1,269 questions
You can refer to https://learn.microsoft.com/en-us/windows/win32/seccng/encrypting-data-with-cng
How to do encrypt and decrypt data using Cryptography API Next Generation (CNG) in C#?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 49%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EP%3C/text%3E%3C/svg%3E)
Prabs
1
Reputation point
Hi Team,
How to implement encrypt and decrypt mechanism using CNG ( Cryptography API Next Generation) in C#.Net?
below link about CNG:
https://learn.microsoft.com/en-us/windows/win32/seccng/about-cng
Please help me on this.
Regards,
Prabhakaran
Developer technologies .NET .NET Runtime
Developer technologies C#
11,567 questions
4 answers
Sort by: Most helpful
-
Zhiliang Xu 1 Reputation point Microsoft Employee2021-11-12T03:04:37+00:00 -
Prabs 1 Reputation point
2021-11-12T03:26:13.793+00:00 Hi Zhiliaxu,
Can CNG supports C#? As per your link, the code is handled by C++ code.
I want to use CNG in C#.Net application.
Is it possible?
Sign in to comment -
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(153.6, 89%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJL%3C/text%3E%3C/svg%3E)
Jiachen Li-MSFT 34,221 Reputation points Microsoft External Staff2021-11-12T08:44:17.587+00:00 Hi @Prabs ,
How to implement encrypt and decrypt mechanism using CNG ( Cryptography API Next Generation) in C#.Net?
You can refer to the following two documents.
https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aescng provides a CNG implementation of the Aes algorithm(SymmetricAlgorithm).
https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.rsacng provides a CNG implementation of the RSA algorithm(AsymmetricAlgorithm).
Hope the documents could be helpful.
Best Regards.
Jiachen Li----------
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.-
Prabs 1 Reputation point
2021-11-18T11:49:27.863+00:00 Hi,
Thanks for your help.
There is no complete code available for encryption and decryption in that links.https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aescng.createencryptor?view=net-6.0
https://learn.microsoft.com/en-us/dotnet/api/system.security.cryptography.aescng.createdecryptor?view=net-6.0Please send me the complete C# code for AesCng
Regards,
Prabs
Sign in to comment -
-
Jiachen Li-MSFT 34,221 Reputation points Microsoft External Staff
2021-11-19T06:21:24+00:00 Hi @Prabs ,
Here is a test example of AesCng https://github.com/er0dr1guez/corefx/blob/master/src/System.Security.Cryptography.Cng/tests/InvasiveCngTests.cs.
And here is an implementation case of AesCng encryption and decryption which you can refer to.private String Encrypt_String_By_AesCng_Engine02(String PlainText, String Password, String Salt = "Kosher", String HashAlgorithm = "SHA1", int PasswordIterations = 2, String InitialVector = "OFRna73m*aze01xY", int KeySize = 256) { if (String.IsNullOrEmpty(PlainText)) return ""; byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector); byte[] SaltValueBytes = Encoding.ASCII.GetBytes(Salt); byte[] PlainTextBytes = Encoding.UTF8.GetBytes(PlainText); PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(Password, SaltValueBytes, HashAlgorithm, PasswordIterations); SHA256Managed sHA256Managed = new SHA256Managed(); byte[] KeyBytes = sHA256Managed.ComputeHash(Encoding.Unicode.GetBytes(Password)); AesCng SymmetricKey = new AesCng(); SymmetricKey.Mode = CipherMode.CBC; byte[] CipherTextBytes; using (ICryptoTransform Encryptor = SymmetricKey.CreateEncryptor(KeyBytes, InitialVectorBytes)) { using (MemoryStream MemStream = new MemoryStream()) { using (CryptoStream CryptoStream = new CryptoStream(MemStream, Encryptor, CryptoStreamMode.Write)) { CryptoStream.Write(PlainTextBytes, 0, PlainTextBytes.Length); CryptoStream.FlushFinalBlock(); CipherTextBytes = MemStream.ToArray(); MemStream.Close(); CryptoStream.Close(); } } } SymmetricKey.Clear(); return Convert.ToBase64String(CipherTextBytes); } private String Decrypt_String_By_AesCng_Engine02(String CipherText, String Password, String Salt = "Kosher", String HashAlgorithm = "SHA1", int PasswordIterations = 2, String InitialVector = "OFRna73m*aze01xY", int KeySize = 256) { if (String.IsNullOrEmpty(CipherText))return ""; byte[] InitialVectorBytes = Encoding.ASCII.GetBytes(InitialVector); byte[] SaltValueBytes = Encoding.ASCII.GetBytes(Salt); byte[] CipherTextBytes = Convert.FromBase64String(CipherText); PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(Password, SaltValueBytes, HashAlgorithm, PasswordIterations); SHA256Managed sHA256Managed = new SHA256Managed(); byte[] KeyBytes = sHA256Managed.ComputeHash(Encoding.Unicode.GetBytes(Password)); AesCng SymmetricKey = new AesCng(); SymmetricKey.Mode = CipherMode.CBC; byte[] PlainTextBytes = new byte[CipherTextBytes.Length - 1]; int ByteCount = 0; using (ICryptoTransform Decryptor = SymmetricKey.CreateEncryptor(KeyBytes, InitialVectorBytes)) { using (MemoryStream MemStream = new MemoryStream(CipherTextBytes)) { using (CryptoStream CryptoStream = new CryptoStream(MemStream, Decryptor, CryptoStreamMode.Read)) { ByteCount = CryptoStream.Read(PlainTextBytes, 0, PlainTextBytes.Length); MemStream.Close(); CryptoStream.Close(); } } } SymmetricKey.Clear(); return Encoding.UTF8.GetString(PlainTextBytes, 0, ByteCount); }Hope the code above colud be helpful.
Best Regards.
Jiachen Li----------
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.-
Prabs 1 Reputation point
2021-11-22T08:15:45.183+00:00 Hi,
Thanks for your help.
What is the password parameter value need to pass in these methods?
I need to pass cipher text only but it is mentioned password parameter also.
Can you help me on this? -
Jiachen Li-MSFT 34,221 Reputation points Microsoft External Staff
2021-11-22T09:07:28.197+00:00 Hi @Prabs ,
In the example code, it derives a key from the Password, SaltValueBytes, HashAlgorithm, PasswordIterations but finally create KeyBytes from Password only.
You can create your own key and remove unnecessary parts of the example code. -
Prabs 1 Reputation point
2021-11-22T09:36:22.817+00:00 I tried as per your suggestion.
But i don't get decrypted message properly.
Please find the snapshots below,
Sign in to comment -
-
Jiachen Li-MSFT 34,221 Reputation points Microsoft External Staff
2021-11-23T09:17:42.577+00:00 Hi @Prabs ,
I made some simplifications and modifications on the previous example, and it can now run correctly.
You can refer to the following code.public string Encrypt(string PlainText, String Salt = "Kosher", String InitialVector = "OFRna73m*aze01xY") { if (string.IsNullOrEmpty(PlainText)) { return string.Empty; } SHA256Managed sHA256Managed = new SHA256Managed(); byte[] key = sHA256Managed.ComputeHash(Encoding.ASCII.GetBytes(Salt)); byte[] iv = Encoding.ASCII.GetBytes(InitialVector); using (var SymmetricKey = new AesCng() { Key = key, IV = iv, KeySize = 256, BlockSize = 128, Mode = CipherMode.CBC, }) { using (var transform = SymmetricKey.CreateEncryptor(key, iv)) { var inputBytes = Encoding.UTF8.GetBytes(PlainText); var encryptedBytes = transform.TransformFinalBlock(inputBytes, 0, inputBytes.Length); return Convert.ToBase64String(encryptedBytes); } } } public string Decrypt(string CipherText, String Salt = "Kosher", String InitialVector = "OFRna73m*aze01xY") { if (string.IsNullOrEmpty(CipherText)) { return string.Empty; } SHA256Managed sHA256Managed = new SHA256Managed(); byte[] key = sHA256Managed.ComputeHash(Encoding.ASCII.GetBytes(Salt)); byte[] iv = Encoding.ASCII.GetBytes(InitialVector); using (var SymmetricKey = new AesCng() { Key = key, IV = iv, KeySize = 256, BlockSize = 128, Mode = CipherMode.CBC, }) { using (var transform = SymmetricKey.CreateDecryptor(key, iv)) { var inputBytes = Convert.FromBase64String(CipherText); var PlainTextBytes = transform.TransformFinalBlock(inputBytes, 0, inputBytes.Length); return Encoding.UTF8.GetString(PlainTextBytes); } } }Hope the code above colud be helpful.
Best Regards.
Jiachen Li----------
If the answer is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.-
Prabs 1 Reputation point
2021-11-25T04:37:47.583+00:00 Thanks for your help..it is working now..
I have one more doubt, In below algorithms, Which is the best AES more secure encryption algorithms?RijndaelManaged
AesCng
AesManagedRegards,
Prabhakaran -
Jiachen Li-MSFT 34,221 Reputation points Microsoft External Staff
2021-11-25T05:50:39.69+00:00 Hi @Prabs ,
According to AesManaged Class, the AES algorithm is essentially the Rijndael symmetric algorithm with a fixed block size and iteration count.
This class functions the same way as the RijndaelManaged class but limits blocks to 128 bits and does not allow feedback modes.And since derived cryptographic types are obsolete. Please use the Create method on the base type instead.
AesCng should be used if, and only if, opening a CNG persisted AES key. Otherwise Aes.Create() should be used.
-
Jiachen Li-MSFT 34,221 Reputation points Microsoft External Staff
2021-12-08T08:10:40.143+00:00 Hi @Prabs ,
May I know whether your issue has been solved or not?
If it is solved, please accept the answer so that other users can easily find the solution to similar problems.
Thank you for your cooperation.
Sign in to comment -