoft.com> wrote in message news:D7F5D64B-5246-4CB5-8EAD-D4F24AAC1825@microsoft.com... > Thanks for info, Joe. Sorry it take time for me to reply...I am still in > cryptography, but now using them on web.config, any idea, I like to > encrypt > them when it is not being used, decrypt them when connecting to database. > > Dennis > > -- > MCP Year 2005, Philippines > > > "Joe Kaplan (MVP - ADSI)" wrote: > >> The thing to know when you are encrypting string data (as opposed to >> arbitrary binary data) is that if you have a .NET string object, that it >> Unicode. There isn't really much reason to encrypt a .NET string with >> anything other than a Unicode encoding like UTF8 or Unicode. That will >> cover all possible characters. You always decode with the same encoding >> you >> encoded with if you want to get back the same string. >> >> If you have arbitrary data, then just pass in the binary data directly. >> >> Regarding block ciphers (which is what you are talking about), they work >> by >> processing a fixed number of bytes of data at a time. They keep moving >> through the data X bytes at a time, encypting each block as they go. If >> they reach the end of the data and it isn't long enough to fill a whole >> block, then padding is added to make the length match the block size. >> The >> padding is generally stripped off when the data is decrypted. >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "den 2005" <den2***@discussions.microsoft.com> wrote in message >> news:DE9A3290-447A-4309-A9E6-97F36AA301F1@microsoft.com... >> > Thanks for the reply, Joe. >> > Thanks for idea...I would try different approach in converting bytes[] >> > to >> > string using ASCII, UTF32, Unicode, UTF7, UTF8 to know which of them >> > applies >> > to all possible keys of text (?$%~`&^*(|\]'"). After I did this, I try >> > using >> > Hashing in encrypt/decrypt text. I just started learning cryptography. >> > What >> > is exactly Padding does to encryption/decryption process? The encrypted >> > text >> > has 40 bits so it will add to fill it up to 64 bits, how about if >> > encrypted >> > data goes over 64 bits, what happen when you decrypt the encrypted >> > data? >> > >> > Dennis >> > >> > >> > -- >> > MCP Year 2005, Philippines >> > >> > >> > "Joe Kaplan (MVP - ADSI)" wrote: >> > >> >> Why do you encode with Unicode and convert back to string with ASCII? >> >> That >> >> makes no sense. You have to use the same encoding to go >> >> string->binary->string. Why not also just use UTF8 for both? >> >> >> >> Joe K. >> >> >> >> -- >> >> Joe Kaplan-MS MVP Directory Services Programming >> >> Co-author of "The .NET Developer's Guide to Directory Services >> >> Programming" >> >> http://www.directoryprogramming.net >> >> -- >> >> "den 2005" <den2***@discussions.microsoft.com> wrote in message >> >> news:28E79C33-C926-4C12-B79D-014381297C75@microsoft.com... >> >> > Hi everybody, >> >> > >> >> > I am not sure where to put this in this forum. So, I posted this >> >> > at >> >> > several topics. I created a class library that has two public >> >> > methods >> >> > Encrypt() and Decrypt(). I reference this dll to a window >> >> > application. >> >> > I >> >> > used >> >> > DESCryptoServiceProvider Algorithm to encrypt and decrypt then with >> >> > same >> >> > Key >> >> > and IV. But unable to decrypt it back to original text. This project >> >> > I >> >> > plan >> >> > to use all algorithm and Hash. This is Phase One. There is no >> >> > problem >> >> > ingenerating the Key and IV and at both encrypt and decrypt they are >> >> > the >> >> > same. Can anyone spot the mistake and know how to correct this? >> >> > Thanks. >> >> > >> >> > [code] >> >> > >> >> > //Generate a Key >> >> > private static void GenerateDESKey(DESCryptoServiceProvider >> >> > desProv,int keySize,bool maxKeySize) >> >> > { >> >> > if (Key == null) >> >> > { >> >> > if (keySize != 0) >> >> > desProv.KeySize = keySize; >> >> > else >> >> > { >> >> > KeySizes[] keySizeSets = desProv.LegalKeySizes; >> >> > int len = keySizeSets.Length; >> >> > >> >> > for (int x = 0; x < len; x++) >> >> > { >> >> > if (maxKeySize) >> >> > keySize = keySizeSets[0].MaxSize; >> >> > else >> >> > keySize = keySizeSets[0].MinSize; >> >> > } >> >> > } >> >> > desProv.KeySize = keySize; >> >> > desProv.GenerateKey(); >> >> > Key = desProv.Key; >> >> > } >> >> > } >> >> > >> >> > //Generate a IV >> >> > private static void GenerateDESIV(DESCryptoServiceProvider >> >> > desProv) >> >> > { >> >> > if (IV == null) >> >> > { >> >> > desProv.GenerateIV(); >> >> > IV = desProv.IV; >> >> > } >> >> > } >> >> > >> >> > //Encrypting String Data passed as parameter and returns it >> >> > public string Encrypt(string strData,int keySize, bool >> >> > bMaxSize) >> >> > { >> >> > string strEncrypt = string.Empty; >> >> > try >> >> > { >> >> > //Variable Telling if Crypto or Managed object is >> >> > selected >> >> > MemoryStream memStream = new MemoryStream(); >> >> > >> >> > CryptoStream cryptStream; >> >> > UnicodeEncoding byteConvert = new UnicodeEncoding(); >> >> > byte[] byteData = byteConvert.GetBytes(strData); >> >> > >> >> > byte[] encryptedData = { }; >> >> > >> >> > >> >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) >> >> > { >> >> > this.CreateDESCrypto(); >> >> > if (des != null) >> >> > { >> >> > //Generate Cryptographic Key and saved it >> >> > GenerateDESKey(des, keySize, bMaxSize); >> >> > //Generate Cryptographic IV and saved it >> >> > GenerateDESIV(des); >> >> > >> >> > transform = >> >> > des.CreateEncryptor((byte[])Key.Clone(), >> >> > (byte[])IV.Clone()); >> >> > } >> >> > } >> >> > . . . . >> >> > //Use the created algorithm object to encrypt data >> >> > cryptStream = new CryptoStream(memStream, transform, >> >> > CryptoStreamMode.Write); >> >> > >> >> > cryptStream.Write(byteData, 0, byteData.Length); >> >> > cryptStream.FlushFinalBlock(); >> >> > >> >> > encryptedData = memStream.ToArray(); >> >> > >> >> > memStream.Close(); >> >> > cryptStream.Close(); >> >> > transform.Dispose(); >> >> > >> >> > //Call to dispose data >> >> > this.DisposeActiveObjects(); >> >> > //Convert encrypted bytes[] back to string >> >> > strEncrypt = Convert.ToBase64String(encryptedData); >> >> > >> >> > } >> >> > catch (Exception ex) >> >> > { >> >> > this.WriteAppendLogFile(", Encrypt() " + >> >> > ex.ToString()); >> >> > } >> >> > return strEncrypt; >> >> > } >> >> > >> >> > //Decrypting String Data passed as parameter and returns it >> >> > public string Decrypt(string strEncrypt) >> >> > { >> >> > string strData = string.Empty; >> >> > try >> >> > { >> >> > //Variable Telling if Crypto or Managed object is >> >> > selected >> >> > >> >> > //Check if Key and IV is still has data >> >> > if (Key == null || IV == null) >> >> > { >> >> > return "Cryptographic Key and IV cannot be >> >> > null."; >> >> > } >> >> > MemoryStream memStream; >> >> > CryptoStream cryptStream; >> >> > byte[] encryptedData = >> >> > Convert.FromBase64String(strEncrypt); >> >> > byte[] decryptedData = new >> >> > Byte[encryptedData.Length]; >> >> > >> >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) >> >> > { >> >> > this.CreateDESCrypto(); >> >> > transform = des.CreateDecryptor((byte[]) >> >> > Key.Clone(),(byte[])IV.Clone()); >> >> > >> >> > } >> >> > ........ >> >> > >> >> > //Use the created algorithm object to encrypt data >> >> > memStream = new MemoryStream(encryptedData); >> >> > cryptStream = new CryptoStream(memStream, transform, >> >> > CryptoStreamMode.Read); >> >> > >> >> > cryptStream.Read(decryptedData, 0, >> >> > decryptedData.Length); >> >> > >> >> > memStream.Close(); >> >> > cryptStream.Close(); >> >> > transform.Dispose(); >> >> > >> >> > //Call to dispose data >> >> > this.DisposeActiveObjects(); >> >> > //Convert encrypted bytes[] back to string >> >> > //strEncrypt = Convert.ToBase64String(decryptedData); >> >> > strData = Encoding.ASCII.GetString(decryptedData); >> >> > } >> >> > catch (Exception ex) >> >> > { >> >> > this.WriteAppendLogFile(", Decrypt() " + >> >> > ex.ToString()); >> >> > } >> >> > return strData; >> >> > } >> >> > [/code] >> >> > >> >> > den2005 >> >> > >> >> > >> >> > >> >> > >> >> > -- >> >> > MCP Year 2005, Philippines >> >> >> >> >> >> >> >> >> Thanks for the reply, Joe.
Enterprose Library? Not familiar with this. Can you provide codes or links that shows how to use this enterprise library you are referring in complete details? I found sample codes doing exactly what I want in ASP.Net 2.0, but I am using ASP.Net 1.0. Dennis -- Show quoteHide quoteMCP Year 2005, Philippines "Joe Kaplan (MVP - ADSI)" wrote: > I always just use enterprise library for this type of thing and it just > works, so I haven't struggled with this at all. What is the problem with > what you are trying to do? > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > "den 2005" <den2***@discussions.microsoft.com> wrote in message > news:D7F5D64B-5246-4CB5-8EAD-D4F24AAC1825@microsoft.com... > > Thanks for info, Joe. Sorry it take time for me to reply...I am still in > > cryptography, but now using them on web.config, any idea, I like to > > encrypt > > them when it is not being used, decrypt them when connecting to database. > > > > Dennis > > > > -- > > MCP Year 2005, Philippines > > > > > > "Joe Kaplan (MVP - ADSI)" wrote: > > > >> The thing to know when you are encrypting string data (as opposed to > >> arbitrary binary data) is that if you have a .NET string object, that it > >> Unicode. There isn't really much reason to encrypt a .NET string with > >> anything other than a Unicode encoding like UTF8 or Unicode. That will > >> cover all possible characters. You always decode with the same encoding > >> you > >> encoded with if you want to get back the same string. > >> > >> If you have arbitrary data, then just pass in the binary data directly. > >> > >> Regarding block ciphers (which is what you are talking about), they work > >> by > >> processing a fixed number of bytes of data at a time. They keep moving > >> through the data X bytes at a time, encypting each block as they go. If > >> they reach the end of the data and it isn't long enough to fill a whole > >> block, then padding is added to make the length match the block size. > >> The > >> padding is generally stripped off when the data is decrypted. > >> > >> Joe K. > >> > >> -- > >> Joe Kaplan-MS MVP Directory Services Programming > >> Co-author of "The .NET Developer's Guide to Directory Services > >> Programming" > >> http://www.directoryprogramming.net > >> -- > >> "den 2005" <den2***@discussions.microsoft.com> wrote in message > >> news:DE9A3290-447A-4309-A9E6-97F36AA301F1@microsoft.com... > >> > Thanks for the reply, Joe. > >> > Thanks for idea...I would try different approach in converting bytes[] > >> > to > >> > string using ASCII, UTF32, Unicode, UTF7, UTF8 to know which of them > >> > applies > >> > to all possible keys of text (?$%~`&^*(|\]'"). After I did this, I try > >> > using > >> > Hashing in encrypt/decrypt text. I just started learning cryptography. > >> > What > >> > is exactly Padding does to encryption/decryption process? The encrypted > >> > text > >> > has 40 bits so it will add to fill it up to 64 bits, how about if > >> > encrypted > >> > data goes over 64 bits, what happen when you decrypt the encrypted > >> > data? > >> > > >> > Dennis > >> > > >> > > >> > -- > >> > MCP Year 2005, Philippines > >> > > >> > > >> > "Joe Kaplan (MVP - ADSI)" wrote: > >> > > >> >> Why do you encode with Unicode and convert back to string with ASCII? > >> >> That > >> >> makes no sense. You have to use the same encoding to go > >> >> string->binary->string. Why not also just use UTF8 for both? > >> >> > >> >> Joe K. > >> >> > >> >> -- > >> >> Joe Kaplan-MS MVP Directory Services Programming > >> >> Co-author of "The .NET Developer's Guide to Directory Services > >> >> Programming" > >> >> http://www.directoryprogramming.net > >> >> -- > >> >> "den 2005" <den2***@discussions.microsoft.com> wrote in message > >> >> news:28E79C33-C926-4C12-B79D-014381297C75@microsoft.com... > >> >> > Hi everybody, > >> >> > > >> >> > I am not sure where to put this in this forum. So, I posted this > >> >> > at > >> >> > several topics. I created a class library that has two public > >> >> > methods > >> >> > Encrypt() and Decrypt(). I reference this dll to a window > >> >> > application. > >> >> > I > >> >> > used > >> >> > DESCryptoServiceProvider Algorithm to encrypt and decrypt then with > >> >> > same > >> >> > Key > >> >> > and IV. But unable to decrypt it back to original text. This project > >> >> > I > >> >> > plan > >> >> > to use all algorithm and Hash. This is Phase One. There is no > >> >> > problem > >> >> > ingenerating the Key and IV and at both encrypt and decrypt they are > >> >> > the > >> >> > same. Can anyone spot the mistake and know how to correct this? > >> >> > Thanks. > >> >> > > >> >> > [code] > >> >> > > >> >> > //Generate a Key > >> >> > private static void GenerateDESKey(DESCryptoServiceProvider > >> >> > desProv,int keySize,bool maxKeySize) > >> >> > { > >> >> > if (Key == null) > >> >> > { > >> >> > if (keySize != 0) > >> >> > desProv.KeySize = keySize; > >> >> > else > >> >> > { > >> >> > KeySizes[] keySizeSets = desProv.LegalKeySizes; > >> >> > int len = keySizeSets.Length; > >> >> > > >> >> > for (int x = 0; x < len; x++) > >> >> > { > >> >> > if (maxKeySize) > >> >> > keySize = keySizeSets[0].MaxSize; > >> >> > else > >> >> > keySize = keySizeSets[0].MinSize; > >> >> > } > >> >> > } > >> >> > desProv.KeySize = keySize; > >> >> > desProv.GenerateKey(); > >> >> > Key = desProv.Key; > >> >> > } > >> >> > } > >> >> > > >> >> > //Generate a IV > >> >> > private static void GenerateDESIV(DESCryptoServiceProvider > >> >> > desProv) > >> >> > { > >> >> > if (IV == null) > >> >> > { > >> >> > desProv.GenerateIV(); > >> >> > IV = desProv.IV; > >> >> > } > >> >> > } > >> >> > > >> >> > //Encrypting String Data passed as parameter and returns it > >> >> > public string Encrypt(string strData,int keySize, bool > >> >> > bMaxSize) > >> >> > { > >> >> > string strEncrypt = string.Empty; > >> >> > try > >> >> > { > >> >> > //Variable Telling if Crypto or Managed object is > >> >> > selected > >> >> > MemoryStream memStream = new MemoryStream(); > >> >> > > >> >> > CryptoStream cryptStream; > >> >> > UnicodeEncoding byteConvert = new UnicodeEncoding(); > >> >> > byte[] byteData = byteConvert.GetBytes(strData); > >> >> > > >> >> > byte[] encryptedData = { }; > >> >> > > >> >> > > >> >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) > >> >> > { > >> >> > this.CreateDESCrypto(); > >> >> > if (des != null) > >> >> > { > >> >> > //Generate Cryptographic Key and saved it > >> >> > GenerateDESKey(des, keySize, bMaxSize); > >> >> > //Generate Cryptographic IV and saved it > >> >> > GenerateDESIV(des); > >> >> > > >> >> > transform = > >> >> > des.CreateEncryptor((byte[])Key.Clone(), > >> >> > (byte[])IV.Clone()); > >> >> > } > >> >> > } > >> >> > . . . . > >> >> > //Use the created algorithm object to encrypt data > >> >> > cryptStream = new CryptoStream(memStream, transform, > >> >> > CryptoStreamMode.Write); > >> >> > > >> >> > cryptStream.Write(byteData, 0, byteData.Length); > >> >> > cryptStream.FlushFinalBlock(); > >> >> > > >> >> > encryptedData = memStream.ToArray(); > >> >> > > >> >> > memStream.Close(); > >> >> > cryptStream.Close(); > >> >> > transform.Dispose(); > >> >> > > >> >> > //Call to dispose data > >> >> > this.DisposeActiveObjects(); > >> >> > //Convert encrypted bytes[] back to string > >> >> > strEncrypt = Convert.ToBase64String(encryptedData); > >> >> > > >> >> > } > >> >> > catch (Exception ex) > >> >> > { > >> >> > this.WriteAppendLogFile(", Encrypt() " + > >> >> > ex.ToString()); > >> >> > } > >> >> > return strEncrypt; > >> >> > } > >> >> > > >> >> > //Decrypting String Data passed as parameter and returns it > >> >> > public string Decrypt(string strEncrypt) > >> >> > { > >> >> > string strData = string.Empty; > >> >> > try > >> >> > { > >> >> > //Variable Telling if Crypto or Managed object is > >> >> > selected > >> >> > > >> >> > //Check if Key and IV is still has data > >> >> > if (Key == null || IV == null) > >> >> > { > >> >> > return "Cryptographic Key and IV cannot be > >> >> > null."; > >> >> > } > >> >> > MemoryStream memStream; > >> >> > CryptoStream cryptStream; > >> >> > byte[] encryptedData = > >> >> > Convert.FromBase64String(strEncrypt); > >> >> > byte[] decryptedData = new > >> >> > Byte[encryptedData.Length]; > >> >> > > >> >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) > >> >> > { > >> >> > this.CreateDESCrypto(); > >> >> > transform = des.CreateDecryptor((byte[]) > >> >> > Key.Clone(),(byte[])IV.Clone()); > >> >> > > >> >> > } > >> >> > ........ > >> >> > > >> >> > //Use the created algorithm object to encrypt data > >> >> > memStream = new MemoryStream(encryptedData); > >> >> > cryptStream = new CryptoStream(memStream, transform, > >> >> > CryptoStreamMode.Read); > >> >> > > >> >> > cryptStream.Read(decryptedData, 0, > >> >> > decryptedData.Length); > >> >> > > >> >> > memStream.Close(); > >> >> > cryptStream.Close(); > >> >> > transform.Dispose(); > >> >> > > >> >> > //Call to dispose data > >> >> > this.DisposeActiveObjects(); > >> >> > //Convert encrypted bytes[] back to string > >> >> > //strEncrypt = Convert.ToBase64String(decryptedData); > >> >> > strData = Encoding.ASCII.GetString(decryptedData); > >> >> > } > >> >> > catch (Exception ex) > >> >> > { > >> >> > this.WriteAppendLogFile(", Decrypt() " + > >> >> > ex.ToString()); > >> >> > } > >> >> > return strData; > >> >> > } > >> >> > [/code] > >> >> > > >> >> > den2005 > >> >> > > >> >> > > >> >> > > >> >> > > >> >> > -- > >> >> > MCP Year 2005, Philippines > >> >> > >> >> > >> >> > >> > >> > >> > > > Did you even try a simple search? You can get Enterprise Library from
www.gotdotnet.com and find out a lot about it from the MSDN patterns and practices portal. They also have numerous webcasts and such available. EL v1.1 supports .NET 1.x and EL v2.0 supports .NET 2.0. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- "den 2005" <den2***@discussions.microsoft.com> wrote in message news:C5A6E363-AA89-42B3-8898-2DF4917AA5CC@microsoft.com... > Thanks for the reply, Joe. > > Enterprose Library? Not familiar with this. Can you provide codes or links > that shows how to use this enterprise library you are referring in > complete > details? I found sample codes doing exactly what I want in ASP.Net 2.0, > but > I am using ASP.Net 1.0. > > Dennis > -- > MCP Year 2005, Philippines > > > "Joe Kaplan (MVP - ADSI)" wrote: > >> I always just use enterprise library for this type of thing and it just >> works, so I haven't struggled with this at all. What is the problem with >> what you are trying to do? >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> "den 2005" <den2***@discussions.microsoft.com> wrote in message >> news:D7F5D64B-5246-4CB5-8EAD-D4F24AAC1825@microsoft.com... >> > Thanks for info, Joe. Sorry it take time for me to reply...I am still >> > in >> > cryptography, but now using them on web.config, any idea, I like to >> > encrypt >> > them when it is not being used, decrypt them when connecting to >> > database. >> > >> > Dennis >> > >> > -- >> > MCP Year 2005, Philippines >> > >> > >> > "Joe Kaplan (MVP - ADSI)" wrote: >> > >> >> The thing to know when you are encrypting string data (as opposed to >> >> arbitrary binary data) is that if you have a .NET string object, that >> >> it >> >> Unicode. There isn't really much reason to encrypt a .NET string with >> >> anything other than a Unicode encoding like UTF8 or Unicode. That >> >> will >> >> cover all possible characters. You always decode with the same >> >> encoding >> >> you >> >> encoded with if you want to get back the same string. >> >> >> >> If you have arbitrary data, then just pass in the binary data >> >> directly. >> >> >> >> Regarding block ciphers (which is what you are talking about), they >> >> work >> >> by >> >> processing a fixed number of bytes of data at a time. They keep >> >> moving >> >> through the data X bytes at a time, encypting each block as they go. >> >> If >> >> they reach the end of the data and it isn't long enough to fill a >> >> whole >> >> block, then padding is added to make the length match the block size. >> >> The >> >> padding is generally stripped off when the data is decrypted. >> >> >> >> Joe K. >> >> >> >> -- >> >> Joe Kaplan-MS MVP Directory Services Programming >> >> Co-author of "The .NET Developer's Guide to Directory Services >> >> Programming" >> >> http://www.directoryprogramming.net >> >> -- >> >> "den 2005" <den2***@discussions.microsoft.com> wrote in message >> >> news:DE9A3290-447A-4309-A9E6-97F36AA301F1@microsoft.com... >> >> > Thanks for the reply, Joe. >> >> > Thanks for idea...I would try different approach in converting >> >> > bytes[] >> >> > to >> >> > string using ASCII, UTF32, Unicode, UTF7, UTF8 to know which of them >> >> > applies >> >> > to all possible keys of text (?$%~`&^*(|\]'"). After I did this, I >> >> > try >> >> > using >> >> > Hashing in encrypt/decrypt text. I just started learning >> >> > cryptography. >> >> > What >> >> > is exactly Padding does to encryption/decryption process? The >> >> > encrypted >> >> > text >> >> > has 40 bits so it will add to fill it up to 64 bits, how about if >> >> > encrypted >> >> > data goes over 64 bits, what happen when you decrypt the encrypted >> >> > data? >> >> > >> >> > Dennis >> >> > >> >> > >> >> > -- >> >> > MCP Year 2005, Philippines >> >> > >> >> > >> >> > "Joe Kaplan (MVP - ADSI)" wrote: >> >> > >> >> >> Why do you encode with Unicode and convert back to string with >> >> >> ASCII? >> >> >> That >> >> >> makes no sense. You have to use the same encoding to go >> >> >> string->binary->string. Why not also just use UTF8 for both? >> >> >> >> >> >> Joe K. >> >> >> >> >> >> -- >> >> >> Joe Kaplan-MS MVP Directory Services Programming >> >> >> Co-author of "The .NET Developer's Guide to Directory Services >> >> >> Programming" >> >> >> http://www.directoryprogramming.net >> >> >> -- >> >> >> "den 2005" <den2***@discussions.microsoft.com> wrote in message >> >> >> news:28E79C33-C926-4C12-B79D-014381297C75@microsoft.com... >> >> >> > Hi everybody, >> >> >> > >> >> >> > I am not sure where to put this in this forum. So, I posted >> >> >> > this >> >> >> > at >> >> >> > several topics. I created a class library that has two public >> >> >> > methods >> >> >> > Encrypt() and Decrypt(). I reference this dll to a window >> >> >> > application. >> >> >> > I >> >> >> > used >> >> >> > DESCryptoServiceProvider Algorithm to encrypt and decrypt then >> >> >> > with >> >> >> > same >> >> >> > Key >> >> >> > and IV. But unable to decrypt it back to original text. This >> >> >> > project >> >> >> > I >> >> >> > plan >> >> >> > to use all algorithm and Hash. This is Phase One. There is no >> >> >> > problem >> >> >> > ingenerating the Key and IV and at both encrypt and decrypt they >> >> >> > are >> >> >> > the >> >> >> > same. Can anyone spot the mistake and know how to correct this? >> >> >> > Thanks. >> >> >> > >> >> >> > [code] >> >> >> > >> >> >> > //Generate a Key >> >> >> > private static void >> >> >> > GenerateDESKey(DESCryptoServiceProvider >> >> >> > desProv,int keySize,bool maxKeySize) >> >> >> > { >> >> >> > if (Key == null) >> >> >> > { >> >> >> > if (keySize != 0) >> >> >> > desProv.KeySize = keySize; >> >> >> > else >> >> >> > { >> >> >> > KeySizes[] keySizeSets = >> >> >> > desProv.LegalKeySizes; >> >> >> > int len = keySizeSets.Length; >> >> >> > >> >> >> > for (int x = 0; x < len; x++) >> >> >> > { >> >> >> > if (maxKeySize) >> >> >> > keySize = keySizeSets[0].MaxSize; >> >> >> > else >> >> >> > keySize = keySizeSets[0].MinSize; >> >> >> > } >> >> >> > } >> >> >> > desProv.KeySize = keySize; >> >> >> > desProv.GenerateKey(); >> >> >> > Key = desProv.Key; >> >> >> > } >> >> >> > } >> >> >> > >> >> >> > //Generate a IV >> >> >> > private static void GenerateDESIV(DESCryptoServiceProvider >> >> >> > desProv) >> >> >> > { >> >> >> > if (IV == null) >> >> >> > { >> >> >> > desProv.GenerateIV(); >> >> >> > IV = desProv.IV; >> >> >> > } >> >> >> > } >> >> >> > >> >> >> > //Encrypting String Data passed as parameter and returns it >> >> >> > public string Encrypt(string strData,int keySize, bool >> >> >> > bMaxSize) >> >> >> > { >> >> >> > string strEncrypt = string.Empty; >> >> >> > try >> >> >> > { >> >> >> > //Variable Telling if Crypto or Managed object is >> >> >> > selected >> >> >> > MemoryStream memStream = new MemoryStream(); >> >> >> > >> >> >> > CryptoStream cryptStream; >> >> >> > UnicodeEncoding byteConvert = new >> >> >> > UnicodeEncoding(); >> >> >> > byte[] byteData = byteConvert.GetBytes(strData); >> >> >> > >> >> >> > byte[] encryptedData = { }; >> >> >> > >> >> >> > >> >> >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) >> >> >> > { >> >> >> > this.CreateDESCrypto(); >> >> >> > if (des != null) >> >> >> > { >> >> >> > //Generate Cryptographic Key and saved it >> >> >> > GenerateDESKey(des, keySize, bMaxSize); >> >> >> > //Generate Cryptographic IV and saved it >> >> >> > GenerateDESIV(des); >> >> >> > >> >> >> > transform = >> >> >> > des.CreateEncryptor((byte[])Key.Clone(), >> >> >> > (byte[])IV.Clone()); >> >> >> > } >> >> >> > } >> >> >> > . . . . >> >> >> > //Use the created algorithm object to encrypt data >> >> >> > cryptStream = new CryptoStream(memStream, >> >> >> > transform, >> >> >> > CryptoStreamMode.Write); >> >> >> > >> >> >> > cryptStream.Write(byteData, 0, byteData.Length); >> >> >> > cryptStream.FlushFinalBlock(); >> >> >> > >> >> >> > encryptedData = memStream.ToArray(); >> >> >> > >> >> >> > memStream.Close(); >> >> >> > cryptStream.Close(); >> >> >> > transform.Dispose(); >> >> >> > >> >> >> > //Call to dispose data >> >> >> > this.DisposeActiveObjects(); >> >> >> > //Convert encrypted bytes[] back to string >> >> >> > strEncrypt = >> >> >> > Convert.ToBase64String(encryptedData); >> >> >> > >> >> >> > } >> >> >> > catch (Exception ex) >> >> >> > { >> >> >> > this.WriteAppendLogFile(", Encrypt() " + >> >> >> > ex.ToString()); >> >> >> > } >> >> >> > return strEncrypt; >> >> >> > } >> >> >> > >> >> >> > //Decrypting String Data passed as parameter and returns >> >> >> > it >> >> >> > public string Decrypt(string strEncrypt) >> >> >> > { >> >> >> > string strData = string.Empty; >> >> >> > try >> >> >> > { >> >> >> > //Variable Telling if Crypto or Managed object is >> >> >> > selected >> >> >> > >> >> >> > //Check if Key and IV is still has data >> >> >> > if (Key == null || IV == null) >> >> >> > { >> >> >> > return "Cryptographic Key and IV cannot be >> >> >> > null."; >> >> >> > } >> >> >> > MemoryStream memStream; >> >> >> > CryptoStream cryptStream; >> >> >> > byte[] encryptedData = >> >> >> > Convert.FromBase64String(strEncrypt); >> >> >> > byte[] decryptedData = new >> >> >> > Byte[encryptedData.Length]; >> >> >> > >> >> >> > if (this.CRYPTOCLASS == Algorithm.DES.ToString()) >> >> >> > { >> >> >> > this.CreateDESCrypto(); >> >> >> > transform = des.CreateDecryptor((byte[]) >> >> >> > Key.Clone(),(byte[])IV.Clone()); >> >> >> > >> >> >> > } >> >> >> > ........ >> >> >> > >> >> >> > //Use the created algorithm object to encrypt data >> >> >> > memStream = new MemoryStream(encryptedData); >> >> >> > cryptStream = new CryptoStream(memStream, >> >> >> > transform, >> >> >> > CryptoStreamMode.Read); >> >> >> > >> >> >> > cryptStream.Read(decryptedData, 0, >> >> >> > decryptedData.Length); >> >> >> > >> >> >> > memStream.Close(); >> >> >> > cryptStream.Close(); >> >> >> > transform.Dispose(); >> >> >> > >> >> >> > //Call to dispose data >> >> >> > this.DisposeActiveObjects(); >> >> >> > //Convert encrypted bytes[] back to string >> >> >> > //strEncrypt = >> >> >> > Convert.ToBase64String(decryptedData); >> >> >> > strData = Encoding.ASCII.GetString(decryptedData); >> >> >> > } >> >> >> > catch (Exception ex) >> >> >> > { >> >> >> > this.WriteAppendLogFile(", Decrypt() " + >> >> >> > ex.ToString()); >> >> >> > } >> >> >> > return strData; >> >> >> > } >> >> >> > [/code] >> >> >> > >> >> >> > den2005 >> >> >> > >> >> >> > >> >> >> > >> >> >> > >> >> >> > -- >> >> >> > MCP Year 2005, Philippines >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> 
Other interesting topics
Help encrypt conn string - no ASP, no server, can't protect keys, can't use Windows Authentication
Non Administrator creating shares on a DC SMIME Decryption How to ByPass Protected Storage Prompt Getting the Access Permissions for a specific SID on a File / folder random passwords Security problems Native RC4 code System.Text.Encoding help ???? PROTECT FROM DECOMPILERS |
|||||||||||||||||||||||
