将字符串加密为15个字符

Question

I am doing this serial key thing where the format is xxxxx-xxxxx-xxxxx (15 characters). I can currently encrypt my string but the problems are:

1. 6 Characters become 20+ Characters.
2. Has some underieable characters such as: +, /, =

So what would be the best way to encrypt a string to certain number of characters? In my case: 6 characters encrypted to 15 characters.

I am currently using something like this:

    public string EncryptString(string clearText, string Password)
    {
        byte[] clearBytes = System.Text.Encoding.Unicode.GetBytes(clearText);
        Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(Password, ByteGetter(UsageMode, "Password")); 
        byte[] encryptedData = EncryptByte(clearBytes, pdb.GetBytes(32), pdb.GetBytes(16));
        return Convert.ToBase64String(encryptedData);
    }


    public static byte[] EncryptByte(byte[] clearData, byte[] Key, byte[] IV)
    {
        MemoryStream ms = new MemoryStream();
        Rijndael alg = Rijndael.Create();
        alg.Key = Key;
        alg.IV = IV;
        CryptoStream cs = new CryptoStream(ms, alg.CreateEncryptor(), CryptoStreamMode.Write);
        cs.Write(clearData, 0, clearData.Length);
        cs.Close();
        byte[] encryptedData = ms.ToArray();
        return encryptedData;
    }

Answer 1

First of all: It is a property of Base64-encoding to contain non-alpha characters. So you will need to chose another encoding, you might want to start use 5 bit parcels and encode to AZ, 2-9 but leave out O,I. This should give you the character set you wish.

Second: Assuming you do chose 5 bit packets, you need 5*15=75 bits. Most hashes will create 128 bits ore more, so you need to downsample. A possible way to approach this is to simply ignore bits.

Answer 2

Synthetising the comment thread from the question:

If you want the serial code to be (reversibly) encrypted data, you can't really constrain its size very well. You're stuck with whatever the encryption algorithm gives you, and they usually operate on fixed-size blocks.

The obvious choices for encoding the encrypted data into a bunch of ASCII characters are:

• base64 - widely supported, but can't be implemented using only alphanumerics, and is case-sensitive
• base32 - somewhat obscure - you'll have to write / find an implementation. The RFC-specified standard requires padding with = s. (Just as it does for base64 .) More compact than base16 , and only needs case-insensitive alphanumerics for the data, which is an advantage if you expect people to type the code by hand.
• base16 - also very well supported, never requires padding, but is far less compact than the other two.

You can work around the padding issue knowing that the length of the encoded string has to be a multiple of 8 for base32 , and a multiple of 4 for base64. (I'm not 100% sure about this, but it makes sense, since you want the encoded string to represent a multiple of 8 bits.) Knowing this you can add padding characters to make a decoder stop complaining about an invalid input length. ( Convert.FromBase64String() does complain.)

If you want to constrain the output size given an input size in some specific way, and aren't willing to discard data (ie hash instead of encrypting), you'll have to roll your own encryption algorithm. This seems mostly counterproductive.

Answer 3

With your requirements you need to:

• Encrypt with DES
• Encode with Base 32 (base 16 will give you 16 bytes instead of 15)
• Pad however you like