Crypto Question

G

Guest

I have been playing around with encrypting passwords using a class found in a
MS KB (see farther down). It seems to work great so long as the original
password is comprised of characters on the keyboard. However, if the
password is mixed with characters in both ASCII code set 0-127 and 128-255, I
run into a problem. Users can set a password using keyboard characters and
by holding ALT and typing in the decimal value for the non-keyboard
characters. The password is encrypted, but when decrypted, it doesn't match
the original. I'm not sure if the problem is in the encrypting or decrypting
or both.

I would GREATLY appreciate it if someone could review the code below and
discover my problem....

Thanks,
Mark
====================================================
Imports System.Security.Cryptography
Public Class Crypto

' TAKEN FROM MS KB Q317535

Public Shared Function EncryptTripleDES(ByVal sIn As String, ByVal sKey
As String) As String
Dim DES As New
System.Security.Cryptography.TripleDESCryptoServiceProvider()
Dim hashMD5 As New
System.Security.Cryptography.MD5CryptoServiceProvider()

' scramble the key
sKey = ScrambleKey(sKey)
' Compute the MD5 hash.
DES.Key =
hashMD5.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(sKey))
' Set the cipher mode.
DES.Mode = System.Security.Cryptography.CipherMode.ECB
' Create the encryptor.
Dim DESEncrypt As System.Security.Cryptography.ICryptoTransform =
DES.CreateEncryptor()
' Get a byte array of the string.
Dim Buffer As Byte() = System.Text.ASCIIEncoding.ASCII.GetBytes(sIn)
' Transform and return the string.
Return Convert.ToBase64String(DESEncrypt.TransformFinalBlock(Buffer,
0, Buffer.Length))
End Function

Public Shared Function DecryptTripleDES(ByVal sOut As String, ByVal sKey
As String) As String
Dim DES As New
System.Security.Cryptography.TripleDESCryptoServiceProvider()
Dim hashMD5 As New
System.Security.Cryptography.MD5CryptoServiceProvider()


' scramble the key
sKey = ScrambleKey(sKey)
' Compute the MD5 hash.
DES.Key =
hashMD5.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(sKey))
' Set the cipher mode.
DES.Mode = System.Security.Cryptography.CipherMode.ECB
' Create the decryptor.
Dim DESDecrypt As System.Security.Cryptography.ICryptoTransform =
DES.CreateDecryptor()
Dim Buffer As Byte() = Convert.FromBase64String(sOut)
' Transform and return the string.
Return
System.Text.ASCIIEncoding.ASCII.GetString(DESDecrypt.TransformFinalBlock(Buffer, 0, Buffer.Length))
End Function

Private Shared Function ScrambleKey(ByVal v_strKey As String) As String

Dim sbKey As New System.Text.StringBuilder
Dim intPtr As Integer
For intPtr = 1 To v_strKey.Length
Dim intIn As Integer = v_strKey.Length - intPtr + 1
sbKey.Append(Mid(v_strKey, intIn, 1))
Next

Dim strKey As String = sbKey.ToString

Return sbKey.ToString

End Function

End Class
 
T

Tom Shelton

Mark said:
I have been playing around with encrypting passwords using a class found in a
MS KB (see farther down). It seems to work great so long as the original
password is comprised of characters on the keyboard. However, if the
password is mixed with characters in both ASCII code set 0-127 and 128-255, I
run into a problem. Users can set a password using keyboard characters and
by holding ALT and typing in the decimal value for the non-keyboard
characters. The password is encrypted, but when decrypted, it doesn't match
the original. I'm not sure if the problem is in the encrypting or decrypting
or both.

I would GREATLY appreciate it if someone could review the code below and
discover my problem....

Thanks,
Mark
====================================================
Imports System.Security.Cryptography
Public Class Crypto

' TAKEN FROM MS KB Q317535

Public Shared Function EncryptTripleDES(ByVal sIn As String, ByVal sKey
As String) As String
Dim DES As New
System.Security.Cryptography.TripleDESCryptoServiceProvider()
Dim hashMD5 As New
System.Security.Cryptography.MD5CryptoServiceProvider()

' scramble the key
sKey = ScrambleKey(sKey)
' Compute the MD5 hash.
DES.Key =
hashMD5.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(sKey))
' Set the cipher mode.
DES.Mode = System.Security.Cryptography.CipherMode.ECB
' Create the encryptor.
Dim DESEncrypt As System.Security.Cryptography.ICryptoTransform =
DES.CreateEncryptor()
' Get a byte array of the string.
Dim Buffer As Byte() = System.Text.ASCIIEncoding.ASCII.GetBytes(sIn)
' Transform and return the string.
Return Convert.ToBase64String(DESEncrypt.TransformFinalBlock(Buffer,
0, Buffer.Length))
End Function

Public Shared Function DecryptTripleDES(ByVal sOut As String, ByVal sKey
As String) As String
Dim DES As New
System.Security.Cryptography.TripleDESCryptoServiceProvider()
Dim hashMD5 As New
System.Security.Cryptography.MD5CryptoServiceProvider()


' scramble the key
sKey = ScrambleKey(sKey)
' Compute the MD5 hash.
DES.Key =
hashMD5.ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(sKey))
' Set the cipher mode.
DES.Mode = System.Security.Cryptography.CipherMode.ECB
' Create the decryptor.
Dim DESDecrypt As System.Security.Cryptography.ICryptoTransform =
DES.CreateDecryptor()
Dim Buffer As Byte() = Convert.FromBase64String(sOut)
' Transform and return the string.
Return
System.Text.ASCIIEncoding.ASCII.GetString(DESDecrypt.TransformFinalBlock(Buffer, 0, Buffer.Length))
End Function

Private Shared Function ScrambleKey(ByVal v_strKey As String) As String

Dim sbKey As New System.Text.StringBuilder
Dim intPtr As Integer
For intPtr = 1 To v_strKey.Length
Dim intIn As Integer = v_strKey.Length - intPtr + 1
sbKey.Append(Mid(v_strKey, intIn, 1))
Next

Dim strKey As String = sbKey.ToString

Return sbKey.ToString

End Function

End Class

Mark... Well you are using the Encoding.ASCII class. That is going to
limit you to the 0-127 range, since that is what ASCII is defined as.
This is only a guess, but try using the Encoding.Default instead. That
should use the default code page - which will probably do what you
want.
 
G

Guest

Thanks! I'll give that a shot.

Mark

Tom Shelton said:
Mark... Well you are using the Encoding.ASCII class. That is going to
limit you to the 0-127 range, since that is what ASCII is defined as.
This is only a guess, but try using the Encoding.Default instead. That
should use the default code page - which will probably do what you
want.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top