|
Garth J Lancaster wrote: Im sorry, I think you're missing the point - you're not getting the correct results because you're not comparing 'apples with apples'
Actually I am also trying to do the same, but what I don't understand is why it is not working.
Let me re-phrase my problem without code:
Form User Creation:
1.New User create with Username and Password, password is hashed and stored in db,using a hidden textbox (txtHash).
Form User Login:
1. User enter username and password.
2. Get hashed password from db and stored it in hashpassdb string.
3. Now compare the user entered password with BCrypt.CheckPassword(txtPass.Text.Trim().ToString(), hashpassdb))
I know there is something wrong in logic behind User login form, but I am unable to track it. I've used breakpoints in BCrypt.Checkpassword function to check what values are in, and they are different. But the question is why?
|
|
|
|
|
ahmed_one wrote: 3. Now compare the user entered password with
BCrypt.CheckPassword(txtPass.Text.Trim().ToString(), hashpassdb))
yes, but, arnt you doing something funky in txtPass.Leave event ? that means the result you get from
txtPass.Text.Trim().ToString()
is effectively
HashPassword(user entered password ,BCrypt.GenerateSalt(12));
?
|
|
|
|
|
As you've quote point number 3, which is related to User login form, there is no txtPass.leave event used in User Login form. It is only used in User Creation Form, so ultimately there is no:
HashPassword(user entered password ,BCrypt.GenerateSalt(12));
Used for txtPass. It's the plaintext where user enter password.
I know what you are trying to say, that when comparing password, what I am doing is to generate new hash due to the result of GenerateSalt(12). But this is not the case, I simply get hash value from db and put it in CheckPassword method alongwith plaintext password enter by user. I am sure BCrypt.GenerateSalt(12) is not call anywhere in UserLogin form.
I am following this guide in my application.
|
|
|
|
|
ok, which version of BCrypt are you using ?
|
|
|
|
|
|
There appears to be a more up-to-date version here http://bcrypt.codeplex.com/[^]
Nonetheless, I did a quick and dirty test with that version you used with VS2005 :-
namespace DSBcryptTest
{
class Program
{
static void Main(string[] args)
{
String Password_Text = "Lorem_ipsum_dolor_sit_amet";
String Password_Hashed = BCrypt.HashPassword(Password_Text, BCrypt.GenerateSalt(12));
Console.WriteLine("Hashed Password {0}", Password_Hashed);
String Test_Password_Text = Password_Text;
if (BCrypt.CheckPassword(Test_Password_Text, Password_Hashed))
{
Console.WriteLine("Passwords Match");
}
}
}
and there was nothing wrong / I got the expected result - obviously I should be using Nunit/unit tests etc, but meh ...
I copied BCrypt.cs into a new project, removed the assembly directive at the top, then used it directly as opposed to the dll version - but that wouldn't matter - it just means I can step into the code
So, Im sorry, I cant think of where to go
|
|
|
|
|
Thanks for reply.
Garth J Lancaster wrote: I copied BCrypt.cs into a new project, removed the assembly directive at the top, then used it directly as opposed to the dll version - but that wouldn't matter - it just means I can step into the code
I didn't get the above part "removed the assembly directive"?? what does it mean? I am also using BCrypt.cs file not the dll..
May be assembly directive has something to do with my problem?
|
|
|
|
|
nup, not the issue - you wouldn't even be able to build it if that were the issue - I had a 'Duplicate AssemblyVersion Attribute' error with the same in AssemblyInfo.cs - so I removed [assembly: System.Reflection.AssemblyVersion("0.1")] from near the top of my copy of BCrypt.cs
All I proved was there's nothing obviously wrong with that version of BCrypt.cs, but it was only one test
|
|
|
|
|
Ok so may be I need to also test it with simple code, after the successful test I will add it to my project.
I will let you know the result of test.
Thanks
|
|
|
|
|
btw - what is the length of the hashed password you get back from the DB ?
|
|
|
|
|
BCrypt hashed password is returning 60 Char length in my case.
|
|
|
|
|
I don't believe it...I've done hours and hours of testing and all of them is succeed...And guess what is the stupid mistake I was doing?? I've accidentally set CharacterCasing to upper when creating new user...And in Login Form it is set to default normal.
Now it is working...
Thanks for be patient with my stupidity.
Ahmed
|
|
|
|
|
Well done for fixing it. Don't be worried about it - we've all made mistakes like this at one time or another.
|
|
|
|
|
Thanks....as a beginner these mistakes surely hard to find, but no doubt they make me learn something.....
|
|
|
|
|
as POH said 'well done' - you got there in the end
'next time', when using someone else's code, knock up a set of unit tests and make sure its working before you start coding against it in anger - that will eliminate it from the things you have to consider when it all looks pear-shaped
'g'
|
|
|
|
|
Thanks...I will follow your guidelines..
|
|
|
|
|
I am trying to make a software that combine all the internet connection and make it as one to get full bandwidth speed.
I am doing it as a project for my college. I have knowledge about C# and little knowledge about network programming. Does anybody know a good network programming book which will help me solve my problems.
|
|
|
|
|
C# isn't going to help you do this. What you're talking about requires writing a driver and putting it into the network stack.
No, you can't write it in C# (easily anyway).
No, I don't know of a single book that's going to talk about writing code to do this. Books will cover the OSI model and writing drivers for Windows, but nothing on your specific case. This is require you to know the Window NDIS stack and kernel level debugging on top of the other two topics I mentioned.
In short, this is NOT suitable as a school project as there is a lot of work involved and school projects usually have too short of a timeframe to pull something like this off.
|
|
|
|
|
Dave Kreskowiak wrote: In short, this is NOT suitable as a school project
Even shorter, this is not the GIMME CODEZ category
|
|
|
|
|
|
That book won't help, Dave is 100% right, this needs to be done at the driver level and isn't a good fit for C# at the moment. There are libraries out there that help write drivers in C#, but they are entirely experimental and very poorly documented.
|
|
|
|
|
how to compile a C# program using vs2012 command prompt ?
i wanted to compile my program(Prog name:Demo.cs) which is in this folder(C:\Pra)
when i am trying to compiling my prog like this
C:\Program Files (x86)\Microsoft Visual Studio 11.0\VC>C:\Pra>csc Demo.cs
i am getting an error i.e Acess is denied
HOW CAN I SOLVE THIS,Please help me.
Thank you
Sandhya
|
|
|
|
|
Change directory to the target folder "C:\Pra" and run the command from there: you will either need to specify the path to CSC.EXE or use the VS command prompt tool which sets all the required paths as part of it's environment variables.
Trying to run CSC from it's application folder will not work as you do not have write access to anything under Program Files by default, so when it tries to create output file,s you will get "access denied" errors.
Those who fail to learn history are doomed to repeat it. --- George Santayana (December 16, 1863 – September 26, 1952)
Those who fail to clear history are doomed to explain it. --- OriginalGriff (February 24, 1959 – ∞)
|
|
|
|
|
I should to solve next task:
4. Implementation
4.1. User requirements
(You need a modul for your foreign language learning system. Therefore the images will not be general, but frontally oriented face in front of the web camera – this can be used to simplify the face detection phase).
4.2. Chosen algorithm
(State of the art method, or hybrid of different state of the art methods, or your original method or hybrid of existing and your method)
4.3. Chosen technologies
4.4. User interface (as a part of the foreign language learning system)
How could I do that?
|
|
|
|
|
Are you asking for specific implementation details, or are you just wanting the questions asked?
It looks a lot like homework to me, is that correct?
|
|
|
|