2

i know there are 1million questions about "string - byte array" conversion out there but none of them fit my problem.

For the installation of my software i need to save some informations from the user (serveraddress, userID, password and so on). Some of these informations need do be protected (encrypted using DPAPI). For that i have to convert the string (SecureString) to byte[] 

public static byte[] StringToByte(string s)
{
    return Convert.FromBase64String(s);
}

where i get my first problem. If the strings lenght is a not a multiple of 4 (s.lenght % 4 == 0) i get a "Invalid length for a Base-64 char array" error. I've read that i can (have to) add "=" to the end of the string but some of these strings may be passwords (which may contain "="). I need to store the (encrypted) data in a XML-file why i can't use Unicode encoding (i don't know why but it corrupts the XML file ... because of encoding i would suppose).

As last step i have to go back the way to get the stored data on app startup.

Does someone of you can help me solving this problem ? I don't care the output in the XML as long as it is "readable".

best regards Alex

Improve this question

1 Answer 1

Reset to default
7

where i get my first problem. If the strings lenght is a not a multiple of 4 (s.lenght % 4 == 0) i get a "Invalid length for a Base-64 char array" error.

That suggests that it's not base64 to start with. It sounds like you're going in the wrong direction here - base64 is used to convert binary data into text. To convert text into a binary form, you should normally just use Encoding.GetBytes:

return Encoding.UTF8.GetBytes(text);

Now if you needed to encode the result of the encryption (which will be binary data) as text, then you'd use base64. (Because the result of encrypting UTF-8-encoded text is not UTF-8-encoded text.)

So something like:

public static string EncryptText(string input)
{
    byte[] unencryptedBytes = Encoding.UTF8.GetBytes(input);
    byte[] encryptedBytes = EncryptBytes(unencryptedBytes); // Not shown here
    return Convert.ToBase64String(encryptedBytes);
}

public static string DecryptText(string input)
{
    byte[] encryptedBytes = Convert.FromBase64String(input);
    byte[] unencryptedBytes = DecryptBytes(encryptedBytes); // Not shown here
    return Encoding.UTF8.GetString(unencryptedBytes);
}
Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

sorry to bother you jon but i have a pending question related to an old post of yours where you said(and since then i have taken that as a rule),that the saffest way to convert textual data to and from byte[] is using base64,you meant in all scenarios or just some? sorry again.
public static string ByteToString(byte[] bytes) { return Convert.ToBase64String(bytes); } public static byte[] StringToByte(string s) { return Encoding.UTF8.GetBytes(s); } tried this, but if i use it string s = ByteToString(StringToByte("test")); the result is "dGVzdA==" which is obviously not "test"
@Alex: Well yes, because now you're still converting from bytes to a string with Convert.ToBase64String! Use Encoding.GetString to reverse the operation of Encoding.GetBytes.
@terrybozzio: No - if you're starting with arbitrary binary data, you use Base64 to get to text, and you can get back to the same binary data that way. If you're starting with text data, use a normal encoding such as UTF-8.
@Alex: Do you understand why you should use a different encoding in the two different cases? If not, it's worth thinking about it further. It's basically a matter of determining the encoding based on the type of the original data.
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.