Dotnetnuke Password Encryption

Discussion in 'ASP .Net Security' started by sanchita, Apr 5, 2007.

  1. sanchita

    sanchita Guest

    Hi all,

    I wasn't sure where to post this. Let me know if you know where exactly to
    post it. I'm using DNN 2.4 and till now I wasnt encrypting my passwords but
    now I want to so I just changed the value of the "Encryption Key" column in
    the "HostSettings" table to RSA. But how do I modify my code such that I can
    send in encrypted passwords to my SQL server. I tried an algo for RSA which
    went like this -

    static byte[] Encrypt (RSA rsa, byte[] input)
    {
    // by default this will create a 128 bits AES (Rijndael) object
    SymmetricAlgorithm sa = SymmetricAlgorithm.Create ();
    ICryptoTransform ct = sa.CreateEncryptor ();
    byte[] encrypt = ct.TransformFinalBlock (input, 0, input.Length);

    RSAPKCS1KeyExchangeFormatter fmt = new RSAPKCS1KeyExchangeFormatter
    (rsa);
    byte[] keyex = fmt.CreateKeyExchange (sa.Key);

    // return the key exchange, the IV (public) and encrypted data
    byte[] result = new byte [keyex.Length + sa.IV.Length +
    encrypt.Length];
    Buffer.BlockCopy (keyex, 0, result, 0, keyex.Length);
    Buffer.BlockCopy (sa.IV, 0, result, keyex.Length, sa.IV.Length);
    Buffer.BlockCopy (encrypt, 0, result, keyex.Length + sa.IV.Length,
    encrypt.Length);
    return result;
    }

    static byte[] Decrypt (RSA rsa, byte[] input)
    {
    // by default this will create a 128 bits AES (Rijndael) object
    SymmetricAlgorithm sa = SymmetricAlgorithm.Create ();

    byte[] keyex = new byte [rsa.KeySize >> 3];
    Buffer.BlockCopy (input, 0, keyex, 0, keyex.Length);

    RSAPKCS1KeyExchangeDeformatter def = new RSAPKCS1KeyExchangeDeformatter
    (rsa);
    byte[] key = def.DecryptKeyExchange (keyex);

    byte[] iv = new byte [sa.IV.Length];
    Buffer.BlockCopy (input, keyex.Length, iv, 0, iv.Length);

    ICryptoTransform ct = sa.CreateDecryptor (key, iv);
    byte[] decrypt = ct.TransformFinalBlock (input, keyex.Length +
    iv.Length, input.Length - (keyex.Length + iv.Length));
    return decrypt;
    }

    Please guide me regarding this. Any other 2 -way encryption also welcome..

    Thanks,
    Sanchita
    sanchita, Apr 5, 2007
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Bart Schelkens

    Password encryption

    Bart Schelkens, Aug 18, 2004, in forum: ASP .Net
    Replies:
    2
    Views:
    394
    Bart Schelkens
    Aug 18, 2004
  2. KatMagic

    Strong Password encryption program?

    KatMagic, Apr 21, 2006, in forum: ASP .Net
    Replies:
    2
    Views:
    1,234
    =?Utf-8?B?YnJpYW5zW01DU0Rd?=
    Apr 21, 2006
  3. =?Utf-8?B?YW5vb3A=?=
    Replies:
    0
    Views:
    428
    =?Utf-8?B?YW5vb3A=?=
    Mar 19, 2007
  4. AAaron123
    Replies:
    2
    Views:
    2,148
    AAaron123
    Jan 16, 2009
  5. AAaron123
    Replies:
    1
    Views:
    1,333
    Oriane
    Jan 16, 2009
Loading...

Share This Page