ansaurus

Question

Answer 1

+6 A:

AES is a symmetric encryption algorithm (encrypt and decrypt key is the same). If you are talking about public and private keys, you want an asymmetric encryption algorithm such as RSA.

Mitch Wheat 2008-11-05 14:40:20

Methinks he's using PKI for client-server interaction and needs to store the associated public and private keys. Although not exactly standard practice in this situation, AES is a reasonable way to protect the PKI keys.

Adam Liss 2008-11-05 14:59:15

Answer 2

A:

   public static string
   Encrypt (string originalString)
   {
      if (string.IsNullOrEmpty (originalString))
      {
         throw new ArgumentNullException (
            "originalString",
            "The string which needs to be encrypted can not be null.");
      }

      using (var  cryptoProvider = new RijndaelManaged ())
      using (var  memoryStream = new MemoryStream ())
      using (var  cryptoStream = new CryptoStream (
         memoryStream,
         cryptoProvider.CreateEncryptor (rgbKey, rgbIV),
         CryptoStreamMode.Write))
      using (var  writer = new StreamWriter (cryptoStream))
      {
         writer.Write (originalString);
         writer.Flush ();
         cryptoStream.FlushFinalBlock ();
         writer.Flush ();
         return Convert.ToBase64String (memoryStream.GetBuffer (), 0, (int) memoryStream.Length);
      }
   }

   public static string
   Decrypt (string cryptedString)
   {
      if (string.IsNullOrEmpty (cryptedString))
      {
         throw new ArgumentNullException (
            "cryptedString",
            "The string which needs to be decrypted can not be null.");
      }

      using (var  cryptoProvider = new RijndaelManaged ())
      using (var  memoryStream = new MemoryStream (
              Convert.FromBase64String (cryptedString)))
      using (var  cryptoStream = new CryptoStream (
         memoryStream,
         cryptoProvider.CreateDecryptor (rgbKey, rgbIV),
         CryptoStreamMode.Read))
      using (var  reader = new StreamReader (cryptoStream))
      {
         return reader.ReadToEnd ();
      }
   }

   private static byte []  rgbKey = ASCIIEncoding.ASCII.GetBytes ("Ni=9OE=$i+62eprIuDr@ewOu5I9r34Ro"); // change to your own secure key
   private static byte []  rgbIV = ASCIIEncoding.ASCII.GetBytes ("to$eO_e!maI*o3ut"); // change to your own secure initialization vector

Jesse C. Slicer 2008-11-05 14:49:23

What's the default CipherMode?

Tom Ritter 2008-11-05 15:13:35

Cipher-Block Chaining. As far as I can tell, this is the default for all SymmetricAlgorithm descendants.

Jesse C. Slicer 2008-11-05 15:39:37

Answer 3

+1 A:

You can encrypt anything that can be represented as a stream of bytes. The only ingredient missing from the "recipe" in your question is the encryption key:

void encrypt(char *plaintext, char *key, char *crypt)
{
  // Encrypt plaintext with the key, returning the result in crypt.

}

Notes:

Using PKI (public/private keys), each participant typically maintains its own private key in a secure manner and freely distributes its public key. Messages are encrypted using the public key of the recipient and decrypted by each recipient with the private key. From the phrasing of the question, it's not apparent that you're using this model.
Jesse provides a good example for demonstration purposes. Just remember that you probably do not want to hard-code keys in your production application..

Adam Liss 2008-11-05 15:14:43

Agreed - if your code leaves your secure boundaries (i.e. your managed server), you should be looking at a public key infrastructure solution. If it is completely contained, store your keys in a database so that if the server with the code is compromised, you're still in the clear.

Jesse C. Slicer 2008-11-05 15:43:15

But you _don't_ want to be in the clear -- that's why we're encrypting in the first place! :-)

Adam Liss 2008-11-05 17:00:18

ansaurus

tags:

views:

answers:

AES encryption, sample code

related questions