Hi All,
I am trying also to do the encrypt-decrypt processes separately.
I knew that for symmetric encryption, I only have 2 class algorithms:
Either RijndaelManaged or TripleDES
I tried the RijndaelManaged class, and everything was OK except a very
strange sticky error.
Length of the data to decrypt is invalid
Line 70: cs.Read(fromEncrypted, 0, fromEncrypted.Length);
My Code:
--------------------------------------------------
using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.IO;
using System.Text;
using System.Security.Cryptography;
public class MyEncryption : System.Web.UI.Page
{
public MyEncryption()
{
}
public static string Encrypt(string original)
{
byte[] encrypted;
byte[] toEncrypt;
byte[] key;
byte[] IV;
ASCIIEncoding textConverter = new ASCIIEncoding();
toEncrypt = textConverter.GetBytes(original);
RijndaelManaged myRijndael = new RijndaelManaged();
myRijndael.GenerateKey();
myRijndael.GenerateIV();
key = myRijndael.Key;
IV = myRijndael.IV;
MyEncryption me = new MyEncryption();
me.SetVariables(key, IV);
MemoryStream ms = new MemoryStream();
ICryptoTransform encryptor = myRijndael.CreateEncryptor(key,IV);
CryptoStream cs = new CryptoStream(ms, encryptor,CryptoStreamMode.Write);
cs.Write(toEncrypt, 0, toEncrypt.Length);
cs.FlushFinalBlock();
encrypted = ms.ToArray();
string final = Convert.ToBase64String(encrypted);
return final;
}
public static string Decrypt(string encryptedString)
{
byte[] key;
byte[] IV;
byte[] encrypted;
byte[] fromEncrypted;
MyEncryption me = new MyEncryption();
me.GetVariables(out key, out IV);
ASCIIEncoding textConverter = new ASCIIEncoding();
encrypted = textConverter.GetBytes(encryptedString);
fromEncrypted = new byte[encrypted.Length];
MemoryStream ms = new MemoryStream(encrypted);
RijndaelManaged myRijndael = new RijndaelManaged();
ICryptoTransform decryptor = myRijndael.CreateDecryptor(key,IV);
CryptoStream cs = new CryptoStream(ms, decryptor,CryptoStreamMode.Read);
cs.Read(fromEncrypted, 0, fromEncrypted.Length);
string decryptedString = Convert.ToBase64String(fromEncrypted);
return decryptedString;
}
private void SetVariables(byte[] key, byte[] IV)
{
Session["key"] = key;
Session["IV"] = IV;
}
private void GetVariables(out byte[] key, out byte[] IV)
{
key = (byte[])Session["key"];
IV = (byte[])Session["IV"];
}
}
-------------------------------------------------------------------------
Jim Andersen said:
"Dominick Baier [DevelopMentor]" <
[email protected]>
skrev i en meddelelse
yes - exactly.
the DPAPI machine key is uniqe for every machine. I would not use DPAPI
in this scenario. If you want to encrypt the data use the normal
symmetric/asymmetric algorithm that allow you to specify a key.
I thought I was doing that, and storing the key in DPAPI ?
I am already specifying one more key (or salt or whatever its called) as
it suggests in the example in step 5.
----
// Could pass random value (stored by the application) for added
// security when using DPAPI with the machine store.
----
What do you mean by "the normal symmetric/asymmetric algorithm", and where
do I store the key, and isn't that a less secure storing area than the
machine-store ?
thx
/jim