Skip to main content

Encrypt/decrypt data in ASP.NET using Symmetric Algorithm


What is Hashing
Hashing is one-way algorithm, means once the data is hashed you can’t recovered it latter.

Hashing is a cryptographic function that is used to provide a secure fingerprint of data. A common usage you may have encountered is to check a file you have downloaded.

What is Encryption

If you want to secure your data, and latter you want to retrieve the original data. We used encryption because encryption is two-way processes. For encryption we requires following things


       Key:Key is a piece of information that is used as an input parameter in encryption. The output of encryption is determined by the key.


Types of Encryption


 There are two main types of encryption and decryption algorithms, symmetric and asymmetric.


 Symmetric:                                                                                                             In symmetric encryption we used same key for encryption and decryption( As the diagram shows the same key is used for encrypting and decrypting the message).DES, Triple DES, RC2 and AES or Rijndael are examples of symmetric algorithms


Asymmetric Encryption:


Asymmetric algorithms use a related key-pair to encrypt and decrypt data. One of the keys in the pair is typically called a public key while the other is called a private key. Data encrypted with a public key can only be decrypted with the private key, and vice-versa. PKI (public key infrastructure) is built based on asymmetric algorithm. RSA is a popular asymmetric algorithm.





What are the steps required for Encryption ?


Follow these steps to encrypt data symmetrically:
  1. Choose an algorithm.
  2. Create or retrieve a key.
  3. Generate the IV.
  4. Convert the clear text data to an array of bytes.
  5. Encrypt the clear text byte array.
  6. Store the encrypted data and the IV.

What are the steps required for Decryption?


Following are the steps required for decrypting the data.


  1. Choose the same algorithm that was used to encrypt the data.
  2. Retrieve the key that was used.
  3. Retrieve the IV that was used.
  4. Retrieve the encrypted data.
  5. Decrypt the data.
  6. Convert the decrypted data back to its original format.
Implementation 


 I am going to choose Triple DES algorithm for this demo.(Step#1)

 Let's first generate IV (initialization vector) and Key (Step #2).For this,create a separate console application and paste following code inside Main method





static void Main(string[] args)

        {

            DESCryptoServiceProvider des = new DESCryptoServiceProvider();

            des.GenerateIV();

            des.GenerateKey();

            Console.WriteLine("Key={0}",String.Join(",",des.Key));

            Console.WriteLine("IV={0}", String.Join(",", des.IV));

            

            

        }



Run the application and note down the value of IV and Key.

Create a new class named EncryptionManager and add following code



public class EncryptionManager
{
    private byte[] Key = {89,83,45,236,140,228,180,79,209,164,231,131,28,7,110,73,140,235,118,52,225,46,202,118
    };
    private byte[] IV = { 161, 200, 187, 207, 22, 92, 119, 227 };
    public string Encrypt(string inputString)
    {
        //Step #4
        byte[] buffer = Encoding.ASCII.GetBytes(inputString);

        TripleDESCryptoServiceProvider tripleDes = new TripleDESCryptoServiceProvider()
        {
            Key = Key,
            IV = IV
        };
        //Step #4,5,6
        ICryptoTransform ITransform = tripleDes.CreateEncryptor();
        return Convert.ToBase64String(ITransform.TransformFinalBlock(buffer, 0, buffer.Length));
    }
    public string Decrypt(string inputString)
    {
        byte[] buffer = Convert.FromBase64String(inputString);
        TripleDESCryptoServiceProvider tripleDes = new TripleDESCryptoServiceProvider()
        {
            Key = Key,
            IV = IV
        };
        ICryptoTransform ITransform = tripleDes.CreateDecryptor();
        return Encoding.ASCII.GetString(ITransform.TransformFinalBlock(buffer, 0, buffer.Length));
    }
}
How to use
Create a new webpage and add following code inside it


<%@ Page Language="C#" AutoEventWireup="true" CodeFile="EncryptDecrypt.aspx.cs" Inherits="EncryptDecrypt" %>

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head runat="server">
    <title></title>
</head>
<body>
    <form id="form1" runat="server">
    <table border="0" cellpadding="0" cellspacing="0">
        <tr>
            <td>
                <asp:TextBox ID="txtData" runat="server" TextMode="MultiLine"></asp:TextBox>
            </td>
            <td>
                <asp:TextBox runat="server" ID="txtEncrypt" TextMode="MultiLine"></asp:TextBox>
            </td>
            <td>
                <asp:TextBox runat="server" ID="txtDecrypt" TextMode="MultiLine"></asp:TextBox>
            </td>
        </tr>
        <tr>
            <td>
                <asp:Button ID="btnEncrypt" runat="server" OnClick="btnEncrypt_Click" Text="Encrypt" />
                <asp:Button ID="btnDecrypt" runat="server" Text="Decrypt" OnClick="btnDecrypt_Click" />
            </td>
        </tr>
    </table>
    </form>
</body>
</html>
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Security.Cryptography;
using System.Text;
using System.IO;

public partial class EncryptDecrypt : System.Web.UI.Page
{
    EncryptionManager manager = new EncryptionManager();
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void btnEncrypt_Click(object sender, EventArgs e)
    {

        txtEncrypt.Text = manager.Encrypt(txtData.Text);
    }
    protected void btnDecrypt_Click(object sender, EventArgs e)
    {

        txtDecrypt.Text = manager.Decrypt(txtEncrypt.Text);
    }
}






Labels:

Comments

Post a Comment

Popular posts from this blog

PNR Status by web Scraping Method (ASP.NET) C#

To Get the PNR Status by web Scraping Method Steps to Execute the Function Step 1 : Add the below method in your Form and Pass the PNR Number arguement public string GetPNRStatus( string sPNR) { string URI = "http://www.indianrail.gov.in/cgi_bin/inet_pnrstat_cgi.cgi" ; string Parameters = Uri .EscapeUriString( "lccp_pnrno1=" +sPNR+ "&amp;submitpnr=Get Status" ); System.Net. HttpWebRequest req = ( HttpWebRequest )System.Net. WebRequest .Create(URI); //HTTP POST Headers req.ContentType = "application/x-www-form-urlencoded" ; req.Host = "www.indianrail.gov.in" ; //You can use your own user-agent. req.UserAgent = "Mozilla/5.0 (compatible; MSIE 7.0; Windows Phone OS 7.5; Trident/5.0; IEMobile/9.0) DELL;Venue Pro" ; req.Headers.Add( HttpRequestHeader .AcceptLanguage, "en-us,en;q=0.5" ); req.Headers.Add( HttpRequestHeader .AcceptCharset, "ISO-8859-1,utf-8;q=...
20 comments
Read more

SonarQube Configuration For .NET Core Web API

When multiple developers are working on the same project, it's good to have a code review. SonarQube is a tool through which we can evaluate our code. Here, for demo purposes, we are going to evaluate the web API which is built on .NET Core. Let's see step by step implementation. In order to run SonarQube, we need to install JAVA in our local system.   Refer to the below link to download JAVA installer and install JAVA. https://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html Configure the 'PATH' system variable under environment variables Go to Control Panel > System > Advanced System Settings, it will open the System Properties window. Click on the "Environment Variables" button. Click on the "View" button under User Variables. Give the variable name as 'JAVA_HOME'. The variable value will be your JDK path where you installed JAVA. Select path variable under system variable and click o...
Post a Comment
Read more

Automate Git Commands Across Repos Using Batch Scripts

  Writing Scripts to Apply Commands Across Repositories I store all of my local repositories in a particular directory. I wrote these scripts to automate one or more git commands to run on each repository within that directory. It could also be used to do a general clean-up before committing anything to your repository. Here are two ways to do it. Method 1: Use this when you want to store commands in a single file to be executed in sequence for every repo in your directory. 1 @echo off 2 ​ 3 for /d %%i in (%cd%\*) do ( 4 echo ************************************************************************* 5 ​ 6 echo "%%i" 7 cd "%%i" 8 ​ 9 echo ----------------------------------------- 10 echo status 11 git status 12 echo ----------------------------------------- 13 ​ 14 echo ************************************************************************* 15 ) 16 ​ 17 cd .. 18 ​ The script is simple: It’s composed of a single for loop. W...
Post a Comment
Read more