Click here to Skip to main content
15,867,308 members
Articles / Security / Encryption

Enhanced String Handling II

Rate me:
Please Sign up or sign in to vote.
3.76/5 (11 votes)
16 Dec 2010CPOL2 min read 35.5K   213   15   17
Overcoming limitations of: Enhanced String Handling

Introduction

In my previous article, Enhanced String Handling, EnhancedStringHandling.aspx, I ended the article with a section: Where do we go from here, where I pointed out a limitation: “The specifications as they stand now will not allow for a delimiter as part of the value. So for example: {identifier::value containing an open or close brace} will not pass the brace matching check. This is not of theoretical interest only. For example, if we would like to write a {Decrypt::encrypted value} decryption construct—if we cannot guarantee that the encrypted value has neither open nor close braces, then we cannot write such a ProcessDecrypt class. This problem is not necessarily confined to the case of a single charactered delimiter because the multi charactered delimiters are transformed into single charactered delimiters.”

A few days after I published the article, it occurred to me that the limitation was in my mind only.

The Perceived Problem

When we attempt to write a regular expression that will match on the form: {Crypt::encrypted-text} we are in trouble if the encrypted-text contains an open delimiter (“{”), a close delimiter (“}”) or a separator string (“::”). Therefore, I concluded, prematurely, that we needed more powerful machinery to handle such situations.

Fixing the Limitation

Up to now, throughout the article: Enhanced String Handling, we handled problems of this kind by substituting the offending string with a new string. In this case, we can use this very same technique by providing the encrypted text as unicode numbers converted to strings.

So if we are to encrypt the string: “01234 -- The quick brown fox jumped over the lazy dogs -- 56789!” we will first encrypt it into a string or characters. But instead of including the encrypted characters in a string as is (in the {Crypt::encrypted string} construct) we will include the unicode character representation of the encrypted string, comma separated. So the string:

"01234 -- The quick brown fox jumped over the lazy dogs -- 56789!" 

encrypted will be represented as:

"225,14,132,43,189,68,220,227,84,28,69,216,140,97,101,85,254,11,229,238,
 148,191,73,177,235,233,193,176,45,187,218,44,92,107,175,168,56,90,14,24,201,219,
 251,161,82,146,221,133,249,49,111,196,239,55,164,209,93,126,144,158,212,39,101,2
 9,197,221,62,174,210,137,124,134"

The ProcessCrypt(), therefore, will process a construct representing the above string, encrypted, like so: {Crypt::225,14,132,..}. Therefore, we solve the issue of an encrypted string that can contain any character including a delimiter or a separator. See CypherTest(), TestMethod. (The sample code in ProcessCrypt() is not meant to be the most secure encryption/decryption code, it is meant to illustrate the point—that we can overcome a delimiter or a separator in the string value to be processed.)

C#
[TestMethod]
public void CypherTest()
{
    string org = "01234 -- The quick brown fox jumped over the lazy dogs -- 56789!";
    string encripted = string.Format("Text: {{Crypt::{0}}}",
              ProcessCrypt.Encrypt(org));

    var context = new List<IProcessEvaluate>();
    context.Add(new ProcessCrypt());
    var eval = new EnhancedStringEval(context);
    string decript = eval.EvaluateString(encripted);

    Assert.AreEqual("Text: " + org, decript);
}

While ProcessCrypt is as follows:

C#
public sealed class ProcessCrypt : IProcessEvaluate
{
 static ProcessCrypt()
 {
   var reo = RegexOptions.Singleline | RegexOptions.IgnoreCase;
     _reCrypt = new Regex(@"{\s*Crypt\s*::(?<cipher>[0-9,]*)}", reo);
 }

 public ProcessCrypt() { }

 #region IProcessEvaluate Members

 /// <summary>
 ///
 /// </summary>
 /// <param name="src"></param>
 /// <param name="ea"></param>
 public void Evaluate(object src, EnhancedStringEventArgs ea)
 {
     // Task 1:
     string encrypted = ea.EhancedPairElem.Value;

     // ea.IsHandled == false, by default.
     Match m = _reCrypt.Match(encrypted);
     if (!m.Success) return;

     string deciphered = _reCrypt.Replace(encrypted, CipherReplace);
     if (deciphered == encrypted) return;

     // Task 2
     ea.IsHandled = true;

     // Task 3
     ea.EhancedPairElem.Value = deciphered;
 }

 #endregion

 /// <summary>
 ///
 /// </summary>
 /// <param name="m"></param>
 /// <returns></returns>
 private string CipherReplace(Match m)
 {
     string encrypted = m.Groups["cipher"].Value;
     return Decrypt(encrypted);
 }

 private const string _criptSplitter = ",";
 private static Regex _reCrypt;

 ...

}

Enjoy!

Avi

History

  • 15th December, 2010: Initial post

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
United States United States
avifarah@gmail.com

Comments and Discussions

 
GeneralMy vote of 5 Pin
Michael Haephrati3-Dec-12 5:18
professionalMichael Haephrati3-Dec-12 5:18 
GeneralRe: My vote of 5 Pin
Avi Farah3-Dec-12 17:10
Avi Farah3-Dec-12 17:10 
GeneralMy vote of 5 Pin
Manoj Kumar Choubey8-Feb-12 20:02
professionalManoj Kumar Choubey8-Feb-12 20:02 
GeneralRe: My vote of 5 Pin
Avi Farah3-Dec-12 17:09
Avi Farah3-Dec-12 17:09 
Generalnice one Pin
Pranay Rana18-Dec-10 10:07
professionalPranay Rana18-Dec-10 10:07 
GeneralRe: nice one Pin
Avi Farah18-Dec-10 17:00
Avi Farah18-Dec-10 17:00 
GeneralMy vote of 5 Pin
Paul Selormey16-Dec-10 11:18
Paul Selormey16-Dec-10 11:18 
GeneralRe: My vote of 5 Pin
Avi Farah16-Dec-10 13:26
Avi Farah16-Dec-10 13:26 
GeneralMy vote of 2 Pin
#realJSOP15-Dec-10 23:56
mve#realJSOP15-Dec-10 23:56 
GeneralRe: My vote of 2 Pin
Indivara16-Dec-10 3:12
professionalIndivara16-Dec-10 3:12 
GeneralRe: My vote of 2 Pin
#realJSOP17-Dec-10 0:14
mve#realJSOP17-Dec-10 0:14 
GeneralRe: My vote of 2 Pin
Paul Selormey16-Dec-10 11:43
Paul Selormey16-Dec-10 11:43 
GeneralRe: My vote of 2 Pin
#realJSOP17-Dec-10 2:20
mve#realJSOP17-Dec-10 2:20 
GeneralRe: My vote of 2 Pin
Paul Selormey17-Dec-10 3:52
Paul Selormey17-Dec-10 3:52 
QuestionFew Questions... Pin
Paul Selormey15-Dec-10 22:32
Paul Selormey15-Dec-10 22:32 
Hello Avi,
Thanks for the contribution.
I am really looking for something similar to this library to use in my documentation library.

I do have some questions...

1. What changed in this updated version?
2. What makes this approach better than a simple string search? say find '{' and then loop till next '}'
3. Will this handle nested items? say {Code{Guid}}?
4. Finally, this is odd but let me still ask (as the last time I was reading this article,
the story seems different), is the "::" a requirement?

Best regards,
Paul.
Jesus Christ is LOVE! Please tell somebody.

modified on Thursday, December 16, 2010 5:20 PM

GeneralRe: Few Questions... Pin
Avi Farah16-Dec-10 7:00
Avi Farah16-Dec-10 7:00 
GeneralRe: Few Questions... Pin
Paul Selormey16-Dec-10 11:20
Paul Selormey16-Dec-10 11:20 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.