T
tshad
I have been trying to create encoding/decoding functions for secure Credit
Card information.
I was looking at 3DES/MD5 and RC2/MD5.
I found a simple function that seemed to work pretty well, but I am confused
as to what is happening.
In the routine I found it was using the TripleDESCryptoServiceProvider (and
not the RC2CryptoServiceProvider) class. But in the CryptDeriveKey, it was
passed RC2 and MD5 and 128 bit size (3DES uses 168). It does seem to work,
however.
Why is that?
************************************
Public Shared Function TripleDESEncode(ByVal value As String, ByVal key
As String) As String
Dim des As New Security.Cryptography.TripleDESCryptoServiceProvider
des.IV = New Byte(7) {}
Dim pdb As New Security.Cryptography.PasswordDeriveBytes(key, New
Byte(-1) {})
des.Key = pdb.CryptDeriveKey("RC2", "MD5", 128, New Byte(7) {})
Dim ms As New IO.MemoryStream((value.Length * 2) - 1)
Dim encStream As New Security.Cryptography.CryptoStream(ms,
des.CreateEncryptor(), Security.Cryptography.CryptoStreamMode.Write)
Dim plainBytes As Byte() = Text.Encoding.UTF8.GetBytes(value)
encStream.Write(plainBytes, 0, plainBytes.Length)
encStream.FlushFinalBlock()
Dim encryptedBytes(CInt(ms.Length - 1)) As Byte
ms.Position = 0
ms.Read(encryptedBytes, 0, CInt(ms.Length))
encStream.Close()
Return Convert.ToBase64String(encryptedBytes)
End Function
***********************************
Should I use the:
RC2CryptoServiceProvider
and
CryptDeriveKey("RC2", "MD5", 128, New Byte(7) {})
and/or
TripleDESCryptoServiceProvider
and
CryptDeriveKey("TripleDES", "MD5", 168, New Byte(7) {})
I was thinking of setting up a Class that had both.
Also, I also saw the size as 0:
CryptDeriveKey("TripleDES", "MD5", 0, New Byte(7) {})
Does that mean it is using the largest possible size?
Thanks,
Tom
Card information.
I was looking at 3DES/MD5 and RC2/MD5.
I found a simple function that seemed to work pretty well, but I am confused
as to what is happening.
In the routine I found it was using the TripleDESCryptoServiceProvider (and
not the RC2CryptoServiceProvider) class. But in the CryptDeriveKey, it was
passed RC2 and MD5 and 128 bit size (3DES uses 168). It does seem to work,
however.
Why is that?
************************************
Public Shared Function TripleDESEncode(ByVal value As String, ByVal key
As String) As String
Dim des As New Security.Cryptography.TripleDESCryptoServiceProvider
des.IV = New Byte(7) {}
Dim pdb As New Security.Cryptography.PasswordDeriveBytes(key, New
Byte(-1) {})
des.Key = pdb.CryptDeriveKey("RC2", "MD5", 128, New Byte(7) {})
Dim ms As New IO.MemoryStream((value.Length * 2) - 1)
Dim encStream As New Security.Cryptography.CryptoStream(ms,
des.CreateEncryptor(), Security.Cryptography.CryptoStreamMode.Write)
Dim plainBytes As Byte() = Text.Encoding.UTF8.GetBytes(value)
encStream.Write(plainBytes, 0, plainBytes.Length)
encStream.FlushFinalBlock()
Dim encryptedBytes(CInt(ms.Length - 1)) As Byte
ms.Position = 0
ms.Read(encryptedBytes, 0, CInt(ms.Length))
encStream.Close()
Return Convert.ToBase64String(encryptedBytes)
End Function
***********************************
Should I use the:
RC2CryptoServiceProvider
and
CryptDeriveKey("RC2", "MD5", 128, New Byte(7) {})
and/or
TripleDESCryptoServiceProvider
and
CryptDeriveKey("TripleDES", "MD5", 168, New Byte(7) {})
I was thinking of setting up a Class that had both.
Also, I also saw the size as 0:
CryptDeriveKey("TripleDES", "MD5", 0, New Byte(7) {})
Does that mean it is using the largest possible size?
Thanks,
Tom