Converting Mike Shaffer's VBScript RC4 Encryption Code to C#By Chris Scott
A while ago, Mike Shaffer posted an excellent article regarding using classic ASP to perform RC4 encryption: RC4 Encryption Using ASP & VBScript. This code overcame one of VBScript/ASP's shortcomings: there are no built in cryptography functions. Using Mike's code, you could take a string of text and encrypt it using the RC4 algorithm. From there, the output was usually URL encoded to make it easy to transmit over the Web, store in a database, etc.
I have used Mike's code in a number of situations when designing classic ASP Web sites. Recently, however, I have been creating ASP.NET Web sites and needed to convert Mike's code from VBScript to an ASP.NET-compatible language, such as VB.NET or C#. I decided to take on this task in C# since that is what I am using for all my Web apps but it could have easily (probably more easily) been done in VB.NET. In the next sections, I'll compare the original VBScript code to the new C# code. Also, I'll explain some of the hurdles I encountered when converting the code. If you haven't already, take a look at Mike's article to get a good idea of what the code does and how it works. (Also, it may help to periodically refer to the complete source code when working through this article!)
In my conversion I attempted to keep the code as similar as possible to the original code to make a comparison easier. Very little stylistic changes were made...
|Some Helpful Links|
|If you are more familiar with VB.NET (or VB) than C# you may find the following article quite helpful: From VB.NET to C# and Back Again. This article examines how to convert code between VB.NET and C#; since VB.NET shares a number of syntactic and semantic similarities with VBScript, the article should help developers new to C# understand the conversion process between VBScript and C#.|
Examining the VBScript Version of the RC4 Encryption AlgoriMansoor Ahmed Siddiqui explains debugging and tracing and shows how to create custom trace listeners to help ensure hassle-free developmenthtm
Before examining the converted C# code, we must first take a brief look at the original VBScript code, which contains one function -
EnDeCrypt- and one subroutine -
RC4Initializesub is used to initialize two arrays that are used by the function that does the actual en/decryption. These two arrays are
key, and are declared in the VBScript code as follows:
RC4Initialize sub takes one argument, a password used to encrypt the
text. Note that the
RC4Initialize sub is called from inside the
EnDeCrypt function, meaning you do not have to explicitly call this initialization
sub. The code for the
RC4Initialize sub is as follows:
Next is the
EnDeCrypt function, which does the actual en/decryption. Don't worry
about what each line of code does, I'll explain it in more detail when we
convert it to C#. (Also, if you haven't already, I'd strongly encourage you to read
Mike Shaffer's article, in which
he explains the theory behind RC4 encryption in some detail.)
At this point we're ready to begin our conversion of the VBScript code to C# code. Part 2 will start this process!