[VS 2008] Strong encryption and hashing class - Updated! 31/August/2009

[tassa]

Updated - August/31/2009

FYI:
Someone asked me if one should use the whole algorithm to encrypt or hash; the answer is NO, if you want to encrypt a string (with AES or Rijndael) then just copy the region and paste it in your code, same thing goes for hashing. The code is divided into regions to serve that purpose.

Updates:

• Added an enumeration to hold the cryptographic actions that can be performed (encryption or decryption).
• Added a function to generate an IV from the given key (after playing around with it ).
• Added an exception handler... Just in case the password isn't the right one.

Hello,

I have been working on this for a while now, I have based my work on Jenner's submission. Since I had noticed that it was for VS 2005, I decided to create my own, for VS 2008...

I have included AES for encryption and used SHA256 for hashing the strings, also some overloads so it'll handle more object types (to permit more "flexibility").

Even though AES and Rijndael ARE THE SAME ALGORITHMS, they have some particularities:

• AES:
• Has a fixed block size of 128bits.
• Allows key sizes of 128, 192 and 256 bits.
  Rijndael:
• Allows block sizes of 128bits, 192bits and 256bits.
• Permits the use of 64, 96, 128, 192, 256 bits key sizes.

(The block size is specific to each algorithm since it indicates which the size of the IV to be used or that is supported by one of these two algorithms.)

Some usage examples:

vb.net Code:

Imports EncryptDecrypt.SymmetricEncryptionAlgorithms.AESManagedEncryption
Imports EncryptDecrypt.SymmetricEncryptionAlgorithms.RijndaelManagedEncryption
Imports EncryptDecrypt.SHAManagedHash.SHA256ManagedHash
Imports System.Text
 
Module Module1
 
    Sub Main()
        Dim StringToBeEncrypted As String = "Hello world!"
        'AES:
        Dim AESEncryptedString As String = AESEncryptDecrypt(StringToBeEncrypted, "vbforums", _
                                                        AESCryptographicAction.Encrypt)
        Console.WriteLine(AESEncryptedString)
        Console.WriteLine(AESEncryptDecrypt(AESEncryptedString, "vbforums", _
                                            AESCryptographicAction.Decrypt))
        'Rijndael:
        Dim StringBytes As Byte() = Encoding.UTF8.GetBytes(StringToBeEncrypted)
        Dim KeyBytes As Byte() = Encoding.UTF8.GetBytes("tassa")
        Dim RijndaelEncryptedString As String = RijndaelEncryptDecrypt(StringBytes, KeyBytes, _
                                                                       RijndaelCryptographicAction.Encrypt)
        Console.WriteLine(RijndaelEncryptedString)
        Console.WriteLine(RijndaelEncryptDecrypt(RijndaelEncryptedString, KeyBytes, _
                                                 RijndaelCryptographicAction.Decrypt))
        'Hash
        Dim salt As Byte() = Nothing
        Dim hashedString As String = SHA256StringHash("vbforums.com", salt)
        Console.WriteLine(hashedString)
        Console.WriteLine(Convert.ToBase64String(salt))
        'Verify the hash
        Dim checkHash As Boolean = VerifyHash("vbforums.com", hashedString, salt)
        If checkHash = True Then
            Console.WriteLine("It's a match!")
        Else
            Console.WriteLine("It's not a match!")
        End If
        Console.ReadKey()
    End Sub
 
 
End Module

Due to character limitations, the code is in post #2 and #3.

Comments, critics are appreciated!
Hope you like it :P .

[tassa]

vb.net Code:

Imports System.ComponentModel
Imports System.Security.Cryptography
Imports System.Text
Imports System.IO

vb.net Code:

#Region " Rijndael Encryption Algorithm "
    Public Class RijndaelManagedEncryption
#Region " Global Variables "
        Private Shared encoding As New UTF8Encoding
        Private Shared RijndaelAlg As New RijndaelManaged
        Private Shared HashAlg As HashAlgorithm = New SHA256Managed
        Enum RijndaelCryptographicAction
            Encrypt = 0
            Decrypt = 1
        End Enum
#End Region
 
#Region " Encryption/Decryption Events "
        Public Overloads Shared Function EncryptDecrypt(ByVal text As String, ByVal key As String, _
                                                        ByVal action As RijndaelCryptographicAction) As String
            Dim textBytes As Byte() = encoding.GetBytes(text)
            Dim keyBytes As Byte() = CheckKey(key)
 
            Return EncryptDecrypt(textBytes, keyBytes, action)
        End Function
 
        Public Overloads Shared Function EncryptDecrypt(ByVal text As String, ByVal key As Byte(), _
                                                        ByVal action As RijndaelCryptographicAction) As String
            Dim textBytes As Byte() = encoding.GetBytes(text)
            Dim keyBytes As Byte() = CheckKey(key)
 
            Return EncryptDecrypt(textBytes, keyBytes, action)
        End Function
 
        Public Overloads Shared Function EncryptDecrypt(ByVal data As Byte(), ByVal key As String, _
                                                        ByVal action As RijndaelCryptographicAction) As String
            Dim keyBytes As Byte() = CheckKey(key)
 
            Return EncryptDecrypt(data, keyBytes, action)
        End Function
 
        Public Overloads Shared Function EncryptDecrypt(ByVal data As Byte(), ByVal key As Byte(), _
                                                        ByVal action As RijndaelCryptographicAction) As String
            RijndaelAlg.BlockSize = 256
 
            If Not key.Length = 32 Then
                key = CheckKey(key)
            End If
 
            Dim IV As Byte() = GenerateIV(key)
            Try
                Select Case action
                    Case CryptographicAction.Encrypt
                        Using memStream As New MemoryStream
                            Using cStream As New CryptoStream(memStream, _
                                                       RijndaelAlg.CreateEncryptor(key, IV), _
                                                       CryptoStreamMode.Write)
                                cStream.Write(data, 0, data.Length)
                            End Using
                            Return Convert.ToBase64String(memStream.ToArray)
                        End Using
 
                    Case CryptographicAction.Decrypt
                        Dim textBytes As Byte() = Convert.FromBase64String(encoding.GetString(data))
                        Using memStream As New MemoryStream(textBytes)
                            Dim decryptedData(textBytes.Length) As Byte
                            Using cStream As New CryptoStream(memStream, _
                                                       RijndaelAlg.CreateDecryptor(key, IV), _
                                                       CryptoStreamMode.Read)
                                cStream.Read(decryptedData, 0, decryptedData.Length)
                            End Using
                            Return encoding.GetString(decryptedData)
                        End Using
 
                    Case Else
                        Return Nothing
                End Select
 
            Catch ex As CryptographicException
                Return "Error - Invalid Password"
            End Try
        End Function
#End Region
 
        'Generate a byte array containing the generated hash from the given key.
#Region " Key Check "
        Private Overloads Shared Function CheckKey(ByVal key As String) As Byte()
            Dim byteKey As Byte() = encoding.GetBytes(key)
 
            Return CheckKey(byteKey)
        End Function
 
        Private Overloads Shared Function CheckKey(ByVal key As Byte()) As Byte()
            Return HashAlg.ComputeHash(key)
        End Function
#End Region
 
        'Generate a byte array containing the generated IV from the given key.
#Region " Generate IV "
        Private Overloads Shared Function GenerateIV(ByVal key As String) As Byte()
            Dim keyBytes As Byte() = encoding.GetBytes(key)
 
            Return GenerateIV(keyBytes)
        End Function
 
        Private Overloads Shared Function GenerateIV(ByVal key As Byte()) As Byte()
            Dim keyReverse As String = encoding.GetString(key).ToCharArray.Reverse.ToString
            Dim NewKey As Byte() = encoding.GetBytes(keyReverse)
 
            Return HashAlg.ComputeHash(NewKey)
        End Function
#End Region
    End Class
#End Region

vb.net Code:

#Region " AES Encryption Algorithm "
    Public Class AESManagedEncryption
 
#Region " Global Variables "
        Private Shared encoding As New UTF8Encoding
        Private Shared AESAlg As New AesManaged
        Private Shared HashAlg As HashAlgorithm = New SHA256Managed
         Enum AESCryptographicAction
            Encrypt = 0
            Decrypt = 1
        End Enum
#End Region
 
#Region " Encryption/Decryption Events "
        Public Overloads Shared Function EncryptDecrypt(ByVal text As String, ByVal key As String, _
                                                        ByVal action As AESCryptographicAction) As String
            Dim textBytes As Byte() = encoding.GetBytes(text)
            Dim keyBytes As Byte() = CheckKey(key)
 
            Return EncryptDecrypt(textBytes, keyBytes, action)
        End Function
 
        Public Overloads Shared Function EncryptDecrypt(ByVal text As String, ByVal key As Byte(), _
                                                        ByVal action As AESCryptographicAction) As String
            Dim textBytes As Byte() = encoding.GetBytes(text)
            Dim keyBytes As Byte() = CheckKey(key)
 
            Return EncryptDecrypt(textBytes, keyBytes, action)
        End Function
 
        Public Overloads Shared Function EncryptDecrypt(ByVal data As Byte(), ByVal key As String, _
                                                        ByVal action As AESCryptographicAction) As String
            Dim keyBytes As Byte() = CheckKey(key)
 
            Return EncryptDecrypt(data, keyBytes, action)
        End Function
 
        Public Overloads Shared Function EncryptDecrypt(ByVal data As Byte(), ByVal key As Byte(), _
                                                        ByVal action As AESCryptographicAction) As String
            If Not key.Length = 32 Then
                key = CheckKey(key)
            End If
 
            Dim IV As Byte() = GenerateIV(key)
            Try
                Select Case action
                    Case CryptographicAction.Encrypt
                        Using memStream As New MemoryStream
                            Using cStream As New CryptoStream(memStream, _
                                                       AESAlg.CreateEncryptor(key, IV), _
                                                       CryptoStreamMode.Write)
                                cStream.Write(data, 0, data.Length)
                            End Using
                            Return Convert.ToBase64String(memStream.ToArray)
                        End Using
 
                    Case CryptographicAction.Decrypt
                        Dim textBytes As Byte() = Convert.FromBase64String(encoding.GetString(data))
                        Using memStream As New MemoryStream(textBytes)
                            Dim decryptedData(textBytes.Length) As Byte
                            Using cStream As New CryptoStream(memStream, _
                                                       AESAlg.CreateDecryptor(key, IV), _
                                                       CryptoStreamMode.Read)
                                cStream.Read(decryptedData, 0, decryptedData.Length)
                            End Using
                            Return encoding.GetString(decryptedData)
                        End Using
 
                    Case Else
                        Return Nothing
                End Select
 
            Catch ex As CryptographicException
                Return "Error - Invalid Password"
            End Try
        End Function
#End Region
 
        'Generate a byte array containing the generated hash from the given key.
#Region " Key Check "
        Private Overloads Shared Function CheckKey(ByVal key As String) As Byte()
            Dim byteKey As Byte() = encoding.GetBytes(key)
 
            Return CheckKey(byteKey)
        End Function
 
        Private Overloads Shared Function CheckKey(ByVal key As Byte()) As Byte()
            Return HashAlg.ComputeHash(key)
        End Function
#End Region
 
        'Generate a byte array containing the generated IV from the given key.
#Region " Generate IV "
        Private Overloads Shared Function GenerateIV(ByVal key As String) As Byte()
            Dim keyBytes As Byte() = encoding.GetBytes(key)
 
            Return GenerateIV(keyBytes)
        End Function
 
        Private Overloads Shared Function GenerateIV(ByVal key As Byte()) As Byte()
            Dim keyReverse As String = encoding.GetString(key).ToCharArray.Reverse.ToString
            Dim NewKey As Byte() = HashAlg.ComputeHash(encoding.GetBytes(keyReverse))
            Dim FinalKey(15) As Byte
 
            Array.Copy(NewKey, FinalKey, 15)
 
            Return FinalKey
        End Function
#End Region
    End Class
#End Region
End Namespace

[tassa]

vb.net Code:

#Region " SHA256 Hash "
    Public Class SHA256ManagedHash
 
#Region " Global Variables "
        'The encoding to get the byte array from the given data.
        Private Shared _encoding As New UTF8Encoding
        'The hash algorithm.
        Private Shared hashAlg As New SHA256Managed
#End Region
        'Please note that I'm using Overloads.
        'I have chosen to do it this way since it's clearer
        'and it's more "flexible".
#Region " SHA256 Hash Events "
        'I'm using ByRef salt as Byte(), so that the orignal variable will hold the
        'generated salt, so that it can be saved, edited, etc.
        Public Overloads Shared Function SHA256StringHash(ByVal text As String, ByRef salt As Byte()) As String
            Dim textBytes As Byte() = _encoding.GetBytes(text)
            Dim myrandom As New Random
            Dim rng As New RNGCryptoServiceProvider
 
            salt = New Byte(myrandom.Next(4, 8)) {}
            rng.GetNonZeroBytes(salt)
            Dim SaltedText_Byte As Byte() = New Byte((textBytes.Length + salt.Length) - 1) {}
            SaltedText_Byte = textBytes.Concat(salt).ToArray
            'It "returns" to the third overload (actually sends, but whatever :P) 
            'the generated byte array,
            'which holds the text and the salt's byte array.
            Return SHA256StringHash(SaltedText_Byte)
        End Function
 
        Public Overloads Shared Function SHA256StringHash(ByVal text As String) As String
            'Get the text's byte array and sends it to the third overload.
            Dim textBytes As Byte() = _encoding.GetBytes(text)
            Return SHA256StringHash(textBytes)
        End Function
 
        Public Overloads Shared Function SHA256StringHash(ByVal data As Byte()) As String
            'Compute the hash from the received byte array and returns it
            'to the calling method.
            Dim hashedData As Byte() = hashAlg.ComputeHash(data)
            Return Convert.ToBase64String(hashedData)
        End Function
#End Region
 
#Region " Verify Hash "
 
        Public Overloads Shared Function VerifyHash(ByVal text As String, ByVal hash As String, ByVal salt As Byte()) As Boolean
            Dim textBytes As Byte() = _encoding.GetBytes(text)
            Dim hashByte As Byte() = Convert.FromBase64String(hash)
 
            Return VerifyHash(textBytes, hashByte, salt)
        End Function
 
        Public Overloads Shared Function VerifyHash(ByVal data As Byte(), ByVal hash As String, ByVal salt As Byte()) As Boolean
            Dim hashBytes As Byte() = _encoding.GetBytes(hash)
 
            Return VerifyHash(data, hashBytes, salt)
        End Function
 
        Public Overloads Shared Function VerifyHash(ByVal text As String, ByVal hash As String, ByVal salt As String) As Boolean
            Dim textBytes As Byte() = _encoding.GetBytes(text)
            Dim hashBytes As Byte() = _encoding.GetBytes(hash)
            Dim saltBytes As Byte() = _encoding.GetBytes(salt)
 
            Return VerifyHash(textBytes, hashBytes, saltBytes)
        End Function
 
        Public Overloads Shared Function VerifyHash(ByVal data As Byte(), ByVal hash As Byte(), ByVal salt As Byte()) As Boolean
            Dim hashCheck((data.Length + salt.Length) - 1) As Byte
            hashCheck = data.Concat(salt).ToArray
            Dim verify As Byte() = hashAlg.ComputeHash(hashCheck)
            Dim IsMatch As Boolean = False
            For i As Integer = 0 To verify.Length - 1
                If verify(i) = hash(i) Then
                    IsMatch = True
                Else
                    IsMatch = False
                End If
            Next
            Return IsMatch
        End Function
#End Region
    End Class
#End Region
 
End Namespace

[VBNetDude]

Which one is better, this one, or DES Encryption? By better I mean more secure from hackers (I suppose that either one COULD be hacked if somebody really wanted to).

Thanks for the post by the way!

[tassa]

Hey man, I had searched for a response to your question. I found these articles about DES and AES.

DES is now considered to be insecure for many applications. This is chiefly due to the 56-bit key size being too small; in January, 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes (see chronology). There are also some analytical results which demonstrate theoretical weaknesses in the cipher, although they are unfeasible to mount in practice. The algorithm is believed to be practically secure in the form of Triple DES, although there are theoretical attacks. In recent years, the cipher has been superseded by the Advanced Encryption Standard (AES).

The design and strength of all key lengths of the AES algorithm (i.e., 128, 192 and 256) are sufficient to protect classified information up to the SECRET level. TOP SECRET information will require use of either the 192 or 256 key lengths. The implementation of AES in products intended to protect national security systems and/or information must be reviewed and certified by NSA prior to their acquisition and use.

Aside from that, I personally use AES because of the length of the cypher key and because the 256-bit key AES hasn't been successfully attacked yet (there is also the fact that AES substituted DES as the current, most secure standard).

[VBNetDude]

Thanks, tassa, for the research!

[bharanidharanit]

Hi, i need to encrypt and decrypt my passwords in my projects. When i enter some texts in my textbox1, it needs to be encrypted and then saved to the database. How to do add this to my project?

[tassa]

Hey, to add this to your project you can click Ctrl + D and add the class (if you have downloaded it) or you can create a new class and copy-paste the code in it. Then you have to import the correct namespace into your project.