utf-8 Optimized Encryption and Decryption in .Net

we know that in our applications, both web and desktop we need to use encrypting and decrypting functionalities. but problem is how strong your encryption is. and how you are going to manage url  encode and  url decode against encrypted content. 

if you are passing encrypted content as url parameters you must be aware that receiver’s end receive the correct content you intend to send. tric is to use utf-8 encoding at both ends.

first we will look in to the encrypt and decrypt functions..


using System.Security.Cryptography;
 public  class CryptoManager
 {
  public static string Encrypt(string data)
  {
    string passPhrase = "@#$%$_LongPassPhrase_#$%";
    string saltValue = "sALtValue";
    string hashAlgorithm = "SHA1";
    int passwordIterations = 7;
    string initVector = "~1B2c3D4e5F6g7H8";
    int keySize = 256;

    byte[] bytes = Encoding.ASCII.GetBytes(initVector);
    byte[] rgbSalt = Encoding.ASCII.GetBytes(saltValue);
    byte[] buffer = Encoding.UTF8.GetBytes(data);
    byte[] rgbKey = new PasswordDeriveBytes(passPhrase, rgbSalt, hashAlgorithm, passwordIterations).GetBytes(keySize / 8);
    RijndaelManaged managed = new RijndaelManaged();
    managed.Mode = CipherMode.CBC;
    ICryptoTransform transform = managed.CreateEncryptor(rgbKey, bytes);
    MemoryStream stream = new MemoryStream();
    CryptoStream stream2 = new CryptoStream(stream, transform, CryptoStreamMode.Write);
    stream2.Write(buffer, 0, buffer.Length);
    stream2.FlushFinalBlock();
    byte[] inArray = stream.ToArray();
    stream.Close();
    stream2.Close();
    stream.Dispose();
    stream2.Dispose();
    return Convert.ToBase64String(inArray);
  }

  public static string Decrypt(string data)
  {
   string passPhrase = "@#$%$_LongPassPhrase_#$%";
   string saltValue = "sALtValue";
   string hashAlgorithm = "SHA1";
   int passwordIterations = 7;
   string initVector = "~1B2c3D4e5F6g7H8";
   int keySize = 256;

   byte[] bytes = Encoding.ASCII.GetBytes(initVector);
   byte[] rgbSalt = Encoding.ASCII.GetBytes(saltValue);
   byte[] buffer = Convert.FromBase64String(data);
   byte[] rgbKey = new PasswordDeriveBytes(passPhrase, rgbSalt, hashAlgorithm, passwordIterations).GetBytes(keySize / 8);
   RijndaelManaged managed = new RijndaelManaged();
   managed.Mode = CipherMode.CBC;
   ICryptoTransform transform = managed.CreateDecryptor(rgbKey, bytes);
   MemoryStream stream = new MemoryStream(buffer);
   CryptoStream stream2 = new CryptoStream(stream, transform, CryptoStreamMode.Read);
   byte[] buffer5 = new byte[buffer.Length];
   int count = stream2.Read(buffer5, 0, buffer5.Length);
   stream.Close();
   stream2.Close();
   stream.Dispose();
   stream2.Dispose();
   return Encoding.UTF8.GetString(buffer5, 0, count);
  }
}

Now we’ll look how we are going to use them.

In Desktop applications 
Encrypting

  string dataString = "Some thing you want to Encrypt";
  string encryptedDataString = CryptoManager.Encrypt(dataString);
  // your code go here

Decrypting

string content = "Some Encrypted Content";
string decryptedContent = CryptoManager.Decrypt(content);
// now you have decrypted content.

In Web Applications 
Encrypting

  string dataString = "Some thing you want to Encrypt";
  string encryptedDataString = CryptoManager.Encrypt(dataString);
  string urlStr = "http://www.yourdomain.com/yourPage.aspx?content=" + HttpUtility.UrlEncode(encryptedDataString);
  // now urlStr having utf-8 encoded url ready to be sent over a email.. or something like confirmation link..

Decrypting


// reading the encrypted content from url parameters ( parameter is "content")
string content = Request.QueryString["content"];
//Decode Url parameters
content=  HttpUtility.UrlDecode(content).ToString();
string decryptedContent = CryptoManager.Decrypt(content);
// now we have clean utf-8 content sent over url parameters.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s