c# - .NET Encryption -

-

what trying when user registers password gets encrypted, , encrypted password gets saved in database, , when user logs in should decrypt password compare if user entered correct password, when try decrypt gives me "bad data" exception.

please guys. here code:

protected void btnlogin_click(object sender, eventargs e) {     try     {         private cryptography crypt = new cryptography();         var registeruser = new test.model.user();         registeruser.emailaddress = txtemail.text;         registeruser.password = txtpassword.text;         //new test().getbyusername(registeruser);         new test().getbyemail(registeruser, crypt);     }     catch (exception ex)     {      } }  public void getbyemail(user user, cryptography crypt) {     try     {         var repo = new userrepository();         var test = repo.getencryptedpasswrd(user);         var o = repo.getprivatekey(user.emailaddress);         crypt.privatekey = o;         var j = repo.getpublickey(user.emailaddress);         crypt.publickey = j;         decryptpassword(test, o, crypt);      }     catch (exception ex)     {      } }  public string decryptpassword(byte [] encryptedpassword, string privatekey, cryptography cry) {     decrypted = cry.decrypt(encryptedpassword, privatekey);    //return encoding.ascii.getstring(decrypted);     return encoding.ascii.getstring(decrypted);  }  protected void btnregister_click(object sender, eventargs e) {     cryptography crypt = new cryptography();     var registeruser = new test.model.user();     registeruser.name = txtname.text;     registeruser.surname = txtsurname.text;     registeruser.emailaddress = txtemailaddress.text;     registeruser.password = txtpassword.text;     registeruser.dateregisterd = datetime.now;     new test().registeruser(registeruser, crypt.privatekey, crypt.publickey,crypt, encrypted); }  public void registeruser(user user, string privatekey, string publickey, cryptography crypt, byte[] encrypted) {     try     {         var repo = new userrepository();         byte[] plaintext = encoding.ascii.getbytes(user.password);         encrypted = crypt.encrypt(plaintext, crypt.publickey);         user.password = encoding.ascii.getstring(encrypted);         user.privatekey = crypt.privatekey;         user.publickkey = crypt.publickey;         repo.add(user);     }     catch (exception ex)     {      } }

thanks in advance.

as said above comment should hash .

still if want encrypt example don't decrypt password . instead should encrypt password user , compare database .

you can consider simple option hash password . http://davidhayden.com/blog/dave/archive/2004/02/16/157.aspx .


Comments

Post a Comment

Popular posts from this blog

linux - Using a Cron Job to check if my mod_wsgi / apache server is running and restart -

-
my group , running server based upon django , uses mod_wsgi run apache server. not working on project after over, attempting set cronjob similar functionality check if apache server has shut down(system restart or power failure), , if has, restart server me. i've found documentation on how check if apache server down , restart server if is, our server uses https , our start command pretty verbose. can use functionality provided in these examples: https://askubuntu.com/questions/277389/cron-job-to-restart-apache https://www.digitalocean.com/community/tutorials/how-to-use-a-simple-bash-script-to-restart-server-programs or need more complicated process make happen? the command use start server is python manage.py runmodwsgi --host 0.0.0.0 --port 8001 --https-port 8000 --ssl-certificate (certificate location) --server-name (domain name) i'm pretty new linux , using both mod-wsgi apache appreciated. you better off using --setup-only option mod_wsgi-expres...
Read more

actionscript 3 - TweenLite does not work with object -

-
i got following problem: i have object called tempscore game. this object blitted canvas renderer via copypixels method. object not display object. it's score-object (self made). score-object extends object called basicblitarrayobject. basicblitarrayobject extends eventdispatcher (therefore no display object). i tried apply several different tweenlite-plugins tempscore-object (i.e. transformaroundcenter, colormatrixfilter, etc.). nothing happens. absolutely nothing. sometimes error messages (when plugin requires display object , object not display object). far good. according greensock (maker of tweenlite) engine can tween numeric property of object. when plugin transformaroundcenter requires display object tweening have modify plugin working non-display object (tempscore). can't because it's way hard me. my game rests upon code: http://www.8bitrocket.com/book/ch11_blastermines.zip try apply tweenlite object called tempmine inside game class blastermines. ...
Read more

jQuery Ajax Render Fragments OR Whole Page -

-
i'm in throes of building application wraps mess of legacy code. page working on, need substitute fragment divs constructed on back-end -- or else need replace entire page altogether. idea there dynamically controlled flow needs satisfied before can forward legacy product. substituting fragments works fine, seen in below my_body_content swap. trouble comes when i'm trying render not fragment, whole page, in "body" swap. @ point page goes blank. i want similar errors returned server. want nice rest 404 error messages displayed on screen, legacy-product 404s show in legacy-product 404 page. yes, requirements project weird. that's not problem can fix. here's jquery invocation, names changed protect guilty: $.ajax({ url: "places/things", type: "post", data: json.stringify(somebadassobject), datatype: "text", accepts: "text/html", contenttype: "application/json; charset=...
Read more