A fellow developer named Andy Booth has recently created an application.
The application receives confidential transaction data from Domain.com’s clients, which it secures using the TripleDESCryptoServiceProvider class.
You are currently reviewing this application, and need to decrypt a byte array of cipher text.
What code should you use to achieve this objective?
A.
public byte [] DecryptData(byte [] cipherText, TripleDESCryptoServiceProvider secretKey){
MemorySream ms = new MemorySream(cipherText);
CryptoSream cs = new CryptoSream(ms, SecretKey, CryptoSreamMode.Read);
byte [] data = new byte [ms.Length – 1];
cs.Read (data, 0, data.Length);
cs.Close ();
ms.Close ();
return data;
}
B.
public byte [] DecryptData(byte [] cipherText, TripleDESCryptoServiceProvider secretKey){
MemorySream ms = new MemorySream (cipherText);
CryptoSream cs = new CryptoSream(ms, secretKey.CreateDecryptor(), CryptoSreamMode.Read);
byte [] data = new byte [ms.Length – 1];
cs.Read (data, 0, data.Length);
cs.Close ();
ms.Close ();
return data;
}
C.
public byte [] DecryptData(byte [] cipherText, TripleDESCryptoServiceProvider secretKey){
MemorySream ms = new MemorySream (secretKey);
CryptoSream cs = new CryptoSream(ms, secretKey.CreateDecryptor(), CryptoSreamMode.Read);
byte [] data = ms.Decrypt (cipherText);
cs.Read (data, 0, data.Length);
ms.Close ();
return data;
}
D.
public byte [] DecryptData(byte [] cipherText, TripleDESCryptoServiceProvider secretKey){
CryptoSream cs = new CryptoSream (secretKey);
byte [] data = ms.Decrypt (cipherText);
cs.Read (data, 0, data.Length);
ms.Close ();
return data;
}
Explanation:
This code instantiates a CryptoStream object, specifies the ICryptoTransform object to encrypt data, decrypts the CipherText byte array,
and returns the encrypted byte array.
The TripleDESCryptoServiceProvider class represents a managed cryptographic provider of the
Data Encryption Standard (DES) symmetric algorithm.
The DES symmetric algorithm is commonly used for dat confidentiality, and it supports 64- bit keys.
When you instantiate a TripleDESCryptoServiceProvider object, a secret key for encryption and an initialization vector (IV) are created.
Because the same key and IV are needed for encryption and decryption, the CreateEncryptor and CreateDecryptor methods
generate the appropriate ICryptoTransform object to alter the data.
Incorrect Answers:
A: You should not use the code that does not invoke the CreatDecryptor method because this is required when instantiating a CryptoStream object.
C, D: You should not use the code fragments that invoke the Decrypt method because no such method exists in the CryptoStream class.
I have the same idea. B