Introduction to Enterprise Library encryption application blocks

Microsoft Enterprise Library
Encryption applicationProgramBlock simplifies how developers add encryption functions to their applications. Applications can use application blocks in multiple tasks, such as Encrypting information, creating data hashing, and comparing hash values to verify that data has been modified.

The encrypted application block has the following features:

• Reduces coding repeat when processing standard tasksCodeTo solve the encryption problem of conventional applications.

• This helps maintain consistent encryption practices, both in applications and between enterprises.

• Use consistent architecture models to smooth developers' learning curves across different functional scopes.

• Provides the implementation that can be used to solve the General encryption problem.

• Scalable, supporting the implementation of other encryption providers.

Common scenarios

Developers frequently write applications that require encryption and hashing to meet the security requirements of their organizations. Data and configuration information created and maintained by applications usually need to be encrypted. In addition, passwords used to access application functions or data need to be hashed.

The encryption application block abstracts application code from a specific encryption provider to simplify developers' work. You can modify the configuration to change the underlying provider, you do not need to modify the underlying application code.

Encryption application blocks only support SymmetryAlgorithm. Symmetric algorithms use the same key for encryption and decryption. The Application Block does not support asymmetric (such as public key) encryption. asymmetric encryption uses one key to encrypt messages and the other key to decrypt messages.

Sample Code

The following code shows how to encrypt and decrypt data and how to use the reload method that accepts a string.

Example 8.1. C #

 
String encryptedcontentsbase64 = cryptographer. encryptequalric ("symatrix rovider", "sensitivedata ");

// Decrypt the base64 encoded string
String readablestring;
Readablestring = cryptographer. decryptequalric ("symatrix rovider", encryptedcontentsbase64 );
 

Example 8.2. Visual Basic

 
Dim encryptedcontentsbase64 as string
Encryptedcontentsbase64 = cryptographer. encryptequalric ("symatrix rovider", "sensitivedata ")

'Crypt the base64 encoded string
Dim readablestring as string
Readablestring = cryptographer. decryptequalric ("symatrix rovider", encryptedcontentsbase64)
 

Reader requirements

The target readers of this Guide are software architects, software developers, and policy makers. To get more benefits from this guide, you must first understand the following technologies:

• Microsoft Visual Studio 2005 Development System

• Microsoft. NET Framework 2.0

System Requirements

The requirements for running encrypted application blocks are as follows:

• Microsoft Windows XP Professional, Windows Server 2003, or
  Windows Vista

• Microsoft. NET Framework 2.0 or 3.0

• Microsoft Visual Studio 2005 Development System (Any of the following versions ):

  • Microsoft Visual Studio 2005 Standard Edition

  • Microsoft Visual Studio 2005 Professional Edition

  • Microsoft Visual Studio 2005 Software Development Team Edition

  • Microsoft Visual Studio 2005 software tester team Edition

  • Microsoft Visual Studio 2005 software architect team Edition

  • Microsoft Visual Studio 2005 team suite

Encrypt Application Block Dependencies

The encryption application block depends on other code contained in the Enterprise Library:

Kernel Library Function

The Enterprise Library Kernel provides services such as measurement and configuration.
Shared dependencies of application blocks. The kernel library function is included in the Assembly
Microsoft. Practices. enterpriselibrary. Common. dll
.

Objectbuilder Subsystem

Objectbuilder
The subsystem executes the creation and destruction tasks of all repeated and necessary object instances, and still provides advanced flexibility. Enterprise
LibraryObjectbuilder
It is used for tasks such as injecting a class configured to a program block and connecting a measurement class to an application block. The objectbuilder subsystem is included in the Assembly
Microsoft. Practices. objectbuilder. dll
.

The recommended method for modifying the configuration settings of the encrypted application block is to use the Enterprise Library configuration console.

Document for encrypting application blocks

This document also includes the following topics:

• Use encrypted application blocks to develop applications. This topic describes how to download and install an application block so that you can use it in your application. It also describes how to configure application blocks for common operations. The subtopic of key scenarios shows how to use application blocks to complete the most typical encryption tasks.

• The design of the encrypted application block. This topic explains the design decisions and the things behind these decisions.

• Extends and modifies encrypted application blocks. This topic explains how to create your own provider to expand and modify application blocks.Source code.

• Deployment and operations. This topic explains how to deploy and update the Assembly of an Application Block and contains configuration-related information.

• Quick Start. This topic explains how to install and configure the Quick Start application, including a series of roaming, roaming demonstrates how to add regular encryption operations to the application.

More information

For more information, see the following resources:

• Improving
  Web Application Security: Threats and Countermeasures

• How:
  Use Authorization Manager (Azman) with ASP. NET 2.0

• Patterns
  & Practices security how TOS Index