in ASP.NET, Security, Windows, WinRT

How to encrypt and decrypt a string with private key in C#.NET 4.5 / WinRT

Below are instructions on how to encrypt a string using a private key. The encryption will be reversible if you got the private key.

To encrypt use this command:

aiplib.Crypt crypt = new aiplib.Crypt();
string encrypted = crypt.Encrypt("privatekey", "value");

Replace privatekey with a string used as a private key. Replace value with a string that should be encrypted. The encrypted password in base64 format will be returned to the encrypted variable.

To decrypt use this command:

aiplib.Crypt crypt = new aiplib.Crypt();
string value = crypt.Decrypt("privatekey", "encryptedvalue");

Replace privatekey with a string used as a private key. Replace encryptedvalue with a base64 encrypted value returned by the Encrypt method. The original value will be returned to the value string.

Crypt.cs source code (Click here to download the class):

using System.Text;
using Windows.Security.Cryptography;
using Windows.Security.Cryptography.Core;
using Windows.Storage.Streams;

namespace aiplib
{
    public class Crypt
    {
        public static string Encrypt(string key, string value)
        {
            // Private key has to be exactly 16 characters
            if (key.Length > 16)
            {
                // Cut of the end if it exceeds 16 characters
                key = key.Substring(0, 16);
            }
            else
            {
                // Append zero to make it 16 characters if the provided key is less
                while (key.Length < 16)
                {
                    key += "0";
                }
            }

            // We'll be using AES, CBC mode with PKCS#7 padding to encrypt
            SymmetricKeyAlgorithmProvider aesCbcPkcs7 = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);

            // Convert the private key to binary
            IBuffer keymaterial = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);

            // Create the private key
            CryptographicKey k = aesCbcPkcs7.CreateSymmetricKey(keymaterial);

            // Convert the data to byte array
            byte[] plainText = Encoding.UTF8.GetBytes(value); // Data to encrypt

            // Do the actual encryption
            IBuffer buff = CryptographicEngine.Encrypt(k, CryptographicBuffer.CreateFromByteArray(plainText), keymaterial);

            // Return the encrypted string base64 encoded
            return CryptographicBuffer.EncodeToBase64String(buff);
        }

        public static string Decrypt(string key, string value)
        {
            // Private key has to be exactly 16 characters
            if (key.Length > 16)
            {
                // Cut of the end if it exceeds 16 characters
                key = key.Substring(0, 16);
            }
            else
            {
                // Append zero to make it 16 characters if the provided key is less
                while (key.Length < 16)
                {
                    key += "0";
                }
            }

            // Decode the base64 string provided to binary data
            IBuffer val = CryptographicBuffer.DecodeFromBase64String(value);

            // We'll be using AES, CBC mode with PKCS#7 padding to decrypt
            SymmetricKeyAlgorithmProvider aesCbcPkcs7 = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesCbcPkcs7);

            // Convert the private key to binary
            IBuffer keymaterial = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);

            // Create the private key
            CryptographicKey k = aesCbcPkcs7.CreateSymmetricKey(keymaterial);

            // Do the actual decryption
            IBuffer buff = CryptographicEngine.Decrypt(k, val, keymaterial);

            // return the string as plain text
            return CryptographicBuffer.ConvertBinaryToString(BinaryStringEncoding.Utf8, buff);
        }
    }
}