How to make a password protected file in C#

Question

I know this question has been asked before but the answer simply wasn't what I needed. I need to create a password protected text file. I don't mean to encrypt but just create a file with a simple text password. It would also be nice to find out how to open this file in C# as well.

Create a plain-text password protected file and open this file at a later time. All in C#.

Answer 1

Whole point of the question was to not have to encrypt the data manually but let Windows deal with it so I decided to go with Hans Passant's suggestion and simply use a password protected zip file with the needed information (txt files) inside it. This can be easily done with DotNetZip.

Answer 2

Password protecting a text file that is not encrypted is not really possible. However, you can validate if your text file has been modified, so that you are aware it has been altered by someone.

The concept is simple. Use a password to encrypt or obfuscate a hash of the data (text file). You can the later check this hash against the current data and determine whether or not it matches. You will need to store this signature (encrypted hash) somewhere maybe in a file called (textfile.sig).

You can use the SHA1Managed .NET class to create the hash, and the TripleDESCryptoServiceProvider class to encrypt the resulting hash.

something like...

public string GetSignature(string text, string password)
{
    byte[] key;
    byte[] key2;
    GetKeys(password, out key, out key2);

    string sig = encryptstring(GetSHA1(text), key, key2);

}    

public void GetKeys(string password, out byte[] key, out byte[] key2)
{
    byte[] data = StringToByte(password);
    SHA1 sha = new SHA1CryptoServiceProvider();
    MD5 md5 = new MD5CryptoServiceProvider();

    byte[] hash1 = sha.ComputeHash(data);
    byte[] hash2 = md5.ComputeHash(data);

    // Generate some key data based on the supplied password;
    byte[] key = new byte[24];
    for (int i = 0; i < 20; i++)
    {
        key[i] = hash1[i];
    }
    for (int i = 0; i < 4; i++)
    {
        key[i + 20] = hash2[i];
    }
    byte[] key2 = new byte[8];

    for (int i = 0; i < 8; i++)
    {
        key2[i] = hash2[i+4];
    }
}

public string GetSHA1(string text)
{
    UnicodeEncoding UE = new UnicodeEncoding();
    byte[] hashValue;
    byte[] message = UE.GetBytes(text);

    SHA1Managed hashString = new SHA1Managed();
    string hex = "";

    hashValue = hashString.ComputeHash(message);
    foreach (byte x in hashValue)
    {
        hex += String.Format("{0:x2}", x);
    }
    return hex;
}

public string ByteToString(byte[] buff)
{
    string sbinary = "";
    for (int i = 0; i < buff.Length; i++)
    {
        sbinary += buff[i].ToString("X2"); // hex format
    }
    return (sbinary);
}

public string encryptstring(string instr, byte[] key, byte[] key2)
{
    TripleDES threedes = new TripleDESCryptoServiceProvider();
    threedes.Key = key;
    threedes.IV = key2;

    ICryptoTransform encryptor = threedes.CreateEncryptor(key, key2);
    MemoryStream msEncrypt = new MemoryStream();
    CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write);

    // Write all data to the crypto stream and flush it.
    csEncrypt.Write(StringToByte(instr), 0, StringToByte(instr).Length);
    csEncrypt.FlushFinalBlock();

    return ByteToString(msEncrypt.ToArray());
}

public string decryptstring(string instr, byte[] key, byte[] key2)
{
    if (string.IsNullOrEmpty(instr)) return "";

    TripleDES threedes = new TripleDESCryptoServiceProvider();
    threedes.Key = key;
    threedes.IV = key2;

    ICryptoTransform decryptor = threedes.CreateDecryptor(key, key2);

    // Now decrypt the previously encrypted message using the decryptor
    MemoryStream msDecrypt = new MemoryStream(HexStringToByte(instr));
    CryptoStream csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read);

    try
    {
        return ByteToString(csDecrypt);
    }
    catch (CryptographicException)
    {
        return "";
    }
}

Otherwise, you will if you want to hide the data from people, you need to encrypt the data in the text file. You can do this by calling encryptstring() with the full text data instead of the hash of the data.