Decrypting DES in ASP.Net
Decrypting the Information Is as Simple as Entering a Password and an
Encrypted Message. Like this.:
<%@ Import Namespace=”System.Security.Cryptography” %>
<%@ Import Namespace=”System.Text” %>
<script language=”VB” runat=”server”>
Dim aConstantIV() as Byte = _
{ &Haa, &Hbb, &Hcc, &Hdd, &Hee, &Hff, &H12, &H78 }
Sub btnSubmit_OnClick(source as Object, e as EventArgs)
Dim strDecryptedText as String = DESDecrypt(txtContents.Text)
lblResults.Text = “<b>Decrypted String:</b><xmp>” & _
strDecryptedText & “</xmp>”
End Sub
Function GetKey(strPassword as String) as Byte()
‘Ensure that the strPassword string is at least 8 characters long
strPassword = strPassword.PadRight(9)
‘Now, convert the string into a byte array
Dim objUTF8 as New UTF8Encoding()
GetKey = objUTF8.GetBytes(strPassword.Substring(1, 8))
End Function
Function DESDecrypt(strDecrypt as String) as String
Dim aKey() as Byte
Dim objUTF8 as New UTF8Encoding()
‘Convert the password into a byte array
aKey = GetKey(txtPassword.Text)
‘Create an instance of the DES class
Dim objDES as DES = DES.Create()
objDES.Key = aKey
objDES.IV = aConstantIV
‘Convert the string into an array of bytes
Dim i as Integer
strDecrypt = strDecrypt.Trim()
Dim aStringBits() as String = strDecrypt.split(“ “)
Dim aByteData(aStringBits.Length) as Byte
For i = 0 to aStringBits.Length - 1
aByteData(i) = aStringBits(i).ToByte()
Next i
try
Dim objStreamDec as SymmetricStreamDecryptor =
objDES.CreateDecryptor()
Dim objCryptoStream as New CryptoMemoryStream()
objStreamDec.SetSink(objCryptoStream)
objStreamDec.Write(aByteData)
objStreamDec.CloseStream()
‘Represent the byte array as a string
DESDecrypt = objUTF8.GetString(objCryptoStream.Data)
catch e as Exception
DESDecrypt = “Invalid password entered!”
end try
End Function
</script>
<html>
<body>
<form runat=”server”>
<h1>Encrypt Information!</h1>
<b>Enter the Password:</b>
<asp:textbox id=”txtPassword” TextMode=”Password” runat=”server” />
<br><b>Enter the text to decrypt:</b><br>
<asp:textbox id=”txtContents” TextMode=”MultiLine” runat=”server”
Columns=”50” Rows=”6” />
<br><asp:button id=”btnSubmit” runat=”server” Text=”Decrypt!”
OnClick=”btnSubmit_OnClick” />
<p>
<asp:label id=”lblResults” runat=”server” />
</form>
</body>
</html>
Even the DESDecrypt function is similar to the DESEncrypt function. A DES class instance is
created on line 30, and its Key and IV properties are set to the value returned by the GetKey
function and the constant initialization vector. On lines 35 through 41, the encrypted string is
converted into a Byte array. Recall that the encrypted string consists of numerical values separated
by spaces. To turn this back into a Byte array, the split method of the String class is
used to break up the numerical values into a String array (line 37). A Byte array is then created
with the appropriate size (line 38). Finally, in lines 39 through 41, a loop is used to build up
the Byte array one byte at a time.
Next, the decryption process is started. Rather than using a SymmetricStreamEncryptor
instance, we use a SymmetricStreamDecryptor instance instead (line 44). After line 49, the
objCryptoStream’s Data property contains, in Byte array format, the decrypted data. The
UTF8Encoding class’s GetString() method is used to convert this into a string (line 52).
If the user enters an invalid password, a CryptographicException exception is thrown. The
try ... catch block spanning from lines 43 through 55 is in place to catch such an exception.
If it occurs, the catch block starting on line 53 begins executing, and an “Invalid
password entered!” message is returned (line 54).
