i was able to create encrypted password but i cant login.The error
Server Error in '/WebSite6' Application.
The input data is not a complete block.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code. Exception Details: System.Security.Cryptography.CryptographicException: The input data is not a complete block. Source Error:
Line 87: {
Line 88: cs.Write(cipherBytes, 0, cipherBytes.Length);
Line 89: cs.Close();
Line 90: }
Line 91: cipherText = Encoding.Unicode.GetString(ms.ToArray());
|
my code
public partial class Atq : System.Web.UI.Page
{
SqlCommand cmd99 = new SqlCommand();
SqlConnection conn99 = new SqlConnection();
SqlCommand cmd = new SqlCommand();
SqlConnection dbConn = new SqlConnection();
SqlDataReader dr;
string selectSQL;
protected void Button1_Click(object sender, EventArgs e)
{
string constr = ConfigurationManager.ConnectionStrings["constr"].ConnectionString;
using (SqlConnection con = new SqlConnection(constr))
{
using (SqlCommand cmd = new SqlCommand("INSERT INTO users VALUES(@username, @password,@privilege)"))
{
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@username", TextBox1.Text.Trim());
cmd.Parameters.AddWithValue("@password", Encrypt(TextBox2.Text.Trim()));
cmd.Parameters.AddWithValue("@privilege", DropDownList1.SelectedValue.ToString());
cmd.Connection = con;
con.Open();
cmd.ExecuteNonQuery();
con.Close();
}
}
Response.Redirect(Request.Url.AbsoluteUri);
}
private string Encrypt(string clearText)
{
string EncryptionKey = "MAKV2SPBNI99212";
byte[] clearBytes = Encoding.Unicode.GetBytes(clearText);
using (Aes encryptor = Aes.Create())
{
Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateEncryptor(), CryptoStreamMode.Write))
{
cs.Write(clearBytes, 0, clearBytes.Length);
cs.Close();
}
clearText = Convert.ToBase64String(ms.ToArray());
}
}
return clearText;
}
private string Decrypt(string cipherText)
{
string EncryptionKey = "MAKV2SPBNI99212";
byte[] cipherBytes = Convert.FromBase64String(cipherText);
using (Aes encryptor = Aes.Create())
{
Rfc2898DeriveBytes pdb = new Rfc2898DeriveBytes(EncryptionKey, new byte[] { 0x49, 0x76, 0x61, 0x6e, 0x20, 0x4d, 0x65, 0x64, 0x76, 0x65, 0x64, 0x65, 0x76 });
encryptor.Key = pdb.GetBytes(32);
encryptor.IV = pdb.GetBytes(16);
using (MemoryStream ms = new MemoryStream())
{
using (CryptoStream cs = new CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write))
{
cs.Write(cipherBytes, 0, cipherBytes.Length);
cs.Close();
}
cipherText = Encoding.Unicode.GetString(ms.ToArray());
}
}
return cipherText;
}
protected void Button2_Click(object sender, EventArgs e)
{
selectSQL = "select * from users WHERE " + "username = @username AND password = @password ";
dbConn.ConnectionString = "data source=NERE\\SQLEXPRESS01; Initial Catalog=kaging;Integrated Security=True;";
cmd.Connection = dbConn;
cmd.CommandText = selectSQL;
cmd.CommandType = CommandType.Text;
cmd.CommandType = CommandType.Text;
cmd.Parameters.AddWithValue("@username", TextBox3.Text.Trim());
cmd.Parameters.AddWithValue("@password", Decrypt(TextBox4.Text.Trim()));
try
{
dbConn.Open();
Response.Write(selectSQL);
dr = cmd.ExecuteReader();
if (dr.Read())
{
Response.Redirect("bbbbb.aspx");
}
else
{
Label1.Text = "Sorry You Can't Login ";
}
dr.Close();
}
catch (Exception err)
{
Label1.Text = "Error Logging in ";
Label1.Text += err.Message;
}
finally
{
dbConn.Close();
}
}
}
please help
