tags:

views:

253

answers:

6
+1  Q: 

Encrypting and decrypting strings

Does anyone know of a good way to encrypt and decrypt strings using VB6 to ensure sensitive data is secure?

Also, is there an encryption method that can be shared between VB6 and .NET? Example:

The encrypted string will be written to a database using a VB6 application, but the value also need to be read an decrypted in a c# .net application using the .net framework if possible.

Thanks!

A: 

Yeah, symmetric encryption algorithms such as AES are pretty standard so as long as you are using the same keys for encryption and decryption there should be absolutely no problem.

Darin Dimitrov  2010-06-02 20:02:24
+1  A: 

Have you looked at System.Security.Cryptography?

http://msdn.microsoft.com/en-us/library/system.security.cryptography.aspx

I would look at the AesCryptoServiceProvider.

Karl Strings  2010-06-02 20:03:19
+1. I suggest writing a C# component that exposes the .Net crypto stuff to the VB6. Like this http://msdn.microsoft.com/en-us/library/aa719105(VS.71).aspx
MarkJ  2010-06-02 20:40:30
I'm accepting this answer based on the comment from MarkJ. Building a .net component that can be wrapped by COM and made usable by VB6 ensures that the same code is being used by both applications. Thanks to everyone for all of your input.
dretzlaff17  2010-06-04 13:30:27
A: 

You can also try MD5: ** link removed ... malicious software there , sorry **

belisarius  2010-06-02 20:07:32
MD5 is a hash algorithm, not a symmetric cipher; it does not seem to meet the OP's needs.
Justin  2010-06-02 20:16:04
@Justin, I wrote too quickly. The package is a symm algorithm with MD5 check included. I downloaded it to post the description here but found malware inside. I am browsing my archives to see if I find a good copy.
belisarius  2010-06-02 20:31:37
+3  A: 

Rather than putting the work of encrypting / decrypting on the application side, perhaps you could handle the security in the database using the Cryptographic Functions of Transact-SQL? After all, both applications would be connecting to the same database.

Mark B.  2010-06-02 20:11:08
This sounds easiest, although you need to assess whether the DBA will be able to decrypt the passwords, and if this is a risk or not. Sometimes you put the encryption in the application rather than the DB to separate the information that the DBA has access to.
Justin  2010-06-02 20:17:51
You also need to make sure the DB driver encrypts traffic (or use a private interface).
Justin  2010-06-02 20:18:37
This is a great idea. Unfortunately the version of the database I am using does not support the Cryptographic function in T-SQL.
dretzlaff17  2010-06-03 14:35:29
@dretzlaff17 - what database are you using? SQL Server 2000?
Mark B.  2010-06-03 18:48:32
Yes, I am using SQL Server 2000 - MSDE
dretzlaff17  2010-06-04 13:22:05
You'll probably want to look into Extended Stored Procedures. This reads like a pretty clear explanation: [here](http://www.devarticles.com/c/a/SQL-Server/Extended-Stored-Procedures-Intro-And-10-Cool-Examples/) and some code for traditional encryption (AES, Blowfish, etc) [here](http://www.sqlservercentral.com/articles/Security/freeencryption/1980/) and [here](http://www.sqlservercentral.com/articles/Security/sql2000dbatoolkitpart1/2361/).
Mark B.  2010-06-04 13:42:00
+1  A: 

My first thoughts would be to use the built-in CryptoAPI which is built-in to the Microsoft operating systems. This would give you the common-ground effect between your VB6 and C# development platforms.

http://en.wikipedia.org/wiki/Cryptographic_API

Some quick & dirty sample code here: http://www.freevbcode.com/ShowCode.Asp?ID=804

And this is one of the many sites explaining how to do this in C#: http://blogs.msdn.com/b/alejacma/archive/2007/11/23/p-invoking-cryptoapi-in-net-c-version.aspx

code4life  2010-06-02 20:30:10
Eeek! -1 but no comments... why the hate? :)
code4life  2010-06-03 03:18:30
Thanks for your comments. I'm voting you up one for taking the time to provide me information as a possible solution to my problem. I am not sure why someone would vote this down with no reasoning.
dretzlaff17  2010-06-04 14:24:33
+1  A: 

You could try VBCorLib which supports the same cryptography classes as found in .NET. The crypto classes in VBCorLib provide a nearly identical API as the .NET classes, so the code will be very similar to perform encryption/decryption between the two platforms.

https://sourceforge.net/projects/vbcorlib/

Kelly Ethridge  2010-06-02 21:05:40

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?