locked
[WP8.1]AES Encryption in WP RRS feed

  • Question

  • Hi

    I need to use AES to encrypt data during transferring, but it seems the WP doesn't support System.Security.Cryptography,

    Is there any other way to encrypt .

    Thanks

    Saturday, July 25, 2015 8:17 AM

Answers

  • HI William,

    >>but it seems the WP doesn't support System.Security.Cryptography

    If you are writing Windows Phone Runtime app, the Windows.Security.Cryptography.Core namespace is what you need: https://msdn.microsoft.com/en-us/library/windows/apps/xaml/windows.security.cryptography.core.aspx

    See also this document to see the sample about how to perform symmetric encryption and decryption: https://msdn.microsoft.com/en-us/library/windows/apps/xaml/windows.security.cryptography.core.cryptographicengine.aspx


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, July 27, 2015 5:42 AM
  • Hi Moderator ,

    Thanks for helping, but the samples you provided doesn't show encrypt AES with widnows.security.cryptography, can you show me an easier way to encrypt?

    Thanks

                              

    HI William,

    >>but the samples you provided doesn't show encrypt AES with widnows.security.cryptography

    It included, the link I provided show us how to implement symmetric key encryption(secret key encryption). You can use a SymmetricKeyAlgorithmProvider object to specify a symmetric algorithm and create or import a key. You can use static methods on the CryptographicEngine class to encrypt and decrypt data by using the algorithm and key.

    Here is a simple AES (Symmetric Key) Encryption sample:

    private static IBuffer GetMD5Hash(string key)
    {
        // Convert the message string to binary data.
        IBuffer buffUtf8Msg = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);
     
        // Create a HashAlgorithmProvider object.
        HashAlgorithmProvider objAlgProv = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Md5);
     
        // Hash the message.
        IBuffer buffHash = objAlgProv.HashData(buffUtf8Msg);
     
        // Verify that the hash length equals the length specified for the algorithm.
        if (buffHash.Length != objAlgProv.HashLength)
        {
            throw new Exception("There was an error creating the hash");
        }
     
        return buffHash;
    }
    
    public static string Encrypt(string toEncrypt, string key)
    {
        try
        {
            // Get the MD5 key hash (you can as well use the binary of the key string)
            var keyHash = GetMD5Hash(key);
     
            // Create a buffer that contains the encoded message to be encrypted.
            var toDecryptBuffer = CryptographicBuffer.ConvertStringToBinary(toEncrypt, BinaryStringEncoding.Utf8);
     
            // Open a symmetric algorithm provider for the specified algorithm.
            var aes = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesEcbPkcs7);
     
            // Create a symmetric key.
            var symetricKey = aes.CreateSymmetricKey(keyHash);
     
            // The input key must be securely shared between the sender of the cryptic message
            // and the recipient. The initialization vector must also be shared but does not
            // need to be shared in a secure manner. If the sender encodes a message string
            // to a buffer, the binary encoding method must also be shared with the recipient.
            var buffEncrypted = CryptographicEngine.Encrypt(symetricKey, toDecryptBuffer, null);
     
            // Convert the encrypted buffer to a string (for display).
            // We are using Base64 to convert bytes to string since you might get unmatched characters
            // in the encrypted buffer that we cannot convert to string with UTF8.
            var strEncrypted = CryptographicBuffer.EncodeToBase64String(buffEncrypted);
     
            return strEncrypted;
        }
        catch (Exception ex)
        {
            // MetroEventSource.Log.Error(ex.Message);
            return "";
        }
    }



    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, July 28, 2015 12:50 PM
  • Hi Moderator,

    Our app use both key and IV to encrypt and decrypt, but it seems your solution only accept key to encrypt, as I know the encrypt should different if the IV is different.

    Regards.


    Hi William,

    >>Our app use both key and IV to encrypt and decrypt, but it seems your solution only accept key to encrypt

    In my sample, I used CryptographicEngine.Encrypt API, the third parameter is a Buffer which contains the initialization vector.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, July 31, 2015 12:46 PM

All replies

  • Hi William,

    Symmetric key algorithm is supported in WP silverlight.

    AES Managed

    If this not works for you,then go with BouncyCastle.

    Personally, i would suggest you to use BouncyCastle.

    Regards,

    Ravindra

    Saturday, July 25, 2015 10:30 AM
  • HI William,

    >>but it seems the WP doesn't support System.Security.Cryptography

    If you are writing Windows Phone Runtime app, the Windows.Security.Cryptography.Core namespace is what you need: https://msdn.microsoft.com/en-us/library/windows/apps/xaml/windows.security.cryptography.core.aspx

    See also this document to see the sample about how to perform symmetric encryption and decryption: https://msdn.microsoft.com/en-us/library/windows/apps/xaml/windows.security.cryptography.core.cryptographicengine.aspx


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, July 27, 2015 5:42 AM
  • Hi Moderator ,

    Thanks for helping, but the samples you provided doesn't show encrypt AES with widnows.security.cryptography, can you show me an easier way to encrypt?

    Thanks

                              
    Monday, July 27, 2015 3:49 PM
  • Hi Moderator ,

    Thanks for helping, but the samples you provided doesn't show encrypt AES with widnows.security.cryptography, can you show me an easier way to encrypt?

    Thanks

                              

    HI William,

    >>but the samples you provided doesn't show encrypt AES with widnows.security.cryptography

    It included, the link I provided show us how to implement symmetric key encryption(secret key encryption). You can use a SymmetricKeyAlgorithmProvider object to specify a symmetric algorithm and create or import a key. You can use static methods on the CryptographicEngine class to encrypt and decrypt data by using the algorithm and key.

    Here is a simple AES (Symmetric Key) Encryption sample:

    private static IBuffer GetMD5Hash(string key)
    {
        // Convert the message string to binary data.
        IBuffer buffUtf8Msg = CryptographicBuffer.ConvertStringToBinary(key, BinaryStringEncoding.Utf8);
     
        // Create a HashAlgorithmProvider object.
        HashAlgorithmProvider objAlgProv = HashAlgorithmProvider.OpenAlgorithm(HashAlgorithmNames.Md5);
     
        // Hash the message.
        IBuffer buffHash = objAlgProv.HashData(buffUtf8Msg);
     
        // Verify that the hash length equals the length specified for the algorithm.
        if (buffHash.Length != objAlgProv.HashLength)
        {
            throw new Exception("There was an error creating the hash");
        }
     
        return buffHash;
    }
    
    public static string Encrypt(string toEncrypt, string key)
    {
        try
        {
            // Get the MD5 key hash (you can as well use the binary of the key string)
            var keyHash = GetMD5Hash(key);
     
            // Create a buffer that contains the encoded message to be encrypted.
            var toDecryptBuffer = CryptographicBuffer.ConvertStringToBinary(toEncrypt, BinaryStringEncoding.Utf8);
     
            // Open a symmetric algorithm provider for the specified algorithm.
            var aes = SymmetricKeyAlgorithmProvider.OpenAlgorithm(SymmetricAlgorithmNames.AesEcbPkcs7);
     
            // Create a symmetric key.
            var symetricKey = aes.CreateSymmetricKey(keyHash);
     
            // The input key must be securely shared between the sender of the cryptic message
            // and the recipient. The initialization vector must also be shared but does not
            // need to be shared in a secure manner. If the sender encodes a message string
            // to a buffer, the binary encoding method must also be shared with the recipient.
            var buffEncrypted = CryptographicEngine.Encrypt(symetricKey, toDecryptBuffer, null);
     
            // Convert the encrypted buffer to a string (for display).
            // We are using Base64 to convert bytes to string since you might get unmatched characters
            // in the encrypted buffer that we cannot convert to string with UTF8.
            var strEncrypted = CryptographicBuffer.EncodeToBase64String(buffEncrypted);
     
            return strEncrypted;
        }
        catch (Exception ex)
        {
            // MetroEventSource.Log.Error(ex.Message);
            return "";
        }
    }



    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Tuesday, July 28, 2015 12:50 PM
  • Hi Moderator,

    Our app use both key and IV to encrypt and decrypt, but it seems your solution only accept key to encrypt, as I know the encrypt should different if the IV is different.

    Regards.

    Friday, July 31, 2015 9:21 AM
  • Hi Moderator,

    Our app use both key and IV to encrypt and decrypt, but it seems your solution only accept key to encrypt, as I know the encrypt should different if the IV is different.

    Regards.


    Hi William,

    >>Our app use both key and IV to encrypt and decrypt, but it seems your solution only accept key to encrypt

    In my sample, I used CryptographicEngine.Encrypt API, the third parameter is a Buffer which contains the initialization vector.


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Friday, July 31, 2015 12:46 PM