how can i encrypt data in an xml file and read via asp.net page

[ITking2009]

Hey,
One of the requirements is to read the user and password from the xml file. I can do that but i dont want the password to be clear text so my question is
1. how can i encrypt the password in the xml file
2. How can i read it and compare with password entered by the user?

Any directions or help is appreciated.
Thanks.

 

[jmeckley]

you need to use cryptography. your application will have a key used to encrypt the string. when the value is read back into the system, decrypt the value before using. I would start with the system.security.cryptography namespace and go from there.

Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190

 

[ITking2009]

Thanks Jason, is there any code example you kno wof that i can look at specially for the decrypting and compairing with the value stored in xml file?
Thanks.

 

[jmeckley]

where the value is stored is irrlevant. it could be a binary file, database, webservice, csv, rtf. you will need to retrieve it, once it's retrieved you treat it as a string.
as for examples... start here.

Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190

 

[ITking2009]

For people like me who are in need of this in crisis
following is a code example
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Security.Cryptography;

namespace WindowsFormsApplication1
{
public partial class Form1 : Form
{
public Form1()
{
InitializeComponent();
}
static string getMd5Hash(string input)
{
// Create a new instance of the MD5CryptoServiceProvider object.
MD5 md5Hasher = MD5.Create();

// Convert the input string to a byte array and compute the hash.
byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(input));

// Create a new Stringbuilder to collect the bytes
// and create a string.
StringBuilder sBuilder = new StringBuilder();

// Loop through each byte of the hashed data
// and format each one as a hexadecimal string.
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data.ToString("x2"));
}

// Return the hexadecimal string.
return sBuilder.ToString();
}

// Verify a hash against a string.
static bool verifyMd5Hash(string input, string hash)
{
// Hash the input.
string hashOfInput = getMd5Hash(input);

// Create a StringComparer an comare the hashes.
StringComparer comparer = StringComparer.OrdinalIgnoreCase;

if (0 == comparer.Compare(hashOfInput, hash))
{
return true;
}
else
{
return false;
}
}
private void button1_Click(object sender, EventArgs e)
{
string source = textBox2.Text ;

string hash = getMd5Hash(source);
StringBuilder str = new StringBuilder();
str.Append("The MD5 hash of " + source + " is: " + hash + ".").AppendLine();
textBox1.Text =str.ToString ();
str.Append("Verifying the hash...").AppendLine();
if (verifyMd5Hash(source, hash))
{
str.Append("The hashes are the same.").AppendLine();
}
else
{
str.Append("The hashes are not same.").AppendLine();
}
textBox1.Text = str.ToString();
}
}
}

 

[ITking2009]

Thanks Jason for your comments. the "Start Here" was funny....

 

[jmeckley]

glad you enjoyed it

Jason Meckley
Programmer
Specialty Bakers, Inc.

faq855-7190