Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / March 2005

Tip: Looking for answers? Try searching our database.

PasswordDigest,  VerifyHashedPassword and Hashing???

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
AndiRudi - 26 Mar 2005 15:17 GMT
I just tried to get my VerifyHashePassword method to work, but it didn't. I
need some help!!

In de OASIS Documentation and some other Blogs I found the line

Password_Digest = Base64 ( SHA-1 ( nonce + created + password ) )

but i cannot convert it to c#?

I tried something like this, but it does not work. Can you help me?

protected override void VerifyHashedPassword(UsernameToken token, string
authenticatedPassword)
        {
            // in authenticatedPassword steht quasi das was bei AuthenticateToken
zurück gegeben wird
            string known = token.Password;

            System.Security.Cryptography.SHA1Managed s = new
System.Security.Cryptography.SHA1Managed();
            string all = Encoding.UTF8.GetString(token.Nonce) +
Encoding.UTF8.GetString(token.Created) + authenticatedPassword;
            byte [] hash = s.ComputeHash(Encoding.UTF8.GetBytes(all));
           string newone = Convert.ToBase64String(hash);

            throw new Exception("known:" + known);
        }
Reply to this Message
Luca Valenzise - 29 Mar 2005 12:58 GMT
My VB.NET code works fine:

      Dim clearPsw As String = "xxx" ' Clear Psw from dataBase

               Dim XMLTime As String = XmlConvert.ToString
(userName.Created.ToUniversalTime(),
Microsoft.Web.Services2.Security.Utility.WSUtility.TimeFormat)
               Dim ByteTime As Byte() = System.Text.Encoding.UTF8.GetBytes
(XMLTime)
               Dim ByteClearPsw As Byte() =
System.Text.Encoding.UTF8.GetBytes(ClearPsw)

               Dim dest((userName.Nonce.Length + ByteTime.Length +
System.Text.Encoding.UTF8.GetBytes(ClearPsw).Length) - 1) As Byte
               userName.Nonce.CopyTo(dest, 0)
               ByteTime.CopyTo(dest, userName.Nonce.Length)
               ByteClearPsw.CopyTo(dest, userName.Nonce.Length +
ByteTime.Length)

               Dim Sha As New System.Security.Cryptography.SHA1Managed
               Dim has As Byte() = Sha.ComputeHash(dest)
               Dim myPsw As String = System.Convert.ToBase64String(has)
               Dim ClientPsw As String = System.Convert.ToBase64String
(userName.PasswordDigest)

               If myPsw = ClientPsw Then Return clearPsw Else Return
"ERROR"
Reply to this Message

 Rate this thread:







Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.