How would I do some simple file encryption and decryption?

Question

I have a .NET application. I need to store a text value encrypted in a file, then retrieve the encrypted value somewhere else in the code, and decrypt it.

I don't need the strongest or most secure encryption method on earth, just something that will suffice to say - I have the value encrypted, and am able to decrypt it.

I've searched a lot on the net to try and use cryptography, but most of the examples I find, don't clearly define the concepts, and the worst part is they seem to be machine specific.

Essentially, can someone please send a link to an easy to use method of encryption that can encrypt string values to a file, and then retrieve these values.

Answer 1

StackOverflow's Extension library has two nice little extensions to encrypt and decrypt a string with RSA. I have used the topic here a few times myself but haven't tested it really, but it is a StackOverflow Extension library so I assume it is tested and stable.

Encrypt:

public static string Encrypt(this string stringToEncrypt, string key)
{
    if (string.IsNullOrEmpty(stringToEncrypt))
    {
        throw new ArgumentException("An empty string value cannot be encrypted.");
    }

    if (string.IsNullOrEmpty(key))
    {
        throw new ArgumentException("Cannot encrypt using an empty key. Please supply an encryption key.");
    }

    System.Security.Cryptography.CspParameters cspp = new System.Security.Cryptography.CspParameters();
    cspp.KeyContainerName = key;

    System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider(cspp);
    rsa.PersistKeyInCsp = true;

    byte[] bytes = rsa.Encrypt(System.Text.UTF8Encoding.UTF8.GetBytes(stringToEncrypt), true);

    return BitConverter.ToString(bytes);
}

Decrypt:

public static string Decrypt(this string stringToDecrypt, string key)
{
    string result = null;

    if (string.IsNullOrEmpty(stringToDecrypt))
    {
        throw new ArgumentException("An empty string value cannot be encrypted.");
    }

    if (string.IsNullOrEmpty(key))
    {
        throw new ArgumentException("Cannot decrypt using an empty key. Please supply a decryption key.");
    }

    try
    {
        System.Security.Cryptography.CspParameters cspp = new System.Security.Cryptography.CspParameters();
        cspp.KeyContainerName = key;

        System.Security.Cryptography.RSACryptoServiceProvider rsa = new System.Security.Cryptography.RSACryptoServiceProvider(cspp);
        rsa.PersistKeyInCsp = true;

        string[] decryptArray = stringToDecrypt.Split(new string[] { "-" }, StringSplitOptions.None);
        byte[] decryptByteArray = Array.ConvertAll<string, byte>(decryptArray, (s => Convert.ToByte(byte.Parse(s, System.Globalization.NumberStyles.HexNumber))));

        byte[] bytes = rsa.Decrypt(decryptByteArray, true);

        result = System.Text.UTF8Encoding.UTF8.GetString(bytes);
    }
    finally
    {
        // no need for further processing
    }

    return result;
}

Answer 2

In .NET you can use an instance of a SymmetricAlgorithm. Here on Stack Overflow there is a question that demonstrates how to encrypt and decrypt strings using a password. How you are going to handle the password is a different matter but I assume that you are not too concerned about that and simply want to "hide" some text from the prying eye.

Answer 3

Here is a blog post using the cryptography library that .NET comes with for a symmetric encryption/decryption.

A symmetric algorithm uses the same key to encrypt and decrypt, much as you use one key to lock and unlock your car door.

A public key algorithm would use one key to encrypt and another to decrypt, so, I can send you a file that is encrypted, and know that only you can decrypt it, as you have kept your key very secure and private.

http://blog.binaryocean.com/2006/01/08/NETSymmetricEncryption.aspx

Answer 4

If you're looking at doing symmetric encryption, then I'd consider the Enterprise Library Cryptography Application Block. David Hayden had a useful blog post about it, though its for Enterprise Library 2.0 (the current is 4.1), I think you will it is still useful.