Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Saving encrypted string to database

Status
Not open for further replies.
tcstom

tcstom

Programmer
Aug 22, 2003
235
GB
Hi,

I've written an encryption/decryption class that uses the methods below to decrypt and encrypt strings. This works fine, until I save the encrypted string to my SQL Server database. It saves in the database like this: '??????????????????' and cannot then be decrypted. I assume it's because I'm using Unicode encoding in my encryption/decryption methods, but if I change it to ASCII encoding the DesDecrypt method won't work. Can anyone help?

Code: 
public static string DesEncrypt(string stringToEncrypt, string hashString)
{
	byte[] data = ConvertStringToByteArray(stringToEncrypt);
	string pws = hashString;
	System.Security.Cryptography.PasswordDeriveBytes db = new System.Security.Cryptography.PasswordDeriveBytes(pws, new byte[0]);
	byte[] m_bDESKey= db.GetBytes(16);
	TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider();
	des.Mode = CipherMode.CBC;
	byte[] m_bDESIV = System.Text.UnicodeEncoding.Unicode.GetBytes(hashString);
	MemoryStream ms = new MemoryStream(4096);
	CryptoStream encStream = new CryptoStream(ms, des.CreateEncryptor(KEY192, IV192), CryptoStreamMode.Write);
	encStream.Write(data,0,data.Length);
	encStream.FlushFinalBlock();
	//calculate the length of the encrypted data
	byte[] bResult = new byte[ms.Position];
	ms.Position = 0;
	ms.Read(bResult, 0, bResult.Length) ;
	encStream.Close();
	return System.Text.UnicodeEncoding.Unicode.GetString(bResult);
}

public static string DesDecrypt(string stringToDeCrypt, string hashString)
{
	byte[] data = ConvertStringToByteArray(stringToDeCrypt);
	string pws = hashString;
	System.Security.Cryptography.PasswordDeriveBytes db = new System.Security.Cryptography.PasswordDeriveBytes(pws, new byte[0]);
	byte[] m_bDESKey= db.GetBytes(16);
	TripleDESCryptoServiceProvider des = new TripleDESCryptoServiceProvider();
	des.Mode = CipherMode.CBC;
	byte[] m_bDESIV = System.Text.UnicodeEncoding.Unicode.GetBytes(hashString);
	MemoryStream ms = new MemoryStream(data.Length);
	CryptoStream encStream = new CryptoStream(ms, des.CreateDecryptor(KEY192, IV192), CryptoStreamMode.Read);
	ms.Write(data,0,data.Length);
	ms.Position = 0;
	string strResult = new StreamReader(encStream).ReadToEnd();
	encStream.Close();
	return strResult;
}

private static Byte[] ConvertStringToByteArray(String s)
{
	Byte[] returnValue = System.Text.UnicodeEncoding.Unicode.GetBytes(s);
	return returnValue;
}
 
Sort by date Sort by votes
Ideally you should post this in SQL server forum. There is something called Collation. Based on the Collation type you set on the field of the table, the value will get stored. This is the problem... Check with your DBA and they will provide a solution based on the data you save.

Cheers,

Ravi
 
Upvote 0 Downvote
Thanks, but it's OK. (Good job, because I am my own DBA and I didn't know the answer!) I've found a method that uses UTF8 encoding. Here's the code if anyone's interested.

Code: 
private static readonly string _key = "testing";

private static string Key
{
	get {return _key;}
}

public static string Encrypt(string toEncrypt, bool useHashing)
{
	byte[] keyArray;
	byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes(toEncrypt);

	if (useHashing)
	{
		MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
		keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(Key));
		hashmd5.Clear();
	}
	else
	{
		keyArray = UTF8Encoding.UTF8.GetBytes(Key);
	}

	TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
	tdes.Key = keyArray;
	tdes.Mode = CipherMode.ECB;
	tdes.Padding = PaddingMode.PKCS7;

	ICryptoTransform cTransform = tdes.CreateEncryptor();
	byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);
	tdes.Clear();

	return Convert.ToBase64String(resultArray, 0, resultArray.Length);
}

public static string Decrypt(string cipherString, bool useHashing)
{
	byte[] keyArray;
	byte[] toEncryptArray = Convert.FromBase64String(cipherString);

	if (useHashing)
	{
		MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
		keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(Key));
		hashmd5.Clear();
	}
	else
	{
		keyArray = UTF8Encoding.UTF8.GetBytes(Key);
	}

	TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
	tdes.Key = keyArray;
	tdes.Mode = CipherMode.ECB;
	tdes.Padding = PaddingMode.PKCS7;

	ICryptoTransform cTransform = tdes.CreateDecryptor();
	byte[] resultArray = cTransform.TransformFinalBlock(toEncryptArray, 0, toEncryptArray.Length);          
	tdes.Clear();

	return UTF8Encoding.UTF8.GetString(resultArray);
}
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

chikwendu
  • Locked
  • Question
Mouse jumps to DropDownList when clicking a button
Replies
0
Views
166
chikwendu
chikwendu
Makumbi256
  • Locked
  • Question
How to make days vertical and grid view editable using asp.net vb
Replies
0
Views
847
Makumbi256
Makumbi256
AhmedAzizBarbary
  • Locked
  • Question
How to read data response body after success login razor page ?
Replies
0
Views
937
AhmedAzizBarbary
AhmedAzizBarbary
AhmedAzizBarbary
  • Locked
  • Question
How to pass list of checkboxes not checked on page model razor page?
Replies
0
Views
1K
AhmedAzizBarbary
AhmedAzizBarbary
a6green
  • Locked
  • Question
How to configure AT&T / Avaya Definity G3 incoming ISDN trunk
Replies
2
Views
984
a6green
a6green

Part and Inventory Search

Sponsor

Back
Top