Application level encryption and decryption is needed for certain cases when security is applied. It can simply be user credentials or even may be user specific data. Anyway, it is a good way or using a unique encryption and decryption method across the application.
Cryptography is widely used by almost all the developers and it is not that hard to have a common EncryptionUtility for your own application. Look at the sample class below;
Because the methods are defined as static, you can use it as below;
Copy this code and try once. :)
Cryptography is widely used by almost all the developers and it is not that hard to have a common EncryptionUtility for your own application. Look at the sample class below;
public class EncryptionUtility
{
static readonly string PasswordHash = "Z!R3cVwPa_b7^5TZ!_rE";
static readonly string SaltKey = "&7fHXcc2^$8x@AwrdC$c";
static readonly string VIKey = "6=ZvwA##4Ms3*yV2D&6$";
//Encryption method
public static string Encrypt(string plainText)
{
try
{
byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);
byte[] keyBytes = new Rfc2898DeriveBytes(PasswordHash, Encoding.ASCII.GetBytes(SaltKey)).GetBytes(256 / 8);
var symmetricKey = new RijndaelManaged() { Mode = CipherMode.CBC, Padding = PaddingMode.Zeros };
var encryptor = symmetricKey.CreateEncryptor(keyBytes, Encoding.ASCII.GetBytes(VIKey));
byte[] cipherTextBytes;
using (var memoryStream = new MemoryStream())
{
using (var cryptoStream = new CryptoStream(memoryStream, encryptor, CryptoStreamMode.Write))
{
cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);
cryptoStream.FlushFinalBlock();
cipherTextBytes = memoryStream.ToArray();
cryptoStream.Close();
}
memoryStream.Close();
}
return Convert.ToBase64String(cipherTextBytes);
}
catch (Exception)
{
//You can use your own error handling method. In this case, the text is returned.
return plainText;
}
}
//Decryption method
public static string Decrypt(string encryptedText)
{
try
{
byte[] cipherTextBytes = Convert.FromBase64String(encryptedText);
byte[] keyBytes = new Rfc2898DeriveBytes(PasswordHash, Encoding.ASCII.GetBytes(SaltKey)).GetBytes(256 / 8);
var symmetricKey = new RijndaelManaged() { Mode = CipherMode.CBC, Padding = PaddingMode.None };
var decryptor = symmetricKey.CreateDecryptor(keyBytes, Encoding.ASCII.GetBytes(VIKey));
var memoryStream = new MemoryStream(cipherTextBytes);
var cryptoStream = new CryptoStream(memoryStream, decryptor, CryptoStreamMode.Read);
byte[] plainTextBytes = new byte[cipherTextBytes.Length];
int decryptedByteCount = cryptoStream.Read(plainTextBytes, 0, plainTextBytes.Length);
memoryStream.Close();
cryptoStream.Close();
return Encoding.UTF8.GetString(plainTextBytes, 0, decryptedByteCount).TrimEnd("\0".ToCharArray());
}
catch (Exception)
{
return encryptedText;
}
}
//Method to see a given text is encrypted or not.
public static bool IsEncrypted(string text)
{
if (text.Equals(Decrypt(text)))
return false;
else
return true;
}
}
Because the methods are defined as static, you can use it as below;
EncryptionUtility.Encrypt(username)
Copy this code and try once. :)
No comments:
Post a Comment