Triple DES Blues - Post.Byes

X

gchq

New Member

Join Date: Jan 2007
Posts: 96

#1

Triple DES Blues

Mar 9 '09, 11:20 PM

Hi there

There is no problem encypting and decrypting a credit card number, but whilst encrypting the expiry date seems to work it blows out on decryption with "Invalid length for a Base-64 char array"

Any ideas?

Here is the code - the keys are generated from a 40+ string held on another database (ReturnKey)....

Code:

Private Function IV_192()
        Dim vKey As String = ReturnKey()
        
        'Make the IV Key
        Dim ss1 As String = Left(vKey, 10)
        Dim ss2 As String = Right(vKey, 25)
        Dim ss3 As String = ss1 & ss2

        Dim vIV_192() As Byte = Encoding.ASCII.GetBytes(ss3.ToCharArray)
        Return vIV_192
    End Function


    Private Function KEY_192()
        Dim vKey As String = ReturnKey()
        
        'Make the key
        Dim s1 As String = Left(vKey, 30)
        Dim s2 As String = Right(vKey, 5)
        Dim s3 As String = s1 & s2
        ' Hash this
        vKey = EncryptVariable(s3)
        Dim vKEY_192() As Byte = Encoding.ASCII.GetBytes(vKey.ToCharArray)
        Return vKEY_192
    End Function


    'TRIPLE DES encryption
    Private Function EncryptTripleDES(ByVal value As String) As String
        If value <> "" Then
            Dim cryptoProvider As TripleDESCryptoServiceProvider = _
                New TripleDESCryptoServiceProvider()
            Dim ms As MemoryStream = New MemoryStream()
            Dim cs As CryptoStream = _
                New CryptoStream(ms, cryptoProvider.CreateEncryptor(KEY_192(), IV_192), _
                    CryptoStreamMode.Write)
            Dim sw As StreamWriter = New StreamWriter(cs)

            sw.Write(value)
            sw.Flush()
            cs.FlushFinalBlock()
            ms.Flush()

            'convert back to a string
            Return Convert.ToBase64String(ms.GetBuffer(), 0, ms.Length)
        Else
            Return "Error"
        End If
    End Function


    'TRIPLE DES decryption
    Private Function DecryptTripleDES(ByVal value As String) As String
        
        If value <> "" Then
            Dim cryptoProvider As TripleDESCryptoServiceProvider = _
                New TripleDESCryptoServiceProvider()
            value = value.Replace(" ", "+")
            'convert from string to byte array
            Dim buffer As Byte() = Convert.FromBase64String(value)
            Dim ms As MemoryStream = New MemoryStream(buffer)
            Dim cs As CryptoStream = _
                New CryptoStream(ms, cryptoProvider.CreateDecryptor(KEY_192, IV_192), _
                    CryptoStreamMode.Read)
            Dim sr As StreamReader = New StreamReader(cs)

            Return sr.ReadToEnd()
        Else
            Return "Error"
        End If
    End Function

Function EncryptVariable(ByVal vName As String)
        Dim vEncryptName As String
        Dim Ue As New UnicodeEncoding()
        Dim ByteSourceText() As Byte = Ue.GetBytes(vName)
        Dim MD5 As New MD5CryptoServiceProvider()
        Dim ByteHash() As Byte = MD5.ComputeHash(ByteSourceText)
        Dim vComp As String = Convert.ToBase64String(ByteHash)
        vEncryptName = vComp
        Return vEncryptName
    End Function

Tags: None

gchq

New Member

Join Date: Jan 2007

Posts: 96
#2

Mar 10 '09, 12:11 AM

Ooops - the DB column was set to varchar(6) from the original mmyyyy format! The encrypted string was being truncated! Now it works as it should!
Comment
PRR

Recognized Expert Contributor

Join Date: Dec 2007

Posts: 750
#3

Mar 10 '09, 09:40 AM

One suggestion would be use of

Code:

System.Text.Encoding.UTF8.GetBytes();

instead of

Code:

System.Text.Encoding.ACSII.GetBytes();
Comment

Previous template Next

Working...