Hi,
Need some advice on how to resolve an issue I am experiencing at the moment.
I am currently working the .NET 2.0 SQLMembershipProvider model. I have some helper methods that retrieve the user password from the SQL database and then based on what the code finds in the web.config "passwordFormat" key (password type e.g. hashed etc) attempt to decrypt the password.
Once the password is decrypted its tested against the user input (via a login box) and then returns true or false (and thus allow login to the page).
For some reason I can encrypt passwords without a problem however when I attempt to decrypt the passwords I get the password text however I also get chinese characters injected in for some reason!
Here is the code:
I sourced the original code from an .NET 2.0 MSDN article advising how to implement a Provider model.
For example if I encode "password", I get a base64 value. When I then try to decode the value (I am using Encrypted as my preferred password format) I end up with "####password" where #### appear as chinese characters.
My development setup is as follows:
Windows Vista Ultimate
Visual Studio .NET 2005 Professional + Service Pack 1
Visual Studio 2005 Vista Patch applied
SQL Server 2005 Express Edition
Local IIS7 configured to handle .NET 1.1, .NET 2.0 and .NET 3.0 Frameworks
I have tried running the code on a Windows XP Pro machine with VS2005/.NET 2.0 installed and I get exactly the same bizzare error except for Windows XP just shows [] characters as it doesn't have the chinese language pack installed (why I would want the language pack in Vista I have no idea... thanks Microsoft).
Any ideas?
Adios,
Fz
Need some advice on how to resolve an issue I am experiencing at the moment.
I am currently working the .NET 2.0 SQLMembershipProvider model. I have some helper methods that retrieve the user password from the SQL database and then based on what the code finds in the web.config "passwordFormat" key (password type e.g. hashed etc) attempt to decrypt the password.
Once the password is decrypted its tested against the user input (via a login box) and then returns true or false (and thus allow login to the page).
For some reason I can encrypt passwords without a problem however when I attempt to decrypt the passwords I get the password text however I also get chinese characters injected in for some reason!
Here is the code:
Code:
//
// EncodePassword
// Encrypts, Hashes, or leaves the password clear based on the PasswordFormat.
//
private string EncodePassword(string password)
{
string encodedPassword = password;
switch (PasswordFormat)
{
case MembershipPasswordFormat.Clear:
break;
case MembershipPasswordFormat.Encrypted:
encodedPassword =
//Convert.ToBase64String(EncryptPassword(Encoding.Unicode.GetBytes(password)));
Convert.ToBase64String(EncryptPassword(System.Text.Encoding.Unicode.GetBytes(password)));
break;
case MembershipPasswordFormat.Hashed:
HMACSHA1 hash = new HMACSHA1();
hash.Key = HexToByte(machineKey.ValidationKey);
encodedPassword =
Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));
break;
default:
throw new ProviderException("Unsupported password format.");
}
return encodedPassword;
}
//
// UnEncodePassword
// Decrypts or leaves the password clear based on the PasswordFormat.
//
private string UnEncodePassword(string encodedPassword)
{
string password = encodedPassword;
switch (PasswordFormat)
{
case MembershipPasswordFormat.Clear:
break;
case MembershipPasswordFormat.Encrypted:
password =
//Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password)));
Encoding.Unicode.GetString(base.DecryptPassword(Convert.FromBase64String(encodedPassword)));
break;
case MembershipPasswordFormat.Hashed:
throw new ProviderException("Cannot unencode a hashed password.");
default:
throw new ProviderException("Unsupported password format.");
}
return password;
}I sourced the original code from an .NET 2.0 MSDN article advising how to implement a Provider model.
For example if I encode "password", I get a base64 value. When I then try to decode the value (I am using Encrypted as my preferred password format) I end up with "####password" where #### appear as chinese characters.
My development setup is as follows:
Windows Vista Ultimate
Visual Studio .NET 2005 Professional + Service Pack 1
Visual Studio 2005 Vista Patch applied
SQL Server 2005 Express Edition
Local IIS7 configured to handle .NET 1.1, .NET 2.0 and .NET 3.0 Frameworks
I have tried running the code on a Windows XP Pro machine with VS2005/.NET 2.0 installed and I get exactly the same bizzare error except for Windows XP just shows [] characters as it doesn't have the chinese language pack installed (why I would want the language pack in Vista I have no idea... thanks Microsoft).
Any ideas?
Adios,
Fz