Re: Same encryption codes cannot decrypt password from .NET 1.0 to 2.0
- From: Jon Skeet [C# MVP] <skeet@xxxxxxxxx>
- Date: Tue, 20 Dec 2005 20:36:00 -0000
<hohans@xxxxxxxxx> wrote:
> I have an encryption class that encrypts and decrypts password using
> TripleDESCryptoServiceProvider. It was written originally in framework
> 1.0 and been working fine. And those passwords are stored in my SQL
> server.
<snip>
Looking at it to start with - you really shouldn't be assuming that the
bytes which come back from encryption are a valid Unicode string. I
would suggest base64 encoding/decoding to convert between byte arrays
and "normal" text. It's unrelated to the problem you're seeing (I
believe) but is something to watch out for.
It's also worth using a "using" statement to close streams, so they end
up being closed even if an exception occurs.
Finally, don't use Stream.Read without checking the return value -
there's no guarantee it will read everything you want it to. See
http://www.pobox.com/~skeet/csharp/readbinary.html for more details.
When you're using a MemoryStream, however, you can just call ToArray to
get the bytes.
I'll post an "improved" version of your code when I've modified the
current version. As I say, it won't solve the problem, but it should
make it more obvious that there *is* a problem unrelated to the above
:)
--
Jon Skeet - <skeet@xxxxxxxxx>
http://www.pobox.com/~skeet Blog: http://www.msmvps.com/jon.skeet
If replying to the group, please do not mail me too
.
- References:
- Prev by Date: Re: Connecting to SQL Server on WIN2003 Box
- Next by Date: Re: Connecting to SQL Server on WIN2003 Box
- Previous by thread: Re: Same encryption codes cannot decrypt password from .NET 1.0 to 2.0
- Next by thread: Re: Same encryption codes cannot decrypt password from .NET 1.0 to 2.0
- Index(es):
Relevant Pages
|
