Currently we have Desktop application in which we have login screen for Authentication. We are using username and password for authentication, Although we have encrypted the pass with RijndaelManaged class with SALT key.
Code is mentioned below :
public String Encrypt(String plainText, String key)
{
var plainBytes = Encoding.UTF8.GetBytes(plainText);
return Convert.ToBase64String(Encrypt(plainBytes, GetRijndaelManaged(key)));
}
public byte[] Encrypt(byte[] plainBytes, RijndaelManaged rijndaelManaged)
{
return rijndaelManaged.CreateEncryptor()
.TransformFinalBlock(plainBytes, 0, plainBytes.Length);
}
public RijndaelManaged GetRijndaelManaged(String secretKey)
{
var keyBytes = new byte[16];
var secretKeyBytes = Encoding.UTF8.GetBytes(secretKey);
Array.Copy(secretKeyBytes, keyBytes, Math.Min(keyBytes.Length, secretKeyBytes.Length));
return new RijndaelManaged
{
Mode = CipherMode.CBC,
Padding = PaddingMode.PKCS7,
KeySize = 128,
BlockSize = 128,
Key = keyBytes,
IV = keyBytes
};
}
While debugging this code, i understood that it is parallelly writing my credentials in System;s memory dump which we can access it through Task manager -> right click on process -> create dump file.
We although have solution to get new encryption algorithms involved. But currently we could not able to do that. Hence Please suggest how we can fix this issue? i do have tried similar code of RijndaelManaged with using statements for Cryptostream and Memorystream but it is giving me the same result. Although what i found is this code snippet impacting the same.
Please suggest. Thanks, Abhishek Nene
