Although Windows Phone 7 Apps keep their data in an isolated storage which is not easy find outside of Application, I still prefer to keep all sensitive data (such as user names/passwords etc.) encrypted so they won’t be compromised in case if the phone will be lost or stolen.
This function encrypt a string using given password and salt:
/// <summary>
/// Encrypt a string using AES
/// </summary>
/// <param name="Str">String to encrypt</param>
/// <param name="Password">Encryption password</param>
/// <param name="Salt">A salt string</param>
/// <returns>Encrypted string in case of success; otherwise - empty string</returns>
public static string EncryptString(string Str, string Password, string Salt)
{
try
{
using (Aes aes = new AesManaged ())
{
Rfc2898DeriveBytes deriveBytes = new Rfc2898DeriveBytes (Password, Encoding .UTF8.GetBytes(Salt));
aes.Key = deriveBytes.GetBytes(128 / 8);
aes.IV = aes.Key;
using (MemoryStream encryptionStream = new MemoryStream ())
{
using (CryptoStream encrypt = new CryptoStream (encryptionStream, aes.CreateEncryptor(), CryptoStreamMode .Write))
{
byte [] utfD1 = UTF8Encoding .UTF8.GetBytes(Str);
encrypt.Write(utfD1, 0, utfD1.Length);
encrypt.FlushFinalBlock();
}
return Convert .ToBase64String(encryptionStream.ToArray());
}
}
}
catch
{
return "" ;
}
}
And this one – decrypt your data back:
/// <summary>
/// Decrypt encrypted string
/// </summary>
/// <param name="Str">Encrypted string</param>
/// <param name="Password">Password used for encryption</param>
/// <param name="Salt">Salt string used for encryption</param>
/// <returns>Decrypted string if success; otherwise - empty string</returns>
public static string DecryptString(string Str, string Password, string Salt)
{
try
{
using (Aes aes = new AesManaged ())
{
Rfc2898DeriveBytes deriveBytes = new Rfc2898DeriveBytes (Password, Encoding .UTF8.GetBytes(Salt));
aes.Key = deriveBytes.GetBytes(128 / 8);
aes.IV = aes.Key;
using (MemoryStream decryptionStream = new MemoryStream ())
{
using (CryptoStream decrypt = new CryptoStream (decryptionStream, aes.CreateDecryptor(), CryptoStreamMode .Write))
{
byte [] encryptedData = Convert .FromBase64String(Str);
decrypt.Write(encryptedData, 0, encryptedData.Length);
decrypt.Flush();
}
byte [] decryptedData = decryptionStream.ToArray();
return UTF8Encoding .UTF8.GetString(decryptedData, 0, decryptedData.Length);
}
}
}
catch
{
return "" ;
}
}
Technorati Tags:
silverlight,
wph7
0f687cc3-0312-435d-b5d7-f0acdf8e17d8|8|5.0|96d5b379-7e1d-4dac-a6ba-1e50db561b04