|
hi all,
Here's what i'm trying to do:
1.Encrypted User password will be entered into database during Registeration.
2.next time user tries to login i decrpt the value from the data base and allow the user to logon if the decrypted value is same as the User entered password.
My Problem is, no matter what i do i always get different decrpted values for any string.
ie if a user logs on say with a password "letmein" (which is already lying in the database in its encrypted format) when i try to decrypt it back i'm not getting the same value "letmein".
what do i do???
Plz help.
here's my Cryptography Class File.....(could some one tell me whats wrong with my code)
public class Cryptography
{
public static RSACryptoServiceProvider rsa;
public static void AssignParameter()
{
const int PROVIDER_RSA_FULL = 1;
const string CONTAINER_NAME = "MyOnlyContainer";
CspParameters cspParams;
cspParams = new CspParameters(PROVIDER_RSA_FULL);
cspParams.KeyContainerName = CONTAINER_NAME;
cspParams.Flags = CspProviderFlags.UseMachineKeyStore;
cspParams.ProviderName = "Microsoft Strong Cryptographic Provider";
rsa = new RSACryptoServiceProvider(cspParams);
}
public static string EncryptData(string data2Encrypt)
{
AssignParameter();
StreamReader reader = new StreamReader("PublicOnlyKey.xml");
string publicOnlyKeyXML = reader.ReadToEnd();
rsa.FromXmlString(publicOnlyKeyXML);
reader.Close();
//read plaintext, encrypt it to ciphertext
byte[] plainbytes = System.Text.Encoding.UTF8.GetBytes(data2Encrypt);
byte[] cipherbytes = rsa.Encrypt(plainbytes,false);
return Convert.ToBase64String(cipherbytes);
}
public static string DecryptData(string data2Decrypt)
{
AssignParameter();
byte[] getpassword = Convert.FromBase64String(data2Decrypt);
//public and private RSA parameters for encrypt
StreamReader reader = new StreamReader("PublicPrivateKey.xml");
string publicPrivateKeyXML = reader.ReadToEnd();
rsa.FromXmlString(publicPrivateKeyXML);
reader.Close();
//read ciphertext, decrypt it to plaintext
byte[] plain = rsa.Decrypt(getpassword,false);
return Convert.ToBase64String(plain);
}
public static void AssignPublicPrivateKeys()
{
AssignParameter();
//provide public and private RSA params
StreamWriter writer = new StreamWriter("PublicPrivateKey.xml");
string publicPrivateKeyXML = rsa.ToXmlString(true);
writer.Write(publicPrivateKeyXML);
writer.Close();
//provide public only RSA params
writer = new StreamWriter("PublicOnlyKey.xml");
string publicOnlyKeyXML = rsa.ToXmlString(false);
writer.Write(publicOnlyKeyXML);
writer.Close();
}
}
please Help
|
|
|
|
|
Take a look at my article, Using XML Digital Signatures for Application Licensing[^] and pay attention to the note in the middle of the page. The content of the article may not be so important to you (hope you enjoy it all the same), but the note there is from a valuable lesson I learned: a key container (depending on the implementation) stores different types of keys in different locations. Since you're using the Strong Name CSP, you need to specify the key index 1, not accepting the default of 0 which is for key exchange and will be unique on each machine and may, in fact, generate different plain texts from the cipher text. Also make sure you're using the same IV.
On another note, consider a different way of handling credentials that is more widely implemented. Hash the passwords in the database using a mathematically-proven hash algorithm to generate a digest of the password like MD5 or SHA1 (which are both provided in the framework). You then hash the password the user enters using the same algorithm and compare the hashes.
This way, the user's password is not send over the wire as plain text (still a good idea to use SSL or some other encrypted communication channel to protect the username, and digests are still victim to brute-force attacks) and anyone with access to the database and the private key can't decrypt the data (if they can get to one, they can probably get to the other).
This is also much faster. One-way hash algorithms are fairly quick compared to decryption.
Again, this is a more widely used implementation because it's faster and it's practically impossible to recover the users' passwords (even for administrators, which helps with security immensely).
This posting is provided "AS IS" with no warranties, and confers no rights.
Software Design Engineer
Developer Division Sustained Engineering
Microsoft
[My Articles]
|
|
|
|
|
Hello, I'm normally a C++ .NET programmer but I'm building a DirectX game in C# .NET. I'm having a problem understanding how to pass a variable (directX device) to my Base class when declaring a Derived class. Example:
<br />
class Base<br />
{<br />
public Base( Device device )<br />
{}<br />
..process device physics..<br />
}<br />
<br />
class Derived:Base<br />
{<br />
public Derived()<br />
{}<br />
..variables for whatever object this is..<br />
}<br />
How would I declare an object of Derived class and pass my device object to the base class?
Thanks for the help.
Cyric74@hotmail.com
|
|
|
|
|
Try this
class Base
{
public Base( )
{
}
public Base( Device device )
{
int i =11;
}
}
class Derived:Base
{
public Derived( Device device ):base(device)
{
int i =10;
}
}
class Device
{
}
Device device = new Device();
Derived der = new Derived(device);
Or Change the BASE constructor to a Method.
Sanjay Sansanwal
www.sansanwal.com
|
|
|
|
|
That worked, thanks a bunch.
|
|
|
|
|
i want to generate two random numbers , assume:
Random rd = new Random();
int m1 = rd.Next(1,x);
int m2 = rd.Next(1,y);
i want to generate them for multiple times provided that the two numbers m1 & m2 do not repeated.
thanks
|
|
|
|
|
Do you mean you want to keep generating them until they are not equal to each other? Or you're going to do something like fill an array up with random numbers but you don't want any to be the same as another number in the array?
If you're wanting to generate them until they aren't equal just a simple while loop will work:
<br />
Random rd = new Random();<br />
int m1 = rd.Next(1,x);<br />
int m2 = rd.Next(1,y);<br />
<br />
int iInfLoopChk = 0;
while( m1 == m2 && iInfLoopChk < 5000 )<br />
{<br />
m1 = rd.Next(1,x);<br />
m2 = rd.Next(1,y);<br />
iInfLoopChk++;<br />
}<br />
^You'll need some logic if you're worried about the infinite loop that tells you both numbers cannot be anything other than equal to eachother. (Like if m1 is always 0 and m2 is always 0 due to logic error or special circumstance)
|
|
|
|
|
Try
Random rd = new Random();
int m1 = rd.Next(1, x);
int m2;
do
{
m2 = rd.Next(1, y);
}while(m1 != m2);
Sanjay Sansanwal
www.sansanwal.com
|
|
|
|
|
Not that. The case of m1 = m2 is not a problem, but i want the pair of two numbers (m1 and m2 together) not to be repeated. for example: if x=2 and y=3, this pair of x and y not to be repeated, because i want to use them as one unit.
|
|
|
|
|
struct XY {
int X, Y;
}
now just dump that in a hashtable, and check if the valuetype is in there. Note this will only work for ordered pairs. You will need to override gethascode and equals if u want them to be equal unordered or whichever way you fancy.
hth
top secret Download xacc-ide 0.0.3 now! See some screenshots
|
|
|
|
|
Hi, I have a form with a panel control anchored to all sides of the form, I want to retrieve the size of the control when the containing form is maximizing the form, of course I can do it with calculating the size ie. subtract the distance from all sides from the form size, but I was wondering whether there's a method or a property in the .net framework for this puropse. Thanks
(a.k.a. Wal2k) www.wal2k.com
|
|
|
|
|
I am writing my own custom list control which contains a collection of objects. Like the ListBox.
Now the ListBox control contains a ListBox.ObjectCollection and my list contains my own Object Collection.
Both of these collections store objects, but when you are in the IDE with the listbox you can edit the collection as a string collection and add items to list. With my collection I cannot do this as I can only view the collection as an object collection which cannot be edited.
How can I achieve the same effect as the ListBox?
Darren.
|
|
|
|
|
Look-up the UITypeEditor class in the .NET Framework SDK. It provides more information and examples about providing user interface editors. The one you're seeing now is the default editor for collections. You can make your own UITypeEditor rather easily.
Another article you should read is Enhancing Design-Time Support[^] in the .NET Framework SDK. It provides a lot of information about design-time support classes like the UITypeEditor , TypeConverter s, and more.
This posting is provided "AS IS" with no warranties, and confers no rights.
Software Design Engineer
Developer Division Sustained Engineering
Microsoft
[My Articles]
|
|
|
|
|
In C# how do my app get true wen both mouse buttons are down?
|
|
|
|
|
The MouseEventArgs class has a property Button that will tell you that.
It's a [Flags] enumeration, so more than one value can be OR'ed to build the final value.
So your event handler would look somethng like this:
private void MyApp_MouseDown(object sender, MouseEventArgs e)
{
if ((e.Button & MouseButtons.Left) == MouseButtons.Left &&
(e.Button & MouseButtons.Right) == MouseButtons.Right)
{
MessageBox.Show("Both buttons down");
}
} Regards,
mav
|
|
|
|
|
no... this code does not work correctly .. like if i press both buttons at the same time nothing happen... like if you are playing minesweeper you press both buttons ... i have tried this code but it did not work for me ...
Is there any thing else that i can do
|
|
|
|
|
private bool leftButtonPressFlag = false;
private bool rightButtonPressFlag = false;
private void Form1_MouseDown(object sender, MouseEventArgs e)
{
if (e.Button == MouseButtons.Left) leftButtonPressFlag = true;
if (e.Button == MouseButtons.Right) rightButtonPressFlag = true;
if (leftButtonPressFlag && rightButtonPressFlag)
{
Color swap = ForeColor;
ForeColor = BackColor;
BackColor = swap;
}
}
private void Form1_MouseUp(object sender, MouseEventArgs e)
{
if (e.Button == MouseButtons.Left) leftButtonPressFlag = false;
if (e.Button == MouseButtons.Right) rightButtonPressFlag = false;
}
|
|
|
|
|
|
What you mean? I badly speak english.
|
|
|
|
|
|
You are mistaken. Need AND. This code works correctly.
It is possible to write so:
private bool buttonPressFlag = false;
private void Form1_MouseDown(object sender, MouseEventArgs e)
{
if (buttonPressFlag)
{
Color swap = ForeColor;
ForeColor = BackColor;
BackColor = swap;
}
if ((e.Button & MouseButtons.Left) == MouseButtons.Left ||
(e.Button & MouseButtons.Right) == MouseButtons.Right)
buttonPressFlag = true;
}
private void Form1_MouseUp(object sender, MouseEventArgs e)
{
if ((e.Button & MouseButtons.Left) == MouseButtons.Left ||
(e.Button & MouseButtons.Right) == MouseButtons.Right)
buttonPressFlag = false;
}
PS: Excuse me. At first time I has not understood your answer.
|
|
|
|
|
Lets go back to your original code listing
private bool leftButtonPressFlag = false;
private bool rightButtonPressFlag = false;
private void Form1_MouseDown(object sender, MouseEventArgs e)
{
if (e.Button == MouseButtons.Left) leftButtonPressFlag = true;
if (e.Button == MouseButtons.Right) rightButtonPressFlag = true;
if (leftButtonPressFlag && rightButtonPressFlag)
{
Color swap = ForeColor;
ForeColor = BackColor;
BackColor = swap;
}
}
private void Form1_MouseUp(object sender, MouseEventArgs e)
{
if (e.Button == MouseButtons.Left) leftButtonPressFlag = false;
if (e.Button == MouseButtons.Right) rightButtonPressFlag = false;
}
The correct way will be as such:
if ((e.Button & MouseButtons.Left) != 0) leftButtonPressFlag = true;
if ((e.Button & MouseButtons.Right) != 0) rightButtonPressFlag = true;
if (leftButtonPressFlag && rightButtonPressFlag)
This is becos MouseButtons is a Flagged enum. Lets look at some real values now.
[Flags]
enum MouseButtons
{
Left = 0x 0010 0000,
....
Right = 0x 0020 0000,
....
}
Now the value of e.Buttons, if both buttons were pressed, would be 0x 0030 0000 (Left | Right), you should see now why your method will fail try to match either value, and hence will not work correctly. Note for single buttons your method will indeed work, but will fail matching combinations of buttons.
I hope you understand If not, read abit about the binary (not boolean) operators of AND, OR, XOR, 1's complement. The windows calculator can actually help alot here! I remember it took me a good few months to understand it fully.
top secret Download xacc-ide 0.0.3 now! See some screenshots
|
|
|
|
|
I add a new listview to my main form to add images to a treeview, but what happend is i cant see any images on all my controls (that use diffrent imagelists in diffrent classes) and when i remove the new imagelist everything gets back to normal ,what am i doing wrong?
|
|
|
|
|
i found that there is no reason why we should use username and password parameter in DirectoryEntry constructor, but why do they provide it?
since it will always use the current windows account which run the program to authenticate against active directory, so that whatever username and password i specify in DirectoryEntry constructor is useless.
Am i right?
your info is highly appreciated.
Thanks
|
|
|
|
|
i get the answer, i was wrong
|
|
|
|