9

Cryptography Helper

by Alexandru Lungu 18. December 2010 18:29

 

Contains more than 50 extensions to Stream, byte[] and string that helps to encrypt/decrypt using symmetric and asymmetric algorithms and to compute hashes.

Most usual situation is when in the entire application you use the same algorithm and password to encrypt/decrypt or the same hashing algorithm and the same salt. In that case just set the DefaultSymmetricCryptoServiceProvider (any crypto service provider derived from SymmetricAlgorithm), DefaultRsaCryptoServiceProvider, DefaultHashSalt of the CryptoHelper class and this will be used when you use the extension methods without specifying the algorithm/salt/ password, etc like this:

encrypted = data.Encrypt();
decrypted = encrypted.Decrypt();

Otherwise you can use it like this:

string key = RandomPassword.Generate(32);
encrypted = data.Encrypt(key);
decrypted = encrypted.Decrypt(key);

Or like this:

string key = RandomPassword.Generate(32);
AesCryptoServiceProvider service = new AesCryptoServiceProvider();
service.KeySize = 256;
service.Key = Encoding.UTF8.GetBytes(key);

encrypted = data.Encrypt(service);
decrypted = encrypted.Decrypt(service);

data, encrypted, decrypted can be string/byte[]/stream.

Similar for RSA (but using RsaEncrypt/RsaDecrypt).

Protect/Unprotect uses current user credential to encrypt/decrypt so decryption won’t work outside the user context that did the encryption.

And for hash:

hash = data.ComputeHash(HashType.SHA512, "MySalt");

Everything should be strait forward to use it; you have also a good documentation.


ALungu.Security.dll (13.50 kb)
ALungu.Security.chm (217.15 kb)
ALungu.Security.zip (source code) (161.53 kb)

Tags: , , ,

Programming

Comments (9) -

Mihai T
Mihai T Romania
12/21/2010 1:57:04 AM #

Maybe now, when you can just call Encrypt or ComputeHash people will stop sending to the database passwords in clear; you wouldn't believe how much people does that

allex
allex Romania
12/21/2010 4:12:18 AM #

Actually, I do believe that; I had control over some servers with hundreds of sites and I was stunned about how many have passwords in clear (in fact, I was first stunned by the guy - to which I was a complete stranger - who gave me the user and password to access these servers - maybe I'll post this story later)

allex
allex Romania
12/23/2010 12:23:25 AM #

Did you find a situation where you need to use RSA for a stream?
Because the length of the source stream must be extremely low - for example, with the 2048 bit encryption a maximum of 256 bytes can be encrypted.

Tim Jindar
Tim Jindar United Kingdom
12/23/2010 5:15:45 AM #

Why Stream doesn't have a RsaEncrypt?

Tim Jindar
Tim Jindar United Kingdom
12/23/2010 3:56:14 PM #

No, but for symmetry.

Tim Jindar
Tim Jindar United Kingdom
12/23/2010 3:58:36 PM #

And I don't like my icon; can you change it?

allex
allex Romania
12/23/2010 4:01:39 PM #

Tim, I cannot change the icon - it is automatically generated by gravatar.com based on your email.
You can change it yourself by making an account on gravatar.com

allex
allex Romania
12/23/2010 11:38:48 PM #

And Tim, since it was very easy, I added RsaEncrypt/RsaDecrypt to Stream for symmetry.

russell
russell United Kingdom
5/30/2012 7:02:08 PM #

Did you update this as the Alung.security.dll used in the wcf codeproject appears to be different.

Would just prefer the source to the DLL you used in the codeproject, to be safe Smile

Brilliant wcf article anyway, really clear.
Cheers
Russell

Add comment




  Country flag
biuquote
  • Comment
  • Preview
Loading


Powered by BlogEngine.NET 2.0.0.36
Original Design by Laptop Geek, Adapted by onesoft