Re: a problem with encryption
From: Jon Skeet [C# MVP] (skeet_at_pobox.com)
Date: 08/11/04
- Next message: Kevin Yu [MSFT]: "Re: Event monitoring in a running application"
- Previous message: David Herman .:MVP:.: "Re: WUAPILib"
- In reply to: Tonci Jukic: "Re: a problem with encryption"
- Messages sorted by: [ date ] [ thread ]
Date: Wed, 11 Aug 2004 10:16:14 +0100
Tonci Jukic <nytrogen@email.htnet.hr> wrote:
> > roundtrip =
> > textConverter.GetString(fromEncrypt).TrimEnd(Convert.ToChar(0));
> >
> > That way I always get the original data I've encrypted.
>
> >That's a bad way of doing things. Just use the return value of Read to
> find out how much real data you've got, and use the form of GetString
> that lets you specify how much to decode.
>
> Well. I really don't know a way to know how long the string I send to
> the server app can be. As you could see in the code, I send key, IV and
> encrypted data in a byte array trough network stream. I really don't
> know how to send the length of the string I encrypted to the server by
> which the server would know how much to decrypt.
> The only way I could think of was to trim encrypted byte array at the
> very start before sending data trough network.
You don't need to trim anything. Just take note of how much decrypted
data you're actually receiving. From your original sample, all you've
got to change is:
csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the byte array back into a string.
roundtrip = textConverter.GetString(fromEncrypt);
to
int bytesRead = csDecrypt.Read(fromEncrypt, 0, fromEncrypt.Length);
//Convert the byte array back into a string.
roundtrip = textConverter.GetString(fromEncrypt, 0, bytesRead);
(It doesn't deal with the situation where there's more data to read
than you expect, or a single call to Read doesn't return all the data.)
> >Yes. That's much more robust - relying on a single call to Read as you
> are at the moment is a very bad idea.
>
> How could I possible use multiple read calls? What would it give to me?
It would mean that if you send more data than the decrypting code wants
to decrypt in one call, your code would still work.
> >That's not your actual code, is it? Byte arrays don't have a DeCrypt
> method. Please always post your *actual* code.
>
> Well. We've got a slight problem here:)
>
> I tried to cut\paste and edit my code here. I've translated variables
> into english as I thought it would be easier for you to understand the
> code.
>
> Too bad attachments are not possible here, but here is almost the
> complete code I've been using.
>
> (I'm totally green in C# and .NET (although I've been using C++ till
> now) so please don't laugh at my code. I woul appreciate any comments
> and suggestions about it.)
>
> http://www.dg.disorange.com/download/code.zip
Ah. The problem is that you changed variable names half way through -
you wrote (in your previous message) encrypted.DeCrypt() instead of
dekripted.DeCrypt(). It's always worth trying to compile the code
you're about to post. It's also worth posting short and complete code -
see http://www.pobox.com/~skeet/csharp/complete.html
-- Jon Skeet - <skeet@pobox.com> http://www.pobox.com/~skeet If replying to the group, please do not mail me too
- Next message: Kevin Yu [MSFT]: "Re: Event monitoring in a running application"
- Previous message: David Herman .:MVP:.: "Re: WUAPILib"
- In reply to: Tonci Jukic: "Re: a problem with encryption"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
