Tags: , | Categories: Code Snippets Posted by Vitaly Zayko on 1/15/2011 4:55 PM | Comments (0)

Although Windows Phone 7 Apps keep their data in an isolated storage which is not easy find outside of Application, I still prefer to keep all sensitive data (such as user names/passwords etc.) encrypted so they won’t be compromised in case if the phone will be lost or stolen.

This function encrypt a string using given password and salt:

 /// <summary>
 /// Encrypt a string using AES
 /// </summary>
 /// <param name="Str">String to encrypt</param>
 /// <param name="Password">Encryption password</param>
 /// <param name="Salt">A salt string</param>
 /// <returns>Encrypted string in case of success; otherwise - empty string</returns>
 public  static  string  EncryptString(string  Str, string  Password, string  Salt)
 {
     try
      {
         using  (Aes  aes = new  AesManaged ())
         {
             Rfc2898DeriveBytes  deriveBytes = new  Rfc2898DeriveBytes (Password, Encoding .UTF8.GetBytes(Salt));
             aes.Key = deriveBytes.GetBytes(128 / 8);
             aes.IV = aes.Key;
             using  (MemoryStream  encryptionStream = new  MemoryStream ())
             {
                 using  (CryptoStream  encrypt = new  CryptoStream (encryptionStream, aes.CreateEncryptor(), CryptoStreamMode .Write))
                 {
                     byte [] utfD1 = UTF8Encoding .UTF8.GetBytes(Str);
                     encrypt.Write(utfD1, 0, utfD1.Length);
                     encrypt.FlushFinalBlock();
                 }
                 return  Convert .ToBase64String(encryptionStream.ToArray());
             }
         }
     }
     catch
      {
         return  "" ;
     }
 }
 

And this one – decrypt your data back:

 /// <summary>
 /// Decrypt encrypted string
 /// </summary>
 /// <param name="Str">Encrypted string</param>
 /// <param name="Password">Password used for encryption</param>
 /// <param name="Salt">Salt string used for encryption</param>
 /// <returns>Decrypted string if success; otherwise - empty string</returns>
 public  static  string  DecryptString(string  Str, string  Password, string  Salt)
 {
     try
      {
         using  (Aes  aes = new  AesManaged ())
         {
             Rfc2898DeriveBytes  deriveBytes = new  Rfc2898DeriveBytes (Password, Encoding .UTF8.GetBytes(Salt));
             aes.Key = deriveBytes.GetBytes(128 / 8);
             aes.IV = aes.Key;
 
             using  (MemoryStream  decryptionStream = new  MemoryStream ())
             {
                 using  (CryptoStream  decrypt = new  CryptoStream (decryptionStream, aes.CreateDecryptor(), CryptoStreamMode .Write))
                 {
                     byte [] encryptedData = Convert .FromBase64String(Str);
                     decrypt.Write(encryptedData, 0, encryptedData.Length);
                     decrypt.Flush();
                 }
                 byte [] decryptedData = decryptionStream.ToArray();
                 return  UTF8Encoding .UTF8.GetString(decryptedData, 0, decryptedData.Length);
             }
         }
     }
     catch
      {
         return  "" ;
     }
 }
 

Technorati Tags: ,

Comments are closed