Hi all

I have a very specific question. Recently I've created a class that performs
a basic encryption on strings passed to it. The encrypted data is returned as
a string and then passed over the network via a WebService. The encryption is
done trough a basic use of Memorystream, CyptoStream and an encryption class
(I'm using RijndaelManaged right now, but any other method would be good
too). After a few errors and trials I've discovered that the only way any
encryption method works (both for encrypting an decrypting) is by
transferring the string into byte data (and recovering it from byte data)
using the System.Text.Encoding.Unicode methods. Trying to do the same thing
with ASCII, UTF-7 or UTF-8 only results in the encryption methods throwing
all sorts of different exceptions (Incorrect data, Invalid data length, PKSC7
padding is invalid, .... and so on).

This is all good (I've managed to make the encryption work in both ways),
but here is my problem: sometimes (depending on wich string is encrypted and
with what key) the generated cipherstring causes problems when passing it
over a network. More specific: I get errors about the XML not being in the
correct format and so on.

My question: is there any way of making the encryption methods work using
ASCII, UTF-7 or UTF-8?
OR
Is there any way of passing Unicode text over a Webservice (thus via SOAP en
XML) without generating errors?

For your information, here's the code of the encryption class I've created:

using System;
using System.IO;
using System.Security.Cryptography;


namespace EncryptionTest
{
    /// <summary>
    /// A class that uses the Rijndael encryption method to encrypt or decrypt
small strings.
    /// </summary>
    public class RijndaelCrypt
    {
        private RijndaelManaged rdm;

        public RijndaelCrypt()
        {
            rdm = new  RijndaelManaged();
            rdm.Padding = PaddingMode.PKCS7;
        }

        public string EncryptString(string encryptString, string key)
        {
            try
            {
                byte[] byteKey = CreateKey(key);
                byte[] byteIV = CreateIV(key);
                byte[] byteEncryptString =
System.Text.Encoding.Unicode.GetBytes(encryptString);
                MemoryStream ms = new MemoryStream();
                CryptoStream cs = new CryptoStream(ms, rdm.CreateEncryptor(byteKey,
byteIV), CryptoStreamMode.Write);
                cs.Write(byteEncryptString, 0, byteEncryptString.Length);
                cs.Close();
                byte[] byteEncryptedString = ms.ToArray();
                ms.Close();
                string encryptedString =
System.Text.Encoding.Unicode.GetString(byteEncryptedString);
                return encryptedString;
            }
            catch(Exception e)
            {
//                Popup pp = new Popup();
//                pp.Message = e.Message + "\n" + e.StackTrace;
//                pp.Show();
                System.Windows.Forms.MessageBox.Show(e.Message + "\n" + e.StackTrace);
            }
            return "";
        }

        public string DecryptString(string decryptString, string key)
        {
            try
            {

                byte[] byteKey = CreateKey(key);
                byte[] byteIV = CreateIV(key);
                byte[] byteDecryptString =
System.Text.Encoding.Unicode.GetBytes(decryptString);
                MemoryStream ms = new MemoryStream();
                CryptoStream cs = new CryptoStream(ms, rdm.CreateDecryptor(byteKey,
byteIV), CryptoStreamMode.Write);
                cs.Write(byteDecryptString, 0, byteDecryptString.Length);
                cs.Close();
                byte[] byteDecryptedString = ms.ToArray();
                ms.Close();
                string decryptedString =
System.Text.Encoding.Unicode.GetString(byteDecryptedString);
                return decryptedString;
            }
            catch(Exception e)
            {
                Popup pp = new Popup();
                //                pp.Message = e.Message + "\n" + e.StackTrace;
                //                pp.Show();
                System.Windows.Forms.MessageBox.Show(e.Message + "\n" + e.StackTrace);
            }
            return "";
        }

        private byte[] CreateKey(string key)
        {
            byte[] byteKey ;
            byte[] byteSalt = System.Text.Encoding.Unicode.GetBytes("salt");
            PasswordDeriveBytes pdb = new PasswordDeriveBytes(key,byteSalt);
            byteKey = pdb.GetBytes(32);
            return byteKey;
        }

        private byte[] CreateIV(string IV)
        {
            byte[] byteKey ;
            byte[] byteSalt = System.Text.Encoding.Unicode.GetBytes("salt");
            PasswordDeriveBytes pdb = new PasswordDeriveBytes(IV,byteSalt);
            byteKey = pdb.GetBytes(16);
            return byteKey;
        }
    }
}

Bmxpert wrote:
Show quoteHide quoteConvert.ToBase64String() and Convert.FromBase64String() may be your
friends...

You can use the Convert.ToBase64String method to serialize the bytes, and
the Convert.FromBase64String method to deserialize them.

Show quoteHide quote

I've tried this at home .NET2.0 and it seems to give me a string that will
not cause network problems (no chinese characters or unrepresentable
squares). I'll try this tomorrow at work (VS 2003) to see if it works. I'm
guessing it will.

Thank you very much for your quick and usefull responses...
Bye

Show quoteHide quote

Delegation fails over remoting if user is logged in for too long
Double Trouble - bug in double?
LicenseProvider.GetLicense() UsageMode
Can't serialize a simple string when using the FileOpenDialog
StreamReader.StreamReader(String, bool) bug - no BOM detection