ASP.Net - Encrypt and Decrypt Password

random

ASP.Net - Encrypt and Decrypt Password


Encryption and Decryption in Asp .Net with C#

Here I will explain how to encrypt and decrypt password in asp .net using  C#. 

What is Encryption and Decryption?
  • Encryption is the activity of converting data or information into code or a secret key.
  • Decryption is the activity of making clear or converting from code into plain text.

Source Code Example:

/// <summary>
        /// To encrypt the input password
        /// </summary>
        /// <param name="textPassword"></param>
        /// <returns>It returns encrypted code</returns>
        public string EncryptPassword(string textPassword)
        {
            //Input          
            byte[] passBytes = System.Text.Encoding.Unicode.GetBytes(textPassword);
            string encryptPass = Convert.ToBase64String(passBytes);
            return encryptPass ;
        }
Encryption and Decryption in Asp .Net with C#

        /// <summary>
        /// To Decode the encrypted password
        /// </summary>
        /// <param name="encryptedPassword"></param>
        /// <returns>It returns plain password</returns>
        public string DecryptPassword(string encryptedPassword)
        {
            //output
            byte[] passByteData = Convert.FromBase64String(encryptedPassword);
            string originalPassword = System.Text.Encoding.Unicode.GetString(passByteData);
            return originalPassword;
        }

ASP.Net - Encrypt and Decrypt Password Reviewed by Ravi Kumar on 6:39 PM Rating: 5

4 comments:

  1. this is not encrypting..
    For encrypting you need a encryption algorithm with a seed and a cypher.

    converting a unicode to a byte aray is not encryption.. because it can be reversed without any cypher...

    So i would not use this..


    ReplyDelete
  2. I agree with your thought but I am not saying its the best practise to encrypting.
    yeah sure we can use a cypher and I used this also:


    public static string Encrypt(string plainText,
    string passPhrase,
    string saltValue,
    string hashAlgorithm,
    int passwordIterations,
    string initVector,
    int keySize)
    {
    // Convert strings into byte arrays.
    // Let us assume that strings only contain ASCII codes.
    // If strings include Unicode characters, use Unicode, UTF7, or UTF8
    // encoding.
    byte[] initVectorBytes = Encoding.ASCII.GetBytes(initVector);
    byte[] saltValueBytes = Encoding.ASCII.GetBytes(saltValue);

    // Convert our plaintext into a byte array.
    // Let us assume that plaintext contains UTF8-encoded characters.
    byte[] plainTextBytes = Encoding.UTF8.GetBytes(plainText);

    // First, we must create a password, from which the key will be derived.
    // This password will be generated from the specified passphrase and
    // salt value. The password will be created using the specified hash
    // algorithm. Password creation can be done in several iterations.
    PasswordDeriveBytes password = new PasswordDeriveBytes(
    passPhrase,
    saltValueBytes,
    hashAlgorithm,
    passwordIterations);

    // Use the password to generate pseudo-random bytes for the encryption
    // key. Specify the size of the key in bytes (instead of bits).
    byte[] keyBytes = password.GetBytes(keySize / 8);

    // Create uninitialized Rijndael encryption object.
    RijndaelManaged symmetricKey = new RijndaelManaged();

    // It is reasonable to set encryption mode to Cipher Block Chaining
    // (CBC). Use default options for other symmetric key parameters.
    symmetricKey.Mode = CipherMode.CBC;

    // Generate encryptor from the existing key bytes and initialization
    // vector. Key size will be defined based on the number of the key
    // bytes.
    ICryptoTransform encryptor = symmetricKey.CreateEncryptor(
    keyBytes,
    initVectorBytes);

    // Define memory stream which will be used to hold encrypted data.
    MemoryStream memoryStream = new MemoryStream();

    // Define cryptographic stream (always use Write mode for encryption).
    CryptoStream cryptoStream = new CryptoStream(memoryStream,
    encryptor,
    CryptoStreamMode.Write);
    // Start encrypting.
    cryptoStream.Write(plainTextBytes, 0, plainTextBytes.Length);

    // Finish encrypting.
    cryptoStream.FlushFinalBlock();

    // Convert our encrypted data from a memory stream into a byte array.
    byte[] cipherTextBytes = memoryStream.ToArray();

    // Close both streams.
    memoryStream.Close();
    cryptoStream.Close();

    // Convert encrypted data into a base64-encoded string.
    string cipherText = Convert.ToBase64String(cipherTextBytes);

    // Return encrypted string.
    return cipherText;
    }

    ReplyDelete
  3. Here is an example that uses the Rijndael algorithm with Key and IV that you can change as you wish.

    --------------------------------------

    using System;
    using System.Security.Cryptography;
    using System.Text;
    using System.IO;


    public class Encryption
    {


    private static byte[] Key = { 69, 75, 101, 56, 255, 46, 182, 135, 193, 155, 221, 154, 53, 178, 68, 56, 42, 11, 135, 145, 185, 28, 78, 49, 97, 168, 84, 117, 225, 130, 145, 65 };
    private static byte[] IV = { 54, 36, 255, 23, 165, 153, 88, 248, 175, 184, 198, 241, 175, 67, 69, 65 };

    //Encrypte string
    public static string DecryptString(string src)
    {

    string strReturn = "";
    MemoryStream ms = null;
    CryptoStream cs = null;
    byte[] p = Convert.FromBase64String(src);
    byte[] initialText = new Byte[p.Length];
    int intIndex = 0;
    bool IsEndOfString = false;
    RijndaelManaged rv = new RijndaelManaged();
    ms = new MemoryStream(p);
    cs = new CryptoStream(ms, rv.CreateDecryptor(Key, IV), CryptoStreamMode.Read);
    cs.Read(initialText, 0, initialText.Length);
    while ((intIndex < initialText.Length) && !IsEndOfString)
    {
    if (initialText[intIndex] != 0)
    strReturn += ((char)initialText[intIndex]);
    else
    IsEndOfString = true;

    intIndex++;
    }

    return strReturn;

    }

    //Decrypt string
    public static string EncryptString(string src)
    {
    byte[] p = Encoding.ASCII.GetBytes(src.ToCharArray());
    byte[] encodedBytes = { };

    MemoryStream ms = new MemoryStream();
    RijndaelManaged rv = new RijndaelManaged();
    CryptoStream cs = new CryptoStream(ms, rv.CreateEncryptor(Key, IV), CryptoStreamMode.Write);
    cs.Write(p, 0, p.Length);
    cs.FlushFinalBlock();
    encodedBytes = ms.ToArray();
    return Convert.ToBase64String(encodedBytes);
    }

    }

    ReplyDelete
  4. You should use SecurityString class for working with private data. Your post is just simple converting string to BASE64 format.

    ReplyDelete

All Rights Reserved by Etechpulse © 2012 - 2017

Contact Form

Name

Email *

Message *

Powered by Blogger.