CODEWITHSUNDEEP
c#databasetext
Sandaru
Sandaru

Reputation: 1259

Store data permanently without a database

I'm implementing a C# application that needs to save 10 IP addresses in it. So i think it is resource wasting if I integrate a database in to the application. I cannot use XML or text file because those addresses needs to be secure. I sow a suggestion to implement my own file format and use it.
1. Is there any suggestion instead implement separate file format
2.if there isn't any how to implement new file format and what is the best

Upvotes: 1

Views: 2467

Answers (4)

Franck
Franck

Reputation: 4440

Encrypt the strings using a strong encryption. here 2 methods i like to use. It strongly encrypt and also add salt to it.

public static string EncryptString(string sData, string sKey)
    {
        // instance of the Rihndael.
        RijndaelManaged RijndaelManagedCipher = new RijndaelManaged();

        // string to byte array.
        byte[] UnicodeText = System.Text.Encoding.Unicode.GetBytes(sData);

        // adign dirt to the string to make it harder to guess using a dictionary attack.
        byte[] Dirty = Encoding.ASCII.GetBytes(sKey.Length.ToString());

        // The Key will be generated from the specified Key and dirt.
        PasswordDeriveBytes FinalKey = new PasswordDeriveBytes(sKey, Dirty);

        // Create a encryptor from the existing FinalKey bytes.           
        ICryptoTransform Encryptor = RijndaelManagedCipher.CreateEncryptor(FinalKey.GetBytes(32), FinalKey.GetBytes(16));

        // Create a MemoryStream that is going to hold the encrypted bytes
        MemoryStream memoryStream = new MemoryStream();

        // Create a CryptoStream
        CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);

        // write the encryption
        cryptoStream.Write(UnicodeText, 0, UnicodeText.Length);

        // write final blocks to the memory stream
        cryptoStream.FlushFinalBlock();

        // Convert to byte array the encrypted data
        byte[] CipherBytes = memoryStream.ToArray();

        // Close streams.
        memoryStream.Close();
        cryptoStream.Close();

        // Convert to byte array to string
        string EncryptedData = Convert.ToBase64String(CipherBytes);

        // Return the encrypted string
        return EncryptedData;

    }

    public static string DecryptString(string sData, string sKey)
    {
        // instance of rijndael
        RijndaelManaged RijndaelCipher = new RijndaelManaged();

        // convert to byte aray the encrypted data
        byte[] EncryptedData = Convert.FromBase64String(sData);

        // add dirt to the key like when encrypthing
        byte[] Dirty = Encoding.ASCII.GetBytes(sKey.Length.ToString());

        // get the finalkey o be used
        PasswordDeriveBytes FinalKey = new PasswordDeriveBytes(sKey, Dirty);

        // Create a decryptor with the key
        ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(FinalKey.GetBytes(32), FinalKey.GetBytes(16));

        // load to memory stream the encrypted data
        MemoryStream memoryStream = new MemoryStream(EncryptedData);

        // Create a CryptoStream on the memory stream holding the data
        CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);

        // Length is unknown but need placeholder big enought for decrypted data
        // we know the decrypted version cannot ever be longer than the crypted version
        // since we added bunch of garbage to it so the length of encrypted data is safe to use
        byte[] UnicodeText = new byte[EncryptedData.Length];

        // Start decrypting
        int DecryptedCount = cryptoStream.Read(UnicodeText, 0, UnicodeText.Length);

        //close streams
        memoryStream.Close();
        cryptoStream.Close();

        // load decrypted data to string
        string DecryptedData = Encoding.Unicode.GetString(UnicodeText, 0, DecryptedCount);

        // Return decrypted string
        return DecryptedData;
    }

Adding to this

now simply make a class like 

public class Settings
{
    public const string EncryptionKey = "somekey";
    public List<string> IP = new List<string>();       

    public string getClassEncrypted()
    {
        return EncryptString(new JavaScriptSerializer().Serialize(this), EncryptionKey);
    }

    public Settings getClassDecrypted(string sClassEcrypted)
    {
        return new JavaScriptSerializer().Deserialize<Settings>(DecryptString(sClassEcrypted, EncryptionKey));
    }
}

one the Ips are set in just write to a file the Settings.getClassEncrypted(); and then when it's time to get back the values only read the text file and load back up with something like this :

string sFileText = ...; // from the file saved
var setting = new Settings.getClassDecrypted(sFileText);

now you've got all classes you need to do it. And the class is even serialized

Upvotes: 1

Sumeshk
Sumeshk

Reputation: 1988

You can either save details an sqlite database or in a file,

if you want to keep things as private then encrypt the file

Upvotes: 2

Ehsan Sajjad
Ehsan Sajjad

Reputation: 62488

Apply Salt on it and save them in Text File or Xml, when its encrypted there is no danger of being data not safe.

See this sample:

using System.Security.Cryptography;

public static string EncodePasswordToBase64(string password)
{  byte[] bytes   = Encoding.Unicode.GetBytes(password);
   byte[] inArray = HashAlgorithm.Create("SHA1").ComputeHash(bytes);
   return Convert.ToBase64String(inArray);
}

Hashing is applied using SHA1 to envcrypt the string in this method.

Upvotes: 1

bit
bit

Reputation: 4487

Store it in a file and encrypt the file so that it is not readable by other programs.

Upvotes: 2

Related Questions