In this article Brian Patterson will cover some of the encryption classes provided in the .NET Framework. Once you have got a grasp on how to use these algorithms, he will wrap things up with a sample order application that will encrypt credit card information before saving it to either a SQL Server or Oracle database server.
String Encryption With Visual Basic .NET - Building the Encryption Class (Page 4 of 7 )
With our forms in place, we will need the encryption code before we can begin saving information to the database. Add a new class to the project and name the file TripleDES.vb. To begin our new class we will need a few namespaces. Add the following code to the beginning of the class file:
Imports System Imports System.IO Imports System.TextImports System.Security.Cryptography
Now that we have access to the appropriate namespaces, we can begin coding the encryption and decryption routines. As I mentioned in the DES description above, encryption and decryption must have both a Key and an Initialization Vector. Let's add these two items as Private members of our class. Add the following (bold) lines of code to the TripleDES class.
As you can see, our encryption key consists of 24 bytes and the initialization vector consists of 8 bytes. Feel free to replace the above values with numbers of your choosing.
Now we can begin to build the encryption function. Paste the following code into your TripleDES class. Once the code is in place we can go through it line by line, examining how it works.
Public Function Encrypt(ByVal plainText As String) As Byte() ' Declare a UTF8Encoding object so we may use the GetByte ' method to transform the plainText into a Byte array. Dim utf8encoder As UTF8Encoding = New UTF8Encoding() Dim inputInBytes() As Byte = utf8encoder.GetBytes(plainText)
' Create a new TripleDES service provider Dim tdesProvider As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()
' The ICryptTransform interface uses the TripleDES ' crypt provider along with encryption key and init vector ' information Dim cryptoTransform As ICryptoTransform = tdesProvider.CreateEncryptor(Me.key, Me.iv)
' All cryptographic functions need a stream to output the ' encrypted information. Here we declare a memory stream ' for this purpose. Dim encryptedStream As MemoryStream = New MemoryStream() Dim cryptStream As CryptoStream = New CryptoStream(encryptedStream, cryptoTransform, CryptoStreamMode.Write)
' Write the encrypted information to the stream. Flush the information ' when done to ensure everything is out of the buffer. cryptStream.Write(inputInBytes, 0, inputInBytes.Length) cryptStream.FlushFinalBlock() encryptedStream.Position = 0
' Read the stream back into a Byte array and return it to the calling ' method. Dim result(encryptedStream.Length - 1) As Byte encryptedStream.Read(result, 0, encryptedStream.Length) cryptStream.Close() Return result End Function
To begin the encryption process, we must pass in a string that we want to encrypt. For the encryption process to work correctly we must convert our string data into a Byte array since all cryptographic methods expect the information in the format. This is accomplished by the UTF8Encoding class. We simply declare a Byte array object, which accepts the return of GetBytes to handle the Byte array conversion for us.
The next 2 lines of our application are used to instantiate a new TripleDESCryptoServiceProvider, which will actually perform the encryption, and an ICryptoTransform object, which accepts our private key and initialization vector for the encryption process.
The difference between this algorithm and many of the examples you will see in the .NET Help files is the fact that we are encrypting data to memory rather than to a file on disk. To accomplish this we must create a MemoryStream object which will accept all the encrypted output. As you can see in the code above, we are creating a MemoryStream called encryptedStream and then telling our CryptoStream object this is where it should place the encrypted output.
Once the information has been encrypted to the MemoryStream object, we call the FlushFinalBlock method, which ensures that all the data has been placed into the MemoryStream before we read the information out of the MemoryStream and back into a byte array that can be returned to the calling function.
The process of decrypting the data is very similar to encryption because they use exactly the same key. The difference here, though, is that we accept a Byte array for processing and once decryption has been completed we must convert the resulting Byte array into a string and return to the calling function. Place the code below into your TripleDES class.
Public Function Decrypt(ByVal inputInBytes() As Byte) As String ' UTFEncoding is used to transform the decrypted Byte Array ' information back into a string. Dim utf8encoder As UTF8Encoding = New UTF8Encoding() Dim tdesProvider As TripleDESCryptoServiceProvider = New TripleDESCryptoServiceProvider()
' As before we must provide the encryption/decryption key along with ' the init vector. Dim cryptoTransform As ICryptoTransform = tdesProvider.CreateDecryptor(Me.key, Me.iv)
' Provide a memory stream to decrypt information into Dim decryptedStream As MemoryStream = New MemoryStream() Dim cryptStream As CryptoStream = New CryptoStream(decryptedStream, cryptoTransform, CryptoStreamMode.Write) cryptStream.Write(inputInBytes, 0, inputInBytes.Length) cryptStream.FlushFinalBlock() decryptedStream.Position = 0
' Read the memory stream and convert it back into a string Dim result(decryptedStream.Length - 1) As Byte decryptedStream.Read(result, 0, decryptedStream.Length) cryptStream.Close() Dim myutf As UTF8Encoding = New UTF8Encoding() Return myutf.GetString(result) End Function
That wraps up the encryption class. Now let's build the database so we can begin saving information.