Security Encryption Algorithm in VB. NET

Some key data in the system needs to be encrypted over the past few days. Use VB. NET to write CLR functions, and then add modifications to the stored procedure to complete the task.

Many problems encountered during the test, such as unfamiliar stream objects (beginner VB. net), not familiar with encoding conversion, the most important is the encryption key length limit, may be encountered by many people.

The following code implements hash encryption and symmetric encryption algorithms, which use factory classes of. Net security algorithms and implement common base64 encoding and decoding.

Common hash encryption algorithms include MD5, Sha (sha1), ripemd160, sha256, sha384, sha512, and mactripledes.

Common symmetric encryption algorithms include des, RC2, Rijndael, and tripledes. Symmetric encryption algorithms have a key and an iv. Different algorithms require different keys and IV lengths, and the length of the same string varies with the encoding.

According to the test, the relationship between the key and the IV length of different codes is as follows:

Code:

Imports systemimports system. dataimports system. data. sqlclientimports Microsoft. sqlserver. serverimports system. runtime. interopservicesimports system. securityimports system. data. sqltypesimports system. security. cryptographynamespace sop. security Public class security hash encryption algorithm <Microsoft. sqlserver. server. sqlfunction ()> _ public shared function hashalgorithm (byval input as sqlstring, byval algorithm as sqlstring, byval charset as sqlstring) as sqlstring dim _ MD5 as system. security. cryptography. hashalgorithm = system. security. cryptography. hashalgorithm. create (algorithm. value) dim FS () as byte, Sb as new system. text. stringbuilder FS = _ md5.computehash (getbytes (input. value, charset. value) for I as integer = 0 to FS. length-1 sb. append (FS (I ). tostring ("X2") next return sb. tostring () end function 'symmetric encryption algorithm <Microsoft. sqlserver. server. sqlfunction ()> _ public shared function extends ricencrypt (byval input as sqlstring, byval key as sqlstring, byval IV as sqlstring, byval algorithm as sqlstring, byval charset as sqlstring) as sqlstring dim SA as system. security. cryptography. repeated ricalgorithm = system. security. cryptography. invalid ricalgorithm. create (algorithm. value) 'new system. security. cryptography. descryptoserviceprovider dim data () as byte SA. key = getbytes (key. value, charset. value) SA. IV = getbytes (IV. value, charset. value) 'converts data to byte data = getbytes (input. value, charset. value) using MS as new system. io. memorystream encrypts the data and prepares to write it to the dim CS as new system in the MS memory stream. security. cryptography. cryptostream (MS, SA. createencryptor, cryptostreammode. write) 'write encrypted data to the cache CS. write (data, 0, Data. length) 'update the data to the stream object CS. flushfinalblock () 'disables CS. close () 'uses base64 encoding to return convert once. tobase64string (Ms. toarray) End using end function 'symmetric decryption algorithm <Microsoft. sqlserver. server. sqlfunction ()> _ public shared function extends ricdecrypt (byval input as sqlstring, byval key as sqlstring, byval IV as sqlstring, byval algorithm as sqlstring, byval charset as sqlstring) as sqlstring dim SA as system. security. cryptography. repeated ricalgorithm = system. security. cryptography. invalid ricalgorithm. create (algorithm. value) 'System. security. cryptography. descryptoserviceprovider dim data () as byte SA. key = getbytes (key. value, charset. value) SA. IV = getbytes (IV. value, charset. value) 'decodes data with base64 once data = convert. frombase64string (input. value) using MS as new system. io. memorystream () 'encrypts the data and prepares to write it to the dim CS as new system in the MS memory stream. security. cryptography. cryptostream (MS, SA. createdecryptor, cryptostreammode. write) 'write encrypted data to the cache CS. write (data, 0, Data. length) 'update the data to the stream object CS. flushfinalblock () 'disables CS. close () 'and then convert back to the string return getstring (Ms. toarray, charset. value) End using end function 'base64 <Microsoft. sqlserver. server. sqlfunction ()> _ public shared function base64encode (byval input as sqlstring, byval charset as sqlstring) as sqlstring return convert. tobase64string (getbytes (input. value, charset. value) end function <Microsoft. sqlserver. server. sqlfunction ()> _ public shared function base64decode (byval input as sqlstring, byval charset as sqlstring) as sqlstring return getstring (convert. frombase64string (input. value), charset. value) end function 'convert the string to the specified encoded byte private shared function getbytes (byval input as string, byval charset as string) as byte () Select case charset case "UTF-16 ", "Unicode", "UTF16" return system. text. encoding. unicode. getbytes (input) Case "UTF-7", "utf7" return system. text. encoding. utf7.getbytes (input) Case "UTF-8", "utf8" return system. text. encoding. utf8.getbytes (input) Case "UTF-32", "UTF32" return system. text. encoding. utf32.getbytes (input) Case "ASCII" return system. text. encoding. ASCII. getbytes (input) Case "", "default" return system. text. encoding. default. getbytes (input) case else return system. text. encoding. default. getbytes (input) end select end function 'byte conversion to the specified encoded string private shared function getstring (byval input () as byte, byval charset as string) as string select case charset case "UTF-16", "Unicode", "UTF16" return system. text. encoding. unicode. getstring (input) Case "UTF-7", "utf7" return system. text. encoding. utf7.getstring (input) Case "UTF-8", "utf8" return system. text. encoding. utf8.getstring (input) Case "UTF-32", "UTF32" return system. text. encoding. utf32.getstring (input) Case "ASCII" return system. text. encoding. ASCII. getstring (input) Case "", "default" return system. text. encoding. default. getstring (input) case else return system. text. encoding. default. getstring (input) end select end function end classend namespace

The following describes how to install CLR functions in SQL server2005:

alter database    sop set TRUSTWORTHY on;exec sp_changedbowner sagoCREATE ASSEMBLY [SOP.Security]AUTHORIZATION [dbo]FROM 'E:\hsl\sop\sop.ScriptEngine.dll'WITH PERMISSION_SET = unsafego CREATE ASSEMBLY [SOP.Security]AUTHORIZATION [dbo] WITH PERMISSION_SET = UNSAFEgoCreate FUNCTION [dbo].[SymmetricDecrypt](@Input [nvarchar](4000), @Key [nvarchar](4000), @IV [nvarchar](4000), @Algorithm [nvarchar](4000), @Charset [nvarchar](4000))RETURNS [nvarchar](4000) WITH EXECUTE AS CALLERAS EXTERNAL NAME [SOP.Security].[SOP.Security.Security].[SymmetricDecrypt]goCreate FUNCTION [dbo].[SymmetricEncrypt](@Input [nvarchar](4000), @Key [nvarchar](4000), @IV [nvarchar](4000), @Algorithm [nvarchar](4000), @Charset [nvarchar](4000))RETURNS [nvarchar](4000) WITH EXECUTE AS CALLERAS EXTERNAL NAME [SOP.Security].[SOP.Security.Security].[SymmetricEncrypt]GOCreate FUNCTION [dbo].[HashAlgorithm](@Input [nvarchar](4000), @Algorithm [nvarchar](4000), @Charset [nvarchar](4000))RETURNS [nvarchar](4000) WITH EXECUTE AS CALLERAS EXTERNAL NAME [SOP.Security].[SOP.Security.Security].[HashAlgorithm]GOCreate FUNCTION [dbo].[Base64Encode](@Input [nvarchar](4000), @Charset [nvarchar](4000))RETURNS [nvarchar](4000) WITH EXECUTE AS CALLERAS EXTERNAL NAME [SOP.Security].[SOP.Security.Security].[Base64Encode]GOCreate FUNCTION [dbo].[Base64Decode](@Input [nvarchar](4000), @Charset [nvarchar](4000))RETURNS [nvarchar](4000) WITH EXECUTE AS CALLERAS EXTERNAL NAME [SOP.Security].[SOP.Security.Security].[Base64Decode]go

Call example:

Declare @ key varchar (500), @ VI varchar (500), @ s nvarchar (max), @ d nvarchar (max), @ D1 nvarchar (max) select @ key = '000000', @ Vi = '000000', @ s = 'define global variables, and rewrite the afterfinalsubmit method 'select @ d = DBO. export ricencrypt (@ s, left (@ key, 4), left (@ VI, 2), 'tripledes ', 'utf32') print @ D output: e2trpdug4 + by1gl1_rodfinhcku + bytes // jo4/ayrdwt7h + hrecmetms3m2pozpolicysrnera/hny/j1xzo

Because I do not know much about. NET and encryption algorithms, this article is only the result of my simple test. If there are any errors, please promptly point out.