Dotnetnuke Password Encryption

---

• From: "sanchita" <sanchita@xxxxxxxxxxxxxx>
• Date: Thu, 5 Apr 2007 11:25:30 -0400

---

Hi all,

I wasn't sure where to post this. Let me know if you know where exactly to
post it. I'm using DNN 2.4 and till now I wasnt encrypting my passwords but
now I want to so I just changed the value of the "Encryption Key" column in
the "HostSettings" table to RSA. But how do I modify my code such that I can
send in encrypted passwords to my SQL server. I tried an algo for RSA which
went like this -

static byte[] Encrypt (RSA rsa, byte[] input)
{
// by default this will create a 128 bits AES (Rijndael) object
SymmetricAlgorithm sa = SymmetricAlgorithm.Create ();
ICryptoTransform ct = sa.CreateEncryptor ();
byte[] encrypt = ct.TransformFinalBlock (input, 0, input.Length);

RSAPKCS1KeyExchangeFormatter fmt = new RSAPKCS1KeyExchangeFormatter
(rsa);
byte[] keyex = fmt.CreateKeyExchange (sa.Key);

// return the key exchange, the IV (public) and encrypted data
byte[] result = new byte [keyex.Length + sa.IV.Length +
encrypt.Length];
Buffer.BlockCopy (keyex, 0, result, 0, keyex.Length);
Buffer.BlockCopy (sa.IV, 0, result, keyex.Length, sa.IV.Length);
Buffer.BlockCopy (encrypt, 0, result, keyex.Length + sa.IV.Length,
encrypt.Length);
return result;
}

static byte[] Decrypt (RSA rsa, byte[] input)
{
// by default this will create a 128 bits AES (Rijndael) object
SymmetricAlgorithm sa = SymmetricAlgorithm.Create ();

byte[] keyex = new byte [rsa.KeySize >> 3];
Buffer.BlockCopy (input, 0, keyex, 0, keyex.Length);

RSAPKCS1KeyExchangeDeformatter def = new RSAPKCS1KeyExchangeDeformatter
(rsa);
byte[] key = def.DecryptKeyExchange (keyex);

byte[] iv = new byte [sa.IV.Length];
Buffer.BlockCopy (input, keyex.Length, iv, 0, iv.Length);

ICryptoTransform ct = sa.CreateDecryptor (key, iv);
byte[] decrypt = ct.TransformFinalBlock (input, keyex.Length +
iv.Length, input.Length - (keyex.Length + iv.Length));
return decrypt;
}

Please guide me regarding this. Any other 2 -way encryption also welcome..

Thanks,
Sanchita


.

---

• Prev by Date: Re: General Architecture Question
• Next by Date: Re: Integrated Windows Authentication Timeout?
• Previous by thread: Re: General Architecture Question
• Next by thread: Re: trying to figure out code permissions
• Index(es):
  • Date
  • Thread

---

Relevant Pages Dotnetnuke Password Encryption ... SymmetricAlgorithm sa = SymmetricAlgorithm.Create; ... Buffer.BlockCopy (keyex, 0, result, 0, keyex.Length); ... ICryptoTransform ct = sa.CreateDecryptor ... Any other 2 -way encryption also welcome.. ... (microsoft.public.dotnet.security) Re: Dotnetnuke Password Encryption ... RSAPKCS1KeyExchangeFormatter fmt = new RSAPKCS1KeyExchangeFormatter ... Buffer.BlockCopy (keyex, 0, result, 0, keyex.Length); ... ICryptoTransform ct = sa.CreateDecryptor ... Any other 2 -way encryption also welcome.. ... (microsoft.public.dotnet.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.framework.aspnet.security  > 2007-04