Key scenarios of Enterprise Library encryption application blocks (2)

ArticleDirectory

• Decrypt data with symmetric encryption provider
• Obtain the hash value
• Check whether the hash value matches certain texts

Provided by symmetric encryption Program Decrypt data

If you use symmetric encryption to encrypt data, you usually have to use the same provider to decrypt the data.

Typical goals

In this scenario, use the symmetric provider to decrypt the provided data. The output of the symmetric provider is unencrypted.

Solution

CallCryptographerStatic Methods in the classDecryptsymmetricTo perform decryption, provide the name of the symmetric provider and the data to be decrypted using the configuration.

Quick Start

ForDecryptsymmetricFor more information about how to decrypt data, see roaming: decryption secrets.

Use decryptsymmetric

BelowCodeDemonstrate how to useDecryptsymmetricMethod to decrypt data in base64 encoded string format.

C #

String encryptedcontentsbase64 = cryptographer. encryptpolicric ("symatrix rovider", "password ");

// Decrypt the base64 encoded string.
String readablestring;
Readablestring = cryptographer. decryptequalric ("symatrix rovider", encryptedcontentsbase64 );
 

Visual Basic

 
Dim encryptedcontentsbase64 as string
Encryptedcontentsbase64 = cryptographer. encryptpolicric ("symatrix rovider", "password ")

'Crypt the base64 encoded string.
Dim readablestring as string
Readablestring = cryptographer. decryptequalric ("symatrix rovider", encryptedcontentsbase64)
 

The following code decrypts data in the byte array format using the decryptsymmetric method.

C #

Byte [] valuetoencrypt = encoding. Unicode. getbytes ("password ");
Byte [] encryptedcontents = cryptographer. encryptsymmetric ("symatrix rovider", valuetoencrypt );

// Stringtodecrypt contains an encrypted string.
Byte [] decryptedcontents = cryptographer. decryptsymmetric ("symatrix rovider", encryptedcontents );
String plaintext = (New unicodeencoding (). getstring (decryptedcontents );
 

Visual Basic

 
Dim valuetoencrypt = encoding. Unicode. getbytes ("password ")
Dim encryptedcontents as byte () = cryptographer. encryptsymmetric ("symatrix rovider", valuetoencrypt)

'Stringtodecrypt contains an encrypted string.
Dim decryptedcontents as byte () = cryptographer. encryptsymmetric ("symatrix rovider", stringtodecrypt)
Dim plaintext as string = (New unicodeencoding). getstring (decryptedcontents)
 

Usage tips

Make sure that the appropriate symmetric provider is configured in the Enterprise Library configuration console.

Obtain the hash value

A possible example of obtaining the hash value is when a password does not want to be transmitted over the network.

Typical goals

In this scenario, the application block is used to generate a hash value from the input data.

Solution

CallCryptographerStatic Methods in the classCreatehashTo obtain the hash, specify the data to be hashed and provide the name of the configured hash provider.

Quick Start

How to UseCreatehashFor an extension example of the method, see roaming: Get a hash value.

Use createhash

The following code demonstrates how to use string format dataCreatehashMethod.

C #

 
Byte [] valuetohash = (New unicodeencoding (). getbytes ("password ");
Byte [] generatedhash = cryptographer. createhash ("hashprovider", valuetohash );

// Clear the byte array memory.
Array. Clear (valuetohash, 0, valuetohash. Length );
 

Visual Studio

Dim valuetohash = (New unicodeencoding). getbytes ("password ")
Dim generatedhash as byte () = cryptographer. createhash ("hashprovider", valuetohash)

'Clear the byte array memory.
Array. Clear (valuetohash, 0, valuetohash. length)
 

Usage tips

When creating a hash value, consider the following:

• CreatehashThere are two overload methods. The use of overload depends on whether to create a hash from the string or byte data.
• Make sure that the hash provider is specified in the Enterprise Library configuration console.
• Sensitive data should be cleared from memory as soon as possible. Keeping unencrypted sensitive data in the memory exposes the data to security risks. Note that the data in the memory may also be stored on the hard disk, because the operating system will write the data to a swap file. Also, if the system crashes, the operating system will dump the data in the memory to the disk.

Check whether the hash value matches certain texts

An example of checking whether a hash matches certain texts is that it has to verify that the data is not modified during network transmission. In this case, the hash value of the data is stored on the server. When the data arrives at the server, it is compared with the hash value.

Typical goals

In this scenario, the objective is to compare plain text with previously generated hash values to verify that the data has not been modified.

Solution

Determine the matching data type. You can convert plain text to byte arrays or convert hash data to strings. CallCryptographerClass static methodComparehashTo obtain the hash, specify the hash data, the hash generated before comparison, and use the name of the configured hash provider.

Quick Start

How to UseComparehashMethod to expire an extension example of a token corresponding to a user identity. See roaming: Check whether the hash matches certain text.

Use comparehash

The following code demonstrates how to use the comparehash Method on string-formatted data.

C #

 
// Generatedhash contains a hash value for a previusly hashed string.
Byte [] stringtocompare = (New unicodeencoding (). getbytes ("testvalue ");
Bool comparisonsucceeded = cryptographer. comparehash ("hashprovider", stringtocompare, generatedhash );
 

Visual Basic

'Generatedhash contains a hash value for a previusly hashed string.
Dim stringtocompare = (New unicodeencoding). getbytes ("testvalue ")
Dim comparisonsucceeded as Boolean = cryptographer. comparehash ("hashprovider", stringtocompare, generatedhash)
 

Usage tips

Make sure that the hash provider is specified in the Enterprise Library configuration console.