The encryption algorithms are not that difficult. There are plenty of triple
DES examples in C# that you can download. To switch to Rijndael (AES), you
simply switch libraries from the TripleDES libs to Rijndael.
Here is a simple algorithm that incorporates salt:
public class RijndaelEncryption
{
public static string EncryptData(string data, string key, string salt)
{
byte[] saltByte = Encoding.ASCII.GetBytes(salt);
PasswordDeriveBytes secretKey = new PasswordDeriveBytes(key, saltByte,
"MD5", 2);
byte[] desIV = secretKey.GetBytes(16);
byte[] keyBytes = secretKey.GetBytes(32);
return EncryptData(keyBytes, desIV, data);
}
public static string DecryptData(string data, string key, string salt)
{
byte[] saltByte = Encoding.ASCII.GetBytes(salt);
PasswordDeriveBytes secretKey = new PasswordDeriveBytes(key, saltByte,
"MD5", 2);
byte[] desIV = secretKey.GetBytes(16);
byte[] keyBytes = secretKey.GetBytes(32);
return DecryptData(data, keyBytes, desIV);
}
public static string EncryptData(byte[] desKey, byte[] desIV, string data)
{
MemoryStream output = new MemoryStream();
byte[] byteData = Encoding.UTF8.GetBytes(data);
//Use the TripleDES symmetric encryption algorithm to encrypt our data.
Without an IV, the
//same input block of plaintext will encrypt to same output block of
ciphertext. IV guarantees
//output of two identical plaintext blocks are different.
RijndaelManaged des = new RijndaelManaged();
ICryptoTransform transform = des.CreateEncryptor(desKey, desIV);
CryptoStream crypt = new CryptoStream(output, transform,
CryptoStreamMode.Write);
crypt.Write(byteData, 0, byteData.Length);
crypt.Close(); output.Close();
return Convert.ToBase64String(output.ToArray());
}
public static string DecryptData(string data, byte[] desKey, byte[] desIV)
{
MemoryStream output = new MemoryStream();
byte[] byteData = Convert.FromBase64String(data);
//Use the TripleDES symmetric encryption algorithm to decrypt our data. In
order for the ciphertext to be
//successfully decrypted, the exact same key and iv must be used when
initially encryted.
RijndaelManaged des = new RijndaelManaged();
CryptoStream crypt = new CryptoStream(output, des.CreateDecryptor(desKey,
desIV), CryptoStreamMode.Write);
crypt.Write(byteData, 0, byteData.Length);
crypt.Close();
output.Close();
return Encoding.UTF8.GetString(output.ToArray());
}
//This works
public static string GenerateSalt()
{
byte[] buffer1 = new byte[0x10];
new RNGCryptoServiceProvider().GetBytes(buffer1);
return Convert.ToBase64String(buffer1);
}
public static string GetKey(HttpContext context)
{
//Request.ApplicationPath
HttpRequest request = context.Request;
Configuration config =
WebConfigurationManager.OpenWebConfiguration(request.ApplicationPath);
MachineKeySection section =
(MachineKeySection)config.GetSection("system.web/machineKey");
string key = section.DecryptionKey;
return key;
}
