CODEWITHSUNDEEP
c#phpencryption3des
Lorenzo
Lorenzo

Reputation: 29427

Encrypt using 3DES EDE / ECB / NOPadding

I have received a task to encrypt and decrypt an XML string by using a TOKEN and a KEY. The encryption shall use 3DES EDE / ECB / NOPadding and can be made either in PHP or C#

I am not so prepared on this so I have read around a bit of theory and came to a very easy implementation which is as follow:

public string Encrypt( string message, string key, string token ) {
    byte[] toEncryptArray = UTF8Encoding.UTF8.GetBytes( message );
    byte[] keyArray = CreateHash( key );
    byte[] vectorArray = CreateHash( token );
    TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();
    //set the secret key for the tripleDES algorithm
    tdes.Key = keyArray;
    //mode of operation. there are other 4 modes. We choose ECB(Electronic code Book)
    tdes.Mode = CipherMode.ECB;
    //padding mode(if any extra byte added)
    tdes.Padding = PaddingMode.None;

    ICryptoTransform cTransform = tdes.CreateEncryptor(keyArray, vectorArray);
    //transform the specified region of bytes array to resultArray
    byte[] resultArray = cTransform.TransformFinalBlock( toEncryptArray, 0, toEncryptArray.Length );
    //Release resources held by TripleDes Encryptor
    tdes.Clear();
    //Return the encrypted data into unreadable string format
    return Convert.ToBase64String( resultArray, 0, resultArray.Length );
}

private byte[] CreateHash( string toHash ) {
    //use get hashcode regards to your key
    MD5CryptoServiceProvider hashKey = new MD5CryptoServiceProvider();
    byte[] kArray = hashKey.ComputeHash( UTF8Encoding.UTF8.GetBytes( toHash ) );
    //Always release the resources and flush data
    //of the Cryptographic service provide. Best Practice
    hashKey.Clear();
    return kArray;
}

However I think this is not completely correct. In fact I am not sure that the TOKEN shall be used this way. Can somebody provide more informations and point me to the right direction on how to solve this problem?

Thanks

Upvotes: 0

Views: 1490

Answers (1)

smiech
smiech

Reputation: 750

You could use token as a vector on TripleDESCryptoServiceProvider, together with the key.

ICryptoTransform cTransform = tdes.CreateEncryptor(key, token);

Upvotes: 2

Related Questions