Wednesday, 7 July 2010

ENCRYPTING PASSWORDS AND OTHER SENSITIVE INFORMATION IN .NET

URL: http://msdn.microsoft.com/en-us/library/ms229741.aspx

If you want to serialize a password in some custom object you are working with, create another member that is the encrypted bytes and serialize/deserialize that.

For simply encrypting/decrypting a file, you can use System.IO.File.Encrypt/Decrypt.


  1. public static class Security
  2. {
  3. private static Encoding _encoding = Encoding.UTF8;
  4. private static byte[] _optionalEntropy = null;
  6. public static string Decrypt(this byte[] encryptedPassword)
  7. {
  8. if (encryptedPassword == null) throw new ArgumentNullException("encryptedPassword");
  9. byte[] bytes = ProtectedData.Unprotect(encryptedPassword, _optionalEntropy, DataProtectionScope.CurrentUser);
  10. return _encoding.GetString(bytes);
  11. }
  13. ///
  14. ///
  15. ///
  16. ///
  17. /// Empty collection if the input is null or empty.
  18. public static byte[] Encrypt(this string password)
  19. {
  20. if (string.IsNullOrEmpty(password)) return new byte[0];
  21. byte[] buffer = _encoding.GetBytes(password);
  22. return ProtectedData.Protect(buffer, _optionalEntropy, DataProtectionScope.CurrentUser);
  23. }
  24. }
Posted by Ananth at 10:59 pm

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)