Decrypt AES 128 on T-SQL - c#

I have a database that is currently using AES 128. The database has about 8 million records, and what the client wants is to decode the passwords and hash them instead so the passwords cannot be decrypted. This is a web app with data stored on a remote server. I tried using a web app to do the conversion, but it keeps timing out. Since this is 8 mil, it will take a while to go through all the items, so my next idea was to get SQL do do the decryption and hashing. I could let it run for the next few days.
The problem I am having is that each column has the encrypted password with a unique salt. I can't find a function to decrypt the password using the encrypted password and salt. Is there a function? Even third party? Is there a better way to go about this?
Thanks!


The easiest/only way to do this in SQL Server would by to write a CLR User-Defined Function (UDF) in C#. See
SQL Server 2005: Creating Your First C# CLR UDF in 10 Easy Steps (One of Which Includes Partying)
SQLCLR - Create CLR User-Defined Function ( UDF ) - Check Constraint on EmailAddress Column Using RegEx
MSDN: CLR User-Defined Functions (ADO.NET)
for more details. If it was me, I'd add a new column to contain the new password hash and run an update statement periodically to construct the new password hash, something like this:
update top 10000 dbo.users
set hashedPassword = DecryptAndHash( encryptedPassword )
where hashedPassword is null
where DecryptAndHash() is your CLR UDF. Once the transform is complete, you should be free to drop the old column and roll out the update to use the new authentication logic.
Probably want to put an trigger on the table to keep the hash in sync with the encrypted password in case anybody changes their password while all this is going on.
FWIW, the code shouldn't be much more complicated than
using System;
using Microsoft.SqlServer.Server;
namespace Sandbox
{
public static class EncryptionFunctions
{
/// <summary>
/// Encrypts a string
/// </summary>
/// <param name="plainText"></param>
/// <returns>varbinary</returns>
[SqlFunction]
public static byte[] Encrypt( string plainText )
{
byte[] cipherText ;
using ( EncryptionEngine cipher = EncryptionEngine.GetInstance() )
{
cipherText = cipher.Encrypt( plainText ) ;
}
return cipherText ;
}
/// <summary>
/// Decrypts a previously encrypted varbinary
/// </summary>
/// <param name="cipherText"></param>
/// <returns>string</returns>
[SqlFunction]
public static string Decrypt( byte[] cipherText )
{
string plainText ;
using ( EncryptionEngine cipher = EncryptionEngine.GetInstance() )
{
plainText = cipher.Decrypt( cipherText ) ;
}
return plainText ;
}
/// <summary>
/// Compute the secure hash of a [plaintext] string
/// </summary>
/// <param name="plainText"></param>
/// <returns> varbinary </returns>
[SqlFunction]
public static byte[] SecureHash( string plainText )
{
byte[] hash ;
using ( EncryptionEngine cipher = EncryptionEngine.GetInstance() )
{
hash = cipher.ComputeSecureHash( plainText ) ;
}
return hash ;
}
/// <summary>
/// Convenience wrapper method to take a previously encrypted string, decrypt it and compute its secure hash
/// </summary>
/// <param name="cipherText"></param>
/// <returns>varbinary</returns>
[SqlFunction]
public static byte[] DecryptAndHash( byte[] cipherText )
{
byte[] hash ;
using ( EncryptionEngine cipher = EncryptionEngine.GetInstance() )
{
hash = cipher.ComputeSecureHash( cipher.Decrypt( cipherText ) ) ;
}
return hash ;
}
/// <summary>
/// The core encrypt/decrypt/hash engine
/// </summary>
private class EncryptionEngine : IDisposable
{
/// <summary>
/// get an instance of this class
/// </summary>
/// <returns></returns>
public static EncryptionEngine GetInstance()
{
return new EncryptionEngine() ;
}
#region IDisposable Members
/// <summary>
/// Dispose of any unmanaged resources
/// </summary>
public void Dispose()
{
throw new NotImplementedException();
}
#endregion
/// <summary>
/// Encrypt a plaintext string
/// </summary>
/// <param name="plainText"></param>
/// <returns></returns>
internal byte[] Encrypt( string plainText )
{
throw new NotImplementedException();
}
/// <summary>
/// Decrypt an encrypted string
/// </summary>
/// <param name="cipherText"></param>
/// <returns></returns>
internal string Decrypt( byte[] cipherText )
{
throw new NotImplementedException();
}
/// <summary>
/// Compute the secure hash of a string
/// </summary>
/// <param name="plainText"></param>
/// <returns></returns>
internal byte[] ComputeSecureHash( string plainText )
{
throw new NotImplementedException();
}
}
}
}
Implementation of the internals of EncryptionEngine is left as an exercise for the reader.


You can take a look at the authentication of your application, and see from the source code how it authenticates the password. There you should see that the app is encrypting the password and comparing it with the encrypted value in the database. The encryption function there should be easy to reverse. A salt is not usually used along with encryption, it is used when generating a hash to protected against lookup attacks.
I don't think SQL can do decryption on AES128, not in a straightforward manner anyway. But you can write a simple .NET app using the standard APIs that will decrypt each password, hash it with the salt and write it back to the database.


The point with storing encrypted passwords is that they cannot be decrypted. The encryption is in fact made on some constant (+salt) using the password as the key.
So basically the goal has already been met, you cannot decrypt the "passwords" to get their clear text versions.

Related

How to save changes on UWP?

I have a simple and basic question: how do I make my app save changes on the textbox and other editable tools (like radiobuttons/colors etc)?
I am coding a UWP app on Visual Studio.
When I lunch the app on VS, the text I write in the textboxes disapear when I close the app.
Sorry I just started a few days ago and can't find a solution...
Thanks!

you need to store that data locally, when you closing your app. so when you restart app first fetch data from that local storage and save or append it in your textbox.
You can use below two ways to store it.
Create one text file and store your data in it, so you can fetch data whenever your app
is restarted.
you can use settings for store local data. please check below link for more information.
https://learn.microsoft.com/en-us/windows/uwp/get-started/settings-learning-track

By localSettings, You can store your data locally in your machine.
public static class LocalSettingsHelper
{
private static ApplicationDataContainer _localSettings = ApplicationData.Current.LocalSettings;
/// <summary>
/// Create Local Settings storage Container
/// </summary>
/// <typeparam name="T">Type</typeparam>
/// <param name="container">Container</param>
/// <param name="containerValue">ContainerValue</param>
/// <param name="value">Value</param>
internal static void SetContainer<T>(string container, string containerValue, T value)
{
var containerName = _localSettings.CreateContainer(container, ApplicationDataCreateDisposition.Always);
_localSettings.Containers[container].Values[containerValue] = value != null ? JsonConvert.SerializeObject(value) : null;
}
/// <summary>
/// Get Local Settings Container
/// </summary>
/// <typeparam name="T">Type</typeparam>
/// <param name="container">Container</param>
/// <param name="containerValue">ContainerValue</param>
/// <returns>Value as Type</returns>
internal static T GetContainerValue<T>(string container, string containerValue)
{
var containerName = _localSettings.CreateContainer(container, ApplicationDataCreateDisposition.Always);
string currentValue = _localSettings.Containers[container].Values[containerValue] as string;
if (currentValue == null)
{
return default(T);
}
return JsonConvert.DeserializeObject<T>(currentValue);
}
}

How to get a method/property description? [C#] [duplicate]

I'm looking for a way to programmatically get the summary portion of Xml-comments of a method in ASP.net.
I have looked at the previous related posts and they do not supply a way of doing so in a web environment.
I can not use any 3rd party apps and due to a web environment, Visual studio plugin's aren't much use either.
The closest thing I have found to a working solution was the JimBlackler project, but it only works on DLL's.
Naturally, something like 'supply .CS file, get XML documentation' would be optimal.
Current situation
I have a web-service and trying to dynamically generate documentation for it.
Reading the Methods, and properties is easy, but getting the Summary for each method is throwing me off a bit.
/// <summary>
/// This Is what I'm trying to read
/// </summary>
public class SomeClass()
{
/// <summary>
/// This Is what I'm trying to read
/// </summary>
public void SomeMethod()
{
}
}

A Workaround - Using reflection on Program.DLL/EXE together with Program.XML file
If you take a look at the sibling .XML file generated by Visual Studio you will see that there is a fairly flat hierarchy of /members/member.
All you have to do is get hold on each method from your DLL via MethodInfo object. Once you have this object you turn to the XML and use XPATH to get the member containing the XML documentation for this method.
Members are preceded by a letter. XML doc for methods are preceded by "M:" for class by "T:" etc.
Load your sibling XML
string docuPath = dllPath.Substring(0, dllPath.LastIndexOf(".")) + ".XML";
if (File.Exists(docuPath))
{
_docuDoc = new XmlDocument();
_docuDoc.Load(docuPath);
}
Use this xpath to get the member representing the method XML docu
string path = "M:" + mi.DeclaringType.FullName + "." + mi.Name;
XmlNode xmlDocuOfMethod = _docuDoc.SelectSingleNode(
"//member[starts-with(#name, '" + path + "')]");
Now scan childnodes for all the rows of "///"
Sometimes the /// Summary contains extra blanks, if this bothers use this to remove
var cleanStr = Regex.Replace(row.InnerXml, #"\s+", " ");

The XML summary isn't stored in the .NET assembly - it's optionally written out to an XML file as part of your build (assuming you're using Visual Studio).
Consequently there is no way to "pull out" the XML summaries of each method via reflection on a compiled .NET assembly (either .EXE or .DLL) - because the data simply isn't there for you to pull out. If you want the data, you'll have to instruct your build environment to output the XML files as part of your build process and parse those XML files at runtime to get at the summary information.

You could 'document' your method using the System.ComponentModel.DataAnnotations.DisplayAttribute attribute, e.g.
[Display(Name = "Foo", Description = "Blah")]
void Foo()
{
}
then use reflection to pull the description at runtime.

A deleted post, made by #OleksandrIeremenko, on this thread links to this article https://jimblackler.net/blog/?p=49 which was the basis for my solution.
Below is a modification of Jim Blackler's code making extension methods off the MemberInfo and Type objects and adding code that returns the summary text or an empty string if not available.
Usage
var typeSummary = typeof([Type Name]).GetSummary();
var methodSummary = typeof([Type Name]).GetMethod("[Method Name]").GetSummary();
Extension Class
/// <summary>
/// Utility class to provide documentation for various types where available with the assembly
/// </summary>
public static class DocumentationExtensions
{
/// <summary>
/// Provides the documentation comments for a specific method
/// </summary>
/// <param name="methodInfo">The MethodInfo (reflection data ) of the member to find documentation for</param>
/// <returns>The XML fragment describing the method</returns>
public static XmlElement GetDocumentation(this MethodInfo methodInfo)
{
// Calculate the parameter string as this is in the member name in the XML
var parametersString = "";
foreach (var parameterInfo in methodInfo.GetParameters())
{
if (parametersString.Length > 0)
{
parametersString += ",";
}
parametersString += parameterInfo.ParameterType.FullName;
}
//AL: 15.04.2008 ==> BUG-FIX remove “()” if parametersString is empty
if (parametersString.Length > 0)
return XmlFromName(methodInfo.DeclaringType, 'M', methodInfo.Name + "(" + parametersString + ")");
else
return XmlFromName(methodInfo.DeclaringType, 'M', methodInfo.Name);
}
/// <summary>
/// Provides the documentation comments for a specific member
/// </summary>
/// <param name="memberInfo">The MemberInfo (reflection data) or the member to find documentation for</param>
/// <returns>The XML fragment describing the member</returns>
public static XmlElement GetDocumentation(this MemberInfo memberInfo)
{
// First character [0] of member type is prefix character in the name in the XML
return XmlFromName(memberInfo.DeclaringType, memberInfo.MemberType.ToString()[0], memberInfo.Name);
}
/// <summary>
/// Returns the Xml documenation summary comment for this member
/// </summary>
/// <param name="memberInfo"></param>
/// <returns></returns>
public static string GetSummary(this MemberInfo memberInfo)
{
var element = memberInfo.GetDocumentation();
var summaryElm = element?.SelectSingleNode("summary");
if (summaryElm == null) return "";
return summaryElm.InnerText.Trim();
}
/// <summary>
/// Provides the documentation comments for a specific type
/// </summary>
/// <param name="type">Type to find the documentation for</param>
/// <returns>The XML fragment that describes the type</returns>
public static XmlElement GetDocumentation(this Type type)
{
// Prefix in type names is T
return XmlFromName(type, 'T', "");
}
/// <summary>
/// Gets the summary portion of a type's documenation or returns an empty string if not available
/// </summary>
/// <param name="type"></param>
/// <returns></returns>
public static string GetSummary(this Type type)
{
var element = type.GetDocumentation();
var summaryElm = element?.SelectSingleNode("summary");
if (summaryElm == null) return "";
return summaryElm.InnerText.Trim();
}
/// <summary>
/// Obtains the XML Element that describes a reflection element by searching the
/// members for a member that has a name that describes the element.
/// </summary>
/// <param name="type">The type or parent type, used to fetch the assembly</param>
/// <param name="prefix">The prefix as seen in the name attribute in the documentation XML</param>
/// <param name="name">Where relevant, the full name qualifier for the element</param>
/// <returns>The member that has a name that describes the specified reflection element</returns>
private static XmlElement XmlFromName(this Type type, char prefix, string name)
{
string fullName;
if (string.IsNullOrEmpty(name))
fullName = prefix + ":" + type.FullName;
else
fullName = prefix + ":" + type.FullName + "." + name;
var xmlDocument = XmlFromAssembly(type.Assembly);
var matchedElement = xmlDocument["doc"]["members"].SelectSingleNode("member[#name='" + fullName + "']") as XmlElement;
return matchedElement;
}
/// <summary>
/// A cache used to remember Xml documentation for assemblies
/// </summary>
private static readonly Dictionary<Assembly, XmlDocument> Cache = new Dictionary<Assembly, XmlDocument>();
/// <summary>
/// A cache used to store failure exceptions for assembly lookups
/// </summary>
private static readonly Dictionary<Assembly, Exception> FailCache = new Dictionary<Assembly, Exception>();
/// <summary>
/// Obtains the documentation file for the specified assembly
/// </summary>
/// <param name="assembly">The assembly to find the XML document for</param>
/// <returns>The XML document</returns>
/// <remarks>This version uses a cache to preserve the assemblies, so that
/// the XML file is not loaded and parsed on every single lookup</remarks>
public static XmlDocument XmlFromAssembly(this Assembly assembly)
{
if (FailCache.ContainsKey(assembly))
{
throw FailCache[assembly];
}
try
{
if (!Cache.ContainsKey(assembly))
{
// load the docuemnt into the cache
Cache[assembly] = XmlFromAssemblyNonCached(assembly);
}
return Cache[assembly];
}
catch (Exception exception)
{
FailCache[assembly] = exception;
throw;
}
}
/// <summary>
/// Loads and parses the documentation file for the specified assembly
/// </summary>
/// <param name="assembly">The assembly to find the XML document for</param>
/// <returns>The XML document</returns>
private static XmlDocument XmlFromAssemblyNonCached(Assembly assembly)
{
var assemblyFilename = assembly.Location;
if (!string.IsNullOrEmpty(assemblyFilename))
{
StreamReader streamReader;
try
{
streamReader = new StreamReader(Path.ChangeExtension(assemblyFilename, ".xml"));
}
catch (FileNotFoundException exception)
{
throw new Exception("XML documentation not present (make sure it is turned on in project properties when building)", exception);
}
var xmlDocument = new XmlDocument();
xmlDocument.Load(streamReader);
return xmlDocument;
}
else
{
throw new Exception("Could not ascertain assembly filename", null);
}
}
}

You can use Namotion.Reflection NuGet package to get these information:
string summary = typeof(Foo).GetXmlDocsSummary();

You can look at https://github.com/NSwag/NSwag - source for nuget NSwag.CodeGeneration - it gets summary as well, usage
var generator = new WebApiAssemblyToSwaggerGenerator(settings);<br/>
var swaggerService = generator.GenerateForController("namespace.someController");<br/>
// string with comments <br/>
var swaggerJson = swaggerService.ToJson();
(try ILSPY decompiler against your dll, you check code and comments)

If you have access to the source code you're trying to get comments for, then you can use Roslyn compiler platform to do that. It basically gives you access to all the intermediary compiler metadata and you can do anything you want with it.
It's a bit more complicated than what other people are suggesting, but depending on what your needs are, might be an option.
It looks like this post has a code sample for something similar.

Unit testing of code ported from a CRC32 implementation originally in C?

This is a port of a C implementation written by Craig Bruce that had been made available in the public domain, which in turn had been based on the byte-oriented implementation:
"File Verification Using CRC" by Mark R. Nelson in Dr. Dobb's Journal, May 1992, pp. 64-67.
The original C implementation can be found here
I am trying to write a NUnit test for it and need some help to figure out where to start, what conditions to state. Thanks in advance for your help.
using System;
using System.Diagnostics.CodeAnalysis;
namespace MCC.Common
{
/// <summary>
/// Calculates CRC32 Values
/// </summary>
/// <remarks>
/// This is a port of a C implementaion written by Craig Bruce that had
/// been made available in the public domain, which in turn had been based on the byte-oriented implementation "File
/// Verification Using CRC" by Mark R. Nelson in Dr. Dobb's Journal, May 1992, pp. 64-67.
/// The original C implementation can be found here:
/// http://www.csbruce.com/software/crc32.c
/// </remarks>
[SuppressMessage("Microsoft.Naming", "CA1704:IdentifiersShouldBeSpelledCorrectly", MessageId = "Crc")]
public static class Crc32
{
private static readonly uint[] CrcTable =
{
0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F, 0xE963A535,
0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988, 0x09B64C2B, 0x7EB17CBD,
0xE7B82D07, 0x90BF1D91, 0x1DB71064, 0x6AB020F2, 0xF3B97148, 0x84BE41DE, 0x1ADAD47D,
0x6DDDE4EB, 0xF4D4B551, 0x83D385C7, 0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC,
0x14015C4F, 0x63066CD9, 0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4,
0xA2677172, 0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, 0x35B5A8FA, 0x42B2986C,
0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59, 0x26D930AC,
0x51DE003A, 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423, 0xCFBA9599, 0xB8BDA50F,
0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924, 0x2F6F7C87, 0x58684C11, 0xC1611DAB,
0xB6662D3D, 0x76DC4190, 0x01DB7106, 0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F,
0x9FBFE4A5, 0xE8B8D433, 0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, 0x7F6A0DBB,
0x086D3D2D, 0x91646C97, 0xE6635C01, 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E,
0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950, 0x8BBEB8EA,
0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65, 0x4DB26158, 0x3AB551CE,
0xA3BC0074, 0xD4BB30E2, 0x4ADFA541, 0x3DD895D7, 0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A,
0x346ED9FC, 0xAD678846, 0xDA60B8D0, 0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9,
0x5005713C, 0x270241AA, 0xBE0B1010, 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409,
0xCE61E49F, 0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, 0x2EB40D81,
0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A, 0xEAD54739,
0x9DD277AF, 0x04DB2615, 0x73DC1683, 0xE3630B12, 0x94643B84, 0x0D6D6A3E, 0x7A6A5AA8,
0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1, 0xF00F9344, 0x8708A3D2, 0x1E01F268,
0x6906C2FE, 0xF762575D, 0x806567CB, 0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0,
0x10DA7A5A, 0x67DD4ACC, 0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, 0xD6D6A3E8,
0xA1D1937E, 0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B,
0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55, 0x316E8EEF,
0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236, 0xCC0C7795, 0xBB0B4703,
0x220216B9, 0x5505262F, 0xC5BA3BBE, 0xB2BD0B28, 0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7,
0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D, 0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A,
0x9C0906A9, 0xEB0E363F, 0x72076785, 0x05005713, 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE,
0x0CB61B38, 0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242,
0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777, 0x88085AE6,
0xFF0F6A70, 0x66063BCA, 0x11010B5C, 0x8F659EFF, 0xF862AE69, 0x616BFFD3, 0x166CCF45,
0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2, 0xA7672661, 0xD06016F7, 0x4969474D,
0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC, 0x40DF0B66, 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5,
0x47B2CF7F, 0x30B5FFE9, 0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605,
0xCDD70693, 0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94,
0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D
};
/// <summary>
/// Computes the CRC-32 hash of the specified bytes
/// </summary>
/// <param name="byteBuffer">The bytes to compute the hash for</param>
/// <returns>The CRC-32 hash of the specified bytes</returns>
public static uint ComputeHash(byte[] byteBuffer)
{
if (byteBuffer == null)
{
throw new ArgumentNullException("byteBuffer");
}
long len = byteBuffer.LongLength;
uint crc32 = 0xFFFFFFFF;
for (int i = 0; i < len; i++)
{
crc32 = (crc32 >> 8) ^ CrcTable[(crc32 ^ byteBuffer[i]) & 0xFF];
}
return (crc32 ^ 0xFFFFFFFF);
}
}
}

Since it is static with no dependencies, unit testing is as simple as calling the method with known inputs and expected results:
[Test]
public void TestThatHashOfHelloWorldIs98766()
{
Assert.AreEqual(98766,
Crc32.ComputeHash(System.Text.Encoding.Unicode.GetBytes("Hello World")));
}
You'll probably want to do a bunch of cases, so look at using parameterized tests or [Theory] to DRY up your test code.
One requirement is that you will need another, trusted CRC library to determine the test cases, of course.
You'll also want to test the edge cases, like:
[Test]
public void TestNullThrows()
{
Assert.Throws<ArgumentNullException>(() => Crc32.ComputeHash(null));
}
And if you suspect performance will be an issue on large computations, set a MaxTime:
[Test, Maxtime(50)]
public void TimedTest()
{
Crc32.ComputeHash(someVeryLongByteArrayHere);
}

Membership user names and DotNetOpenAuth

I found an article describing how to connect existing membership with OpenID but when user uses some OpenID provider to login first time my app creates account from him, it puts his authenticate link as username, and display name as comment.How am I currently determining what to show as username:
string username = Membership.GetUser(UserID).UserName;
return string.IsNullOrEmpty(Membership.GetUser(UserID).Comment) ? username : Membership.GetUser(username).Comment;
This really isn't a problem,but now I have to link somehow to user profile page, and I am not sure how to do that, here is an example of what could work for me:
www.example.com/users/Guid/DisplayName
Display name is either username if he registered through my page or comment if user used OpenID provider do create account.
if I did something like:
www.example.com/users/DisplayName
I'm not sure it won't display wrong user since someone could regeister username "Foo" through membership and some other user is using that username with OpenID so he would get "Foo" in his comment field
So to finish my question, would it be bad to put user GUID in routed url as I saw similar stuff on many other websites,or is there way to derive integer from GUID back and forth?

A GUID can certainly be put into a URL (probably without curly braces around it). Alternatively as a 128-bit number, it can also be represented in a base64 string, which would be shorter than a GUID. Either one is pretty user-unfriendly, but your concern about collisions between different types of user accounts seems justified.
Here is how you could convert a GUID into a base64 web-safe string. Code snippets courtesy of DotNetOpenAuth utilities).
Guid userGuid; // value comes from your database
ConvertToBase64WebSafeString(userGuid.ToByteArray());
/// <summary>
/// Converts to data buffer to a base64-encoded string, using web safe characters and with the padding removed.
/// </summary>
/// <param name="data">The data buffer.</param>
/// <returns>A web-safe base64-encoded string without padding.</returns>
internal static string ConvertToBase64WebSafeString(byte[] data) {
var builder = new StringBuilder(Convert.ToBase64String(data));
// Swap out the URL-unsafe characters, and trim the padding characters.
builder.Replace('+', '-').Replace('/', '_');
while (builder[builder.Length - 1] == '=') { // should happen at most twice.
builder.Length -= 1;
}
return builder.ToString();
}
And of course convert back from the URL base64 string to a Guid:
string base64SegmentFromUrl; // from incoming web request to profile page
Guid userGuid = new Guid(FromBase64WebSafeString(base64SegmentFromUrl);
/// <summary>
/// Decodes a (web-safe) base64-string back to its binary buffer form.
/// </summary>
/// <param name="base64WebSafe">The base64-encoded string. May be web-safe encoded.</param>
/// <returns>A data buffer.</returns>
internal static byte[] FromBase64WebSafeString(string base64WebSafe) {
Requires.NotNullOrEmpty(base64WebSafe, "base64WebSafe");
Contract.Ensures(Contract.Result<byte[]>() != null);
// Restore the padding characters and original URL-unsafe characters.
int missingPaddingCharacters;
switch (base64WebSafe.Length % 4) {
case 3:
missingPaddingCharacters = 1;
break;
case 2:
missingPaddingCharacters = 2;
break;
case 0:
missingPaddingCharacters = 0;
break;
default:
throw ErrorUtilities.ThrowInternal("No more than two padding characters should be present for base64.");
}
var builder = new StringBuilder(base64WebSafe, base64WebSafe.Length + missingPaddingCharacters);
builder.Replace('-', '+').Replace('_', '/');
builder.Append('=', missingPaddingCharacters);
return Convert.FromBase64String(builder.ToString());
}

How to display data uri scheme into a C# WebBrowser Controller

How can I show an image base64 encoded using WebBrowser control in C#?
I used the following code:
<img src="data:image/gif;base64,/9j/4AAQSkZJRgABAgAAZABkAA7AAR
R894ADkFkb2JlAGTAAAAAAfbAIQABAMDAwMDBAMDBAYEAwQGBwUEBAUHCAYGBw
...
uhWkvoJfQO2z/rf4VpL6CX0Dts/63+FaS+gl9A7bP+tthWkvoJfQODCde4qfcg
RiNWK3UyUeX9CXpHU43diOK915X5fG/reux5hUAUBftZ" />
but no image is displayed. One solution would be to save images locally and using absolute path, but this is not desirable.
Any idea?

I tried doing this for a project and IE (which the WebBrowser control will eventually use) became the limiting factor - it can only hold 32Kb-sized images. I wound up having to create an HTTP handler (.ashx) that returned the image based on a database key.
edit: example - note the database handling routines are proprietary and you'd have to put in your own. The rest of the handler will show how to rescale images (if desired) and send back as a response to the browser:
public class GenerateImage : IHttpHandler
{
/// <summary>
/// Shortcut to the database controller. Instantiated immediately
/// since the ProcessRequest method uses it.
/// </summary>
private static readonly IDataModelDatabaseController controller =
DataModelDatabaseControllerFactory.Controller;
/// <summary>
/// Enables processing of HTTP Web requests by a custom HttpHandler
/// that implements the <see cref="T:System.Web.IHttpHandler"/>
/// interface.
/// </summary>
/// <param name="context">An <see cref="T:System.Web.HttpContext"/>
/// object that provides references to the intrinsic server objects
/// (for example, Request, Response, Session, and Server) used to
/// service HTTP requests.</param>
public void ProcessRequest(HttpContext context)
{
if (controller == null)
{
return;
}
IDataModelDescriptor desc = controller.GetDataModelDescriptor(
new Guid(context.Request.QueryString["dataModel"]));
IDataModelField imageField =
desc.Fields[context.Request.QueryString["imageField"]];
IDatabaseSelectQuery query = controller.CreateQuery();
string[] keys = context.Request.QueryString["key"].Split(',');
string showThumb = context.Request.QueryString["showThumbnail"];
bool showThumbnail = showThumb != null;
query.AssignBaseTable(desc);
query.AddColumn(imageField, false);
for (int i = 0; i < desc.KeyFields.Count; i++)
{
query.AddCompareValue(
desc.KeyFields[i],
keys[i],
DatabaseOperator.Equal);
}
context.Response.CacheControl = "no-cache";
context.Response.ContentType = "image/jpeg";
context.Response.Expires = -1;
byte[] originalImage = (byte[])controller.ExecuteScalar(query);
if (showThumbnail)
{
int scalePixels;
if (!int.TryParse(showThumb, out scalePixels))
{
scalePixels = 100;
}
using (Stream stream = new MemoryStream(originalImage))
using (Image img = Image.FromStream(stream))
{
double multiplier;
if ((img.Width <= scalePixels)
&& (img.Height <= scalePixels))
{
context.Response.BinaryWrite(originalImage);
return;
}
else if (img.Height < img.Width)
{
multiplier = (double)img.Width / (double)scalePixels;
}
else
{
multiplier = (double)img.Height / (double)scalePixels;
}
using (Bitmap finalImg = new Bitmap(
img,
(int)(img.Width / multiplier),
(int)(img.Height / multiplier)))
using (Graphics g = Graphics.FromImage(finalImg))
{
g.InterpolationMode =
InterpolationMode.HighQualityBicubic;
finalImg.Save(
context.Response.OutputStream,
ImageFormat.Jpeg);
}
}
}
else
{
context.Response.BinaryWrite(originalImage);
}
}
/// <summary>
/// Gets a value indicating whether another request can use the
/// <see cref="T:System.Web.IHttpHandler"/> instance.
/// </summary>
/// <value></value>
/// <returns>true if the <see cref="T:System.Web.IHttpHandler"/>
/// instance is reusable; otherwise, false.
/// </returns>
public bool IsReusable
{
get
{
return false;
}
}
}

What is data uri string length, according to data Protocol in IE8 Data URIs cannot be larger than 32,768 characters.
Edit: The resource data must be properly encoded; otherwise, an error occurs and the resource is not loaded. The "#" and "%" characters must be encoded, as well as control characters, non-US ASCII characters, and multibyte characters.

Categories

Resources