simple encryption

[Guest]

Hi
I'm looking for some .net example code on encryption: I don't want anything fancy, no complex third party components with sophisticated algorithms, explanations of principle, or "public/private key" confusion (which seems to be all google can come up with) - I just want a SIMPLE example of how I can encrypt a string and then get back the SAME STRING. I found an example on MSDN which involves compiling a DLL then using it in a test form, but about 1 in 5 times it throws an exception, this isn't good enough for me - I just need it to be simple. It doesn't need to be state of the art defence against hardened crackers, mainly just so it can't be read from glancing at it - not much more. But must be SIMPLE and ALWAYS GIVE THE SAME THING BACK.

Anyone?

 

[Jon Skeet [C# MVP]]

I'm looking for some .net example code on encryption: I don't want
anything fancy, no complex third party components with sophisticated
algorithms, explanations of principle, or "public/private key"
confusion (which seems to be all google can come up with) - I just
want a SIMPLE example of how I can encrypt a string and then get back
the SAME STRING. I found an example on MSDN which involves compiling
a DLL then using it in a test form, but about 1 in 5 times it
throwsan exception, this isn't good enough for me - I just need it to
be simple. It doesn't need to be state of the art defence against hardened
crackers, mainly just so it can't be read from glancing at it - not
much more. But must be SIMPLE and ALWAYS GIVE THE SAME THING BACK.

The docs for CryptoStream give a simple example of encrypting a byte
array. To use strings instead, just use Encoding.UTF8.GetBytes to
transform the string into a byte array, and Encoding.UTF8.GetString to
transform it back after decrypting.

 

[Guest]

Cheers for the very quick response.

But why UTF8?

And any link to this example in the docs?

 

[Jon Skeet [C# MVP]]

Cheers for the very quick response.

But why UTF8?

It's a lossless encoding which is compact for ASCII. If you're using a
lot of non-ASCII, it would make sense to use Encoding.Unicode instead.

And any link to this example in the docs?

What, to using Encoding.UTF8? Not that I know of. Encryption
fundamentally acts on binary data, and the conversion between binary
data and text data is quite distinct from encryption itself.

 

[Guest]

Link to the CryptoStream Example (MSDN):

http://msdn.microsoft.com/library/d...ecurityCryptographyCryptoStreamClassTopic.asp

Tom.

 

[Guest]

There may be characters such as digits, but there won't be anything like arabic characters or anything....

 

[Guest]

I'm confused... what is the difference between Encoding.ASCII.GetBytes and Encoding.UTF8.GetBytes ????

 

[Jon Skeet [C# MVP]]

I'm confused... what is the difference between
Encoding.ASCII.GetBytes and Encoding.UTF8.GetBytes ????

One uses the ASCII encoding and the other uses UTF-8 - they're very
different encodings, which happen to give the same results for all
ASCII characters.

See http://www.pobox.com/~skeet/csharp/unicode.html for more
information.

 

[Jon Skeet [C# MVP]]

At the end of the day, my problem is far from solved. I wanted simple
encryption. What did I get? Confusion.

Here's my pot shot at encrypting... basically I've got a form with
four textboxes: txtPassword (to encrypt), txtEncryptedText (for what
it's encrypted to), txtDecryptedText (for the decrypted text - sadly
the program never makes it this far) and txtInitializationVector.

Where am I going wrong, I'm getting weary.

Well, for one thing you've got a MemoryStream for no good reason when
encrypting. You can just use

cs.Write(b_raw, 0, b_raw.Length);

The second thing you're doing wrong is assuming that any random piece
of binary data can be converted to UTF-8 and back losslessly. Just as
the *input* to encryption is binary, so is the output. The easiest way
of converting binary data to a string and back is to use
Convert.To/FromBase64String.

I'm not sure about your IV usage, either...

 

[Jon Skeet [C# MVP]]

Oh, well excuse me for assuming! Not that I'm blaming its presence on
you or anything, but would you possibly care to enlighten me on what
the BLOODY HELL UTF8 is GOOD FOR then??!!!??!!

Sure. It's a good way of encoding character data in binary. The fact
that any text string can be encoded to binary data using UTF-8
*doesn't* mean that every piece of binary data is a valid UTF-8
representation of a string.

By the way, shouting, being ungrateful and making pretty much repeat
posts isn't likely to get you answers any quicker. On the contrary,
people may well decide to ignore you instead of answering you.

Just as

And this won't eat any of my information??

No. The resulting string will be 4/3rds the size of the original binary
data though.

 

[Jon Skeet [C# MVP]]

Hang on. If I don't need a MemoryStream, what do I pass to the
constructor of the CryptoStream ??????

It only has one constructor, and it NEEDS some type of stream!

Oops - yes, you do need *a* memory stream, but you shouldn't be using
the same stream as you're reading from to write to - that's just
circular! Apologies for the error before - having seen the code that
you *didn't* need (creating the memory stream with the results of
encoding the string) I made a mistake.

Is it not too much to ask to be able to JUST encrypt a STRING??!!
without delving into a whole host of complex confusion I don't need??

Yes, it is. As I said before, encryption fundamentally revolves around
binary data, not text. So you need to understand how to convert data
from text to binary and the reverse before doing anything else.

It's really not that complicated though:

Any text data -> binary data: Encoding
Binary data -> encrypted binary data: CryptoStream
Encrypted binary data -> text data: Base64

then exactly the reverse steps.

Sure, there's no one method which just does it all for you, but each
step is fairly straightforward.

 

[Eric Johannsen]

Jon, you're more patient than I would be

Oops - yes, you do need *a* memory stream, but you shouldn't be using
the same stream as you're reading from to write to - that's just
circular! Apologies for the error before - having seen the code that
you *didn't* need (creating the memory stream with the results of
encoding the string) I made a mistake.


Yes, it is. As I said before, encryption fundamentally revolves around
binary data, not text. So you need to understand how to convert data
from text to binary and the reverse before doing anything else.

It's really not that complicated though:

Any text data -> binary data: Encoding
Binary data -> encrypted binary data: CryptoStream
Encrypted binary data -> text data: Base64

then exactly the reverse steps.

Sure, there's no one method which just does it all for you, but each
step is fairly straightforward.