0

I have a small inhouse app (and any advice on other methods is appreciated as well) where I utilize 2 token strings that I'd like to encrypt with aes. While this is a super small app and I don't think there's a huge risk on my local, I'd still like to encrypt them with something. My thought was that I'd: have a file on my local with the iv/key string that I could read into my app upon running, it'd decrypt the token which is stored in the db and I could use it, and when I have to overwrite the token value I'd create a new aes/triple dev iv/key pair. the iv/key pair lives in a file (or the config of the app) and then the new encrypted token goes to my db.

The problem I'm having (i'm new to encryption) is that all of the tutorials show something like the following:

            Aes aes = Aes.Create();
        byte[] iv = aes.IV;
        byte[] key = aes.Key;

However I'm looking to store the string value, and then when the app runs next and I pull the iv/key pair in I convert it back to byte[] to do the app work.

I tried:

string ivStr = Encoding.Default.GetString(iv);

However when I tried to convert it back to a byte[] and then pass it back through to the decryption tool it would just fail and told me the length of the array was incorrect.

Any advice on this would be appreciated.

user3494110
  • 417
  • 2
  • 9
  • 25
  • 1
    Keys IV's are binary and usually randomized. If you want to store them in a string you can base 64 encode them, but please note that 1) files are binary as well and 2) that it is hard to remove strings from memory. You probably don't need any encoding. IV's are usually stored with the ciphertext, as they are used to create unique IV/key combinations. Storing them together with the key doesn't make any sense. – Maarten Bodewes Sep 29 '22 at 22:44
  • 1
    If all you are asking is "how to convert a byte array to a string (and vice-versa)", look at https://stackoverflow.com/questions/311165/how-do-you-convert-a-byte-array-to-a-hexadecimal-string-and-vice-versa – Flydog57 Sep 29 '22 at 22:46
  • Maarten did an good commend and I think your security architechture needs an improvment. Try to first learn, then to implement not otherwise – Nobody Sep 29 '22 at 23:38
  • @MaartenBodewes Thank you for the info. I'll do more research as I'm still just digging into this encryption, but all I'm trying to do is store a key in a file which is in a secure location so I can go read the key, and decrypt the token I encrypted with said key. So it's really just the storing the key from the aes.create() method which I'm trying to understand. – user3494110 Sep 30 '22 at 01:00

0 Answers0