Reputation: 1183
C# string decryption
I want encryption in my wcf service. For that I am writing a class to encrypt and decrypt strings. The encryption seems to work fine and produces a encrypted string but while doing decryption it was giving error of double escape not allowed or error 401. I have add in webconfig the following
<security>
<requestFiltering allowDoubleEscaping="true" />
</security>
Now it is giving error of either the length of the string is not correct or for shorter strings Bad String. The code is
To Encrypt
static string hash = "mypass@mysitec0m";
public static string Encrypt(string decrypted)
{
byte[] data = UTF8Encoding.UTF8.GetBytes(decrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider())
{
ICryptoTransform transform = tripDes.CreateEncryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return Convert.ToBase64String(result);
}
}
}
and to decrypt
public static string decrypt(string encrypted)
{
byte[] data = Convert.FromBase64String(encrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider())
{
ICryptoTransform transform = tripDes.CreateDecryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return UTF8Encoding.UTF8.GetString(result);
}
}
}
Why is the error there and how can I fix it.
Upvotes: 0
Views: 290
Answers (3)
Reputation: 3954
This has nothing to do with WCF, more like a question about TripleDESCryptoServiceProvider.There is an error in your encryption and decryption code. If IV is not set, the encryption mode should use ECB. The default is CBC.CBC needs to set IV.
This is my modified code:
To Encrypt
public static string Encrypt(string decrypted)
{
byte[] data = UTF8Encoding.UTF8.GetBytes(decrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider() {
Key=keys,
Mode=CipherMode.ECB
})
{
ICryptoTransform transform = tripDes.CreateEncryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return Convert.ToBase64String(result);
}
}
}
To decrypt
public static string decrypt(string encrypted)
{
byte[] data = Convert.FromBase64String(encrypted);
using (MD5CryptoServiceProvider mds = new MD5CryptoServiceProvider())
{
byte[] keys = mds.ComputeHash(UTF8Encoding.UTF8.GetBytes(hash));
using (TripleDESCryptoServiceProvider tripDes = new TripleDESCryptoServiceProvider()
{
Key = keys,
Mode = CipherMode.ECB
})
{
ICryptoTransform transform = tripDes.CreateDecryptor();
byte[] result = transform.TransformFinalBlock(data, 0, data.Length);
return UTF8Encoding.UTF8.GetString(result);
}
}
}
Upvotes: 0
Reputation: 41958
You never initialized the cipher with your key, thus you are using one random key for the encryptor and a different random key with your decryptor.
Use the CreateEncryptor(Byte[], Byte[]) method instead, and similarly for the decryptor.
CreateEncryptor(Byte[], Byte[])...
creates a symmetric encryptor object with the specified Key property and initialization vector (IV).
Upvotes: 1
Reputation: 1
I would suggest you use POST in place of GET. Because encrypted string might be long and will have many special characters as you have mentioned in the question
Below is the sample.
[OperationContract(Name = "Decrypt")]
[WebInvoke(Method = "POST",
UriTemplate = "Decrypt")]
string Decrypt(string data);
Upvotes: 0
Related Questions
- Decrypting string with Microsoft Crypto API with C#
- Encrypting and decrypting strings
- Encode and Decode a string in c#
- Encrypt And Decrypt An Object In C#
- Encrypt text using AES in Javascript then Decrypt in C# WCF Service
- encrypt/decrypt webservice/WCF message request
- How to Encrypt string in WinRT app, decrypt in WCF service?
- Decrypting in c#