Over a million developers have joined DZone.
{{announcement.body}}
{{announcement.title}}

Working with Encrypting Data for Security in Windows Phone

DZone's Guide to

Working with Encrypting Data for Security in Windows Phone

Free Resource

Get gorgeous, multi-touch charts for your iOS application with just a few lines of code.

In this article we are going to see how to encrypt data and use it in Windows Phone 7 application development. Security is mainly a concern for developing mobile applications since the misuse of data like Passwords, connection strings, etc. are highly possible which we need to take care of by encrypting and decrypting where ever possible. In Windows Phone 7 we have a Data Protection API which can be used to encrypt the data. Storing the confidential data within the Application Isolated Storage or encrypting using the local keys is not highly secure since the keys that are required to decrypt the data will reside on the device itself. The Data Protection API solves this problem of explicitly generating and storing the key. The ProtectData class is used to access the Data Protection APIs that can be used with the built-in methods which we are going to see in this article.

The Data Protection API uses the Protect Method and UnProtect Method which are used for encrypting and decrypting the data as and when required while using the dynamic key generations as and when called. Let us see the step-by-step process on how to use these methods to encrypt the data and decrypt it in this article.

Steps:

Open Visual Studio 2010 IDE in administrator mode and create a new Silverlight for Windows Phone 7 application with a valid project name as shown in the screen below.

2012-02-28 23h06_21

Now let's design the application to get the inputs from the user to encrypt the data and store the pin in the isolated storage using the Protectdata method. Once we add the controls to the page we can see the screen as shown below.

2012-02-28 23h18_17

Let's start with our code behind to add the core logic to encrypt the data, to do that we need to import some namespaces which are not available initially. Copy and paste the 4 namespaces to the code behind as shown below.

Code Behind:

using System.IO;
using System.IO.IsolatedStorage;
using System.Text;
using System.Security.Cryptography;

Once we add the using statement, we need to add the code below to encrypt the data which the user inputs as shown in the screen below. In this code we are going to encrypt the pin to the byte array using the protect method.

2012-02-28 23h30_39

Code Behind:

private void button1_Click(object sender, RoutedEventArgs e)
 {
 byte[] PinByte = Encoding.UTF8.GetBytes(textBlock1.Text);
 byte[] ProtectedPinByte = ProtectedData.Protect(PinByte, null);
 this.Writedata(ProtectedPinByte);
 textBlock1.Text = "";
 MessageBox.Show("Encrypted the Pin!!!");
 }

private void Writedata(byte[] pinData)
 {
 IsolatedStorageFile ISfile = IsolatedStorageFile.GetUserStoreForApplication();
 IsolatedStorageFileStream swIS = new IsolatedStorageFileStream(strFilePath, System.IO.FileMode.Create, System.IO.FileAccess.Write, ISfile);

Stream writer = new StreamWriter(swIS).BaseStream;
 writer.Write(pinData, 0, pinData.Length);
 writer.Close();
 swIS.Close();
 }

Now we are done with the code to encrypt the data, we use the Writedata private method to store the data to the Isolated Storage by using the Isolated Stream Class. Once the pin is encrypted we have provided a message box to indicate to the user that the data is encrypted correctly. Now let us decrypt the data on the second button click event. Decrypting the data will be done using the UnProtect method which reads the data from the isolated storage medium on the path which we specified and decrypts the pin and get the data as shown in the screen below.

2012-02-28 23h37_19

Code Behind:

private void button2_Click(object sender, RoutedEventArgs e)
 {
 byte[] ProtectedPinByte = this.ReadPinFromFile();
 byte[] PinByte = ProtectedData.Unprotect(ProtectedPinByte, null);
 textBlock1.Text = Encoding.UTF8.GetString(PinByte, 0, PinByte.Length);

}

private byte[] ReadPinFromFile()
 {
 IsolatedStorageFile ISfile = IsolatedStorageFile.GetUserStoreForApplication();
 IsolatedStorageFileStream rsIS = new IsolatedStorageFileStream(strFilePath, System.IO.FileMode.Open, FileAccess.Read, ISfile);

Stream reader = new StreamReader(rsIS).BaseStream;
 byte[] pinArray = new byte[reader.Length];

reader.Read(pinArray, 0, pinArray.Length);
 reader.Close();
 rsIS.Close();

return pinArray;
 }

Now we are done with our coding part. To check the encryption and decryption, run the application by pressing F5 on the keyboard and we can see the application loads on to the Windows Phone 7 Emulator. Input the sample data and we can see the encryption and decryption happening as shown in the screens below.

Output Screens:

image

Conclusion:

So in this article we have seen the most interesting topic on how to encrypt and decrypt data using the available API’s which can be used to encrypt the sensitive data as and when required with the application development.

Thanks for reading my article. If you like my posts and if you are interested in getting the latest updates on new articles, kindly follow me through one of the options at the top of the page.

.Net developers: use Highcharts, the industry's leading interactive charting library, without writing a single line of JavaScript.

Topics:

Published at DZone with permission of Karthikeyan Anbarasan, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

THE DZONE NEWSLETTER

Dev Resources & Solutions Straight to Your Inbox

Thanks for subscribing!

Awesome! Check your inbox to verify your email so you can start receiving the latest in tech news and resources.

X

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}