I modified the code:
private byte[] getKey() {
X509Certificate cer =
X509Certificate.CreateFromCertFile(@"c:\tmp\certif icates\mattia.cer");
byte[] certKey = cer.GetPublicKey();
PasswordDeriveBytes p = new PasswordDeriveBytes(
cer.GetPublicKeyString(),
Encoding.ASCII.GetBytes(cer.GetCertHashString()),
"SHA256",
2);
return p.GetBytes(keySize / 8);
}
does it make sense? (it works fine btw)
I would use AES because it's supposed to be a standard.
Thanks
----------------------------------
Here there are the encrypt / decrypt functions (if somebody is interested):
private byte[] Encrypt(string plainText) {
MemoryStream mStream = new MemoryStream();
SymmetricAlgorithm sAlg = SymmetricAlgorithm.Create("Rijndael");
sAlg.BlockSize = blockSize;
sAlg.KeySize = keySize;
sAlg.Padding = PaddingMode.PKCS7;
ICryptoTransform cTran = sAlg.CreateEncryptor(this.getKey(),
this.getIVector());
CryptoStream cStream = new CryptoStream(mStream, cTran,
CryptoStreamMode.Write);
StreamWriter sWriter = new StreamWriter(cStream);
sWriter.Write(plainText);
sWriter.Flush();
cStream.FlushFinalBlock();
byte[] bEncoded = new byte[mStream.Length];
mStream.Position = 0;
mStream.Read(bEncoded, 0, (int)mStream.Length);
return bEncoded;
}
private string Decrypt(byte[] cipherText) {
MemoryStream mStream = new MemoryStream();
mStream.Write(cipherText, 0, cipherText.Length);
mStream.Position = 0;
SymmetricAlgorithm sAlg = SymmetricAlgorithm.Create("Rijndael");
sAlg.BlockSize = blockSize;
sAlg.KeySize = keySize;
sAlg.Padding = PaddingMode.PKCS7;
ICryptoTransform cTran = sAlg.CreateDecryptor(this.getKey(),
this.getIVector());
CryptoStream cStream = new CryptoStream(mStream, cTran,
CryptoStreamMode.Read);
StreamReader sReader = new StreamReader(cStream);
string s = sReader.ReadToEnd();
cStream.Close();
sReader.Close();
return s;
}
// just for testing
private void button1_Click(object sender, System.EventArgs e) {
txtData.Text = Convert.ToBase64String(this.Encrypt(txtData.Text)) ;
}
private void button2_Click(object sender, System.EventArgs e) {
txtData.Text = this.Decrypt(Convert.FromBase64String(txtData.Text ));
}
Nicholas Paldino [.NET/C# MVP] wrote:
Mattia,
Something like that. There are a number of hash algorithms that you can
use. Look for any class that derives from the HashAlgorithm class in the
System.Security.Cryptography namespace.
Also, you might want to consider RC2 for your encyrption algorithm, as
it allows a key size of 1024 bits. It might be enough to handle the size of
your public key from your X.509 certificate.