From 4032a426840d664a439e249666014006c57f6818 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Sep 2025 19:05:26 +0000 Subject: [PATCH 1/3] Initial plan From 49b885fbbba154674a74f430f0a9352f63c5ea17 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Sep 2025 19:16:49 +0000 Subject: [PATCH 2/3] Update obsolete cryptography APIs to use modern .NET 6+ equivalents Co-authored-by: BillWagner <493969+BillWagner@users.noreply.github.com> --- ...rough-encrypting-and-decrypting-strings.md | 28 +++++++++---------- .../VbVbalrStrings/VB/Class3.vb | 26 ++++++++++------- 2 files changed, 30 insertions(+), 24 deletions(-) diff --git a/docs/visual-basic/programming-guide/language-features/strings/walkthrough-encrypting-and-decrypting-strings.md b/docs/visual-basic/programming-guide/language-features/strings/walkthrough-encrypting-and-decrypting-strings.md index 5e517b340406b..ff39a40dfee8b 100644 --- a/docs/visual-basic/programming-guide/language-features/strings/walkthrough-encrypting-and-decrypting-strings.md +++ b/docs/visual-basic/programming-guide/language-features/strings/walkthrough-encrypting-and-decrypting-strings.md @@ -11,7 +11,7 @@ ms.assetid: 1f51e40a-2f88-43e2-a83e-28a0b5c0d6fd --- # Walkthrough: Encrypting and Decrypting Strings in Visual Basic -This walkthrough shows you how to use the class to encrypt and decrypt strings using the cryptographic service provider (CSP) version of the Triple Data Encryption Standard () algorithm. The first step is to create a simple wrapper class that encapsulates the 3DES algorithm and stores the encrypted data as a base-64 encoded string. Then, that wrapper is used to securely store private user data in a publicly accessible text file. +This walkthrough shows you how to use the class to encrypt and decrypt strings using the Triple Data Encryption Standard (3DES) algorithm. The first step is to create a simple wrapper class that encapsulates the 3DES algorithm and stores the encrypted data as a base-64 encoded string. Then, that wrapper is used to securely store private user data in a publicly accessible text file. You can use encryption to protect user secrets (for example, passwords) and to make credentials unreadable by unauthorized users. This can protect an authorized user's identity from being stolen, which protects the user's assets and provides non-repudiation. Encryption can also protect a user's data from being accessed by unauthorized users. @@ -21,28 +21,28 @@ This walkthrough shows you how to use the The Rijndael (now referred to as Advanced Encryption Standard [AES]) and Triple Data Encryption Standard (3DES) algorithms provide greater security than DES because they are more computationally intensive. For more information, see and . ### To create the encryption wrapper - + 1. Create the `Simple3Des` class to encapsulate the encryption and decryption methods. - + [!code-vb[VbVbalrStrings#38](~/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb#38)] - + 2. Add an import of the cryptography namespace to the start of the file that contains the `Simple3Des` class. - + [!code-vb[VbVbalrStrings#77](~/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb#77)] - + 3. In the `Simple3Des` class, add a private field to store the 3DES cryptographic service provider. - + [!code-vb[VbVbalrStrings#39](~/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb#39)] - + 4. Add a private method that creates a byte array of a specified length from the hash of the specified key. - + [!code-vb[VbVbalrStrings#41](~/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb#41)] - -5. Add a constructor to initialize the 3DES cryptographic service provider. - + +5. Add a constructor to initialize the 3DES cryptographic algorithm. + The `key` parameter controls the `EncryptData` and `DecryptData` methods. - - [!code-vb[VbVbalrStrings#40](~/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb#40)] + + [!code-vb[VbVbalrStrings#40](~/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb#40)] 6. Add a public method that encrypts a string. diff --git a/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb b/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb index a0b33a576478e..f6640a8ffb6ea 100644 --- a/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb +++ b/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb @@ -63,8 +63,10 @@ Class Class1f51e40a2f8843e2a83e28a0b5c0d6fd End Class Public NotInheritable Class Simple3Des + Implements IDisposable + ' - Private TripleDes As New TripleDESCryptoServiceProvider + Private TripleDes As TripleDES = TripleDES.Create() ' ' @@ -80,16 +82,16 @@ Class Class1f51e40a2f8843e2a83e28a0b5c0d6fd ByVal key As String, ByVal length As Integer) As Byte() - Dim sha1 As New SHA1CryptoServiceProvider - - ' Hash the key. - Dim keyBytes() As Byte = - System.Text.Encoding.Unicode.GetBytes(key) - Dim hash() As Byte = sha1.ComputeHash(keyBytes) + Using sha1 As SHA1 = SHA1.Create() + ' Hash the key. + Dim keyBytes() As Byte = + System.Text.Encoding.Unicode.GetBytes(key) + Dim hash() As Byte = sha1.ComputeHash(keyBytes) - ' Truncate or pad the hash. - ReDim Preserve hash(length - 1) - Return hash + ' Truncate or pad the hash. + ReDim Preserve hash(length - 1) + Return hash + End Using End Function ' @@ -140,5 +142,9 @@ Class Class1f51e40a2f8843e2a83e28a0b5c0d6fd End Function ' + Public Sub Dispose() Implements IDisposable.Dispose + TripleDes?.Dispose() + End Sub + End Class End Class \ No newline at end of file From deada2b567f210e7d36b7d5d33bb363d7858b35a Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Thu, 11 Sep 2025 22:07:17 +0000 Subject: [PATCH 3/3] Update from SHA-1 to SHA-256 for improved security Co-authored-by: BillWagner <493969+BillWagner@users.noreply.github.com> --- .../VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb b/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb index f6640a8ffb6ea..8ef28c7e4e365 100644 --- a/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb +++ b/samples/snippets/visualbasic/VS_Snippets_VBCSharp/VbVbalrStrings/VB/Class3.vb @@ -82,11 +82,11 @@ Class Class1f51e40a2f8843e2a83e28a0b5c0d6fd ByVal key As String, ByVal length As Integer) As Byte() - Using sha1 As SHA1 = SHA1.Create() + Using sha256 As SHA256 = SHA256.Create() ' Hash the key. Dim keyBytes() As Byte = System.Text.Encoding.Unicode.GetBytes(key) - Dim hash() As Byte = sha1.ComputeHash(keyBytes) + Dim hash() As Byte = sha256.ComputeHash(keyBytes) ' Truncate or pad the hash. ReDim Preserve hash(length - 1)