Home arrow VB.Net arrow Page 4 - String Encryption With Visual Basic .NET
VB.NET

String Encryption With Visual Basic .NET


In this article Brian Patterson will cover some of the encryption classes provided in the .NET Framework. Once you have got a grasp on how to use these algorithms, he will wrap things up with a sample order application that will encrypt credit card information before saving it to either a SQL Server or Oracle database server.

Author Info:
By: Wrox Team
Rating: 4 stars4 stars4 stars4 stars4 stars / 279
November 14, 2002
TABLE OF CONTENTS:
  1. · String Encryption With Visual Basic .NET
  2. · Encryption and the .NET Framework
  3. · Encryption and Byte Arrays
  4. · Building the Encryption Class
  5. · Creating the Database
  6. · Decrypting the Order Data
  7. · Conclusion

print this article
SEARCH DEVARTICLES

String Encryption With Visual Basic .NET - Building the Encryption Class
(Page 4 of 7 )

With our forms in place, we will need the encryption code before we can begin saving information to the database. Add a new class to the project and name the file TripleDES.vb. To begin our new class we will need a few namespaces. Add the following code to the beginning of the class file:

Imports System
Imports System.IO
Imports System.TextImports System.Security.Cryptography


Now that we have access to the appropriate namespaces, we can begin coding the encryption and decryption routines. As I mentioned in the DES description above, encryption and decryption must have both a Key and an Initialization Vector. Let's add these two items as Private members of our class. Add the following (bold) lines of code to the TripleDES class.

Public Class TripleDES
Private key() As Byte = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24}
Private iv() As Byte = {65, 110, 68, 26, 69, 178, 200, 219}


As you can see, our encryption key consists of 24 bytes and the initialization vector consists of 8 bytes. Feel free to replace the above values with numbers of your choosing.

Now we can begin to build the encryption function. Paste the following code into your TripleDES class. Once the code is in place we can go through it line by line, examining how it works.

Public Function Encrypt(ByVal plainText As String) As Byte()
' Declare a UTF8Encoding object so we may use the GetByte
' method to transform the plainText into a Byte array.
Dim utf8encoder As UTF8Encoding = New UTF8Encoding()
Dim inputInBytes() As Byte = utf8encoder.GetBytes(plainText)

' Create a new TripleDES service provider
Dim tdesProvider As TripleDESCryptoServiceProvider = New
TripleDESCryptoServiceProvider()

' The ICryptTransform interface uses the TripleDES
' crypt provider along with encryption key and init vector
' information
Dim cryptoTransform As ICryptoTransform =
tdesProvider.CreateEncryptor(Me.key, Me.iv)

' All cryptographic functions need a stream to output the
' encrypted information. Here we declare a memory stream
' for this purpose.
Dim encryptedStream As MemoryStream = New MemoryStream()
Dim cryptStream As CryptoStream = New CryptoStream(encryptedStream,
cryptoTransform, CryptoStreamMode.Write)

' Write the encrypted information to the stream. Flush the information
' when done to ensure everything is out of the buffer.
cryptStream.Write(inputInBytes, 0, inputInBytes.Length)
cryptStream.FlushFinalBlock()
encryptedStream.Position = 0

' Read the stream back into a Byte array and return it to the calling
' method.
Dim result(encryptedStream.Length - 1) As Byte
encryptedStream.Read(result, 0, encryptedStream.Length)
cryptStream.Close()
Return result
End Function


To begin the encryption process, we must pass in a string that we want to encrypt. For the encryption process to work correctly we must convert our string data into a Byte array since all cryptographic methods expect the information in the format. This is accomplished by the UTF8Encoding class. We simply declare a Byte array object, which accepts the return of GetBytes to handle the Byte array conversion for us.

The next 2 lines of our application are used to instantiate a new TripleDESCryptoServiceProvider, which will actually perform the encryption, and an ICryptoTransform object, which accepts our private key and initialization vector for the encryption process.

The difference between this algorithm and many of the examples you will see in the .NET Help files is the fact that we are encrypting data to memory rather than to a file on disk. To accomplish this we must create a MemoryStream object which will accept all the encrypted output. As you can see in the code above, we are creating a MemoryStream called encryptedStream and then telling our CryptoStream object this is where it should place the encrypted output.

Once the information has been encrypted to the MemoryStream object, we call the FlushFinalBlock method, which ensures that all the data has been placed into the MemoryStream before we read the information out of the MemoryStream and back into a byte array that can be returned to the calling function.

The process of decrypting the data is very similar to encryption because they use exactly the same key. The difference here, though, is that we accept a Byte array for processing and once decryption has been completed we must convert the resulting Byte array into a string and return to the calling function. Place the code below into your TripleDES class.

Public Function Decrypt(ByVal inputInBytes() As Byte) As String
' UTFEncoding is used to transform the decrypted Byte Array
' information back into a string.
Dim utf8encoder As UTF8Encoding = New UTF8Encoding()
Dim tdesProvider As TripleDESCryptoServiceProvider = New
TripleDESCryptoServiceProvider()

' As before we must provide the encryption/decryption key along with
' the init vector.
Dim cryptoTransform As ICryptoTransform =
tdesProvider.CreateDecryptor(Me.key, Me.iv)

' Provide a memory stream to decrypt information into
Dim decryptedStream As MemoryStream = New MemoryStream()
Dim cryptStream As CryptoStream = New CryptoStream(decryptedStream,
cryptoTransform, CryptoStreamMode.Write)
cryptStream.Write(inputInBytes, 0, inputInBytes.Length)
cryptStream.FlushFinalBlock()
decryptedStream.Position = 0

' Read the memory stream and convert it back into a string
Dim result(decryptedStream.Length - 1) As Byte
decryptedStream.Read(result, 0, decryptedStream.Length)
cryptStream.Close()
Dim myutf As UTF8Encoding = New UTF8Encoding()
Return myutf.GetString(result)
End Function


That wraps up the encryption class. Now let's build the database so we can begin saving information.
blog comments powered by Disqus
VB.NET ARTICLES

- MyClass - Implementing Polymorphism in VB.Net
- Building a News Ticker Using VB.Net
- Everything You Wanted to Know About Forms In...
- Building Assemblies with VB.Net
- Simple VB.NET Notify Icon with Panel Applica...
- Regular Expressions in .NET
- String Encryption With Visual Basic .NET
- Deploying Applications in VB.NET: Part 1/2
- Watching Folder Activity in VB.NET
- Creating A Windows Service in VB.NET
- Implementing The Google Web Service In VB.NET
- Migrating to Visual Basic.NET from Visual Ba...

Watch our Tech Videos 
Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Weekly Newsletter
 
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 
Support 

Developer Shed Affiliates

 




© 2003-2014 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials