I have a new user register form that requires a username and password with a MS Access db with two fields only, username and password.
The username and password, as a plain text password, successfully go into the db. However, when I attempt to salt/hash the password, it fails. I don't get any errors either in Visual Studio or online, and the form and the form field data simply stay in page - that is, nothing happens.
This is the code I am using (trimmed):
Expand|Select|Wrap|Line Numbers
- Imports Microsoft.AspNet.Membership.OpenAuth
- Imports System
- Imports System.Linq
- Imports System.Web
- Imports System.Web.UI
- Imports System.Data.OleDb
- Imports System.Security.Cryptography
- Partial Class register1
- Inherits System.Web.UI.Page
- Sub New()
- MyBase.New()
- End Sub
- Protected Sub btnReg_Click(ByVal sender As Object, ByVal e As System.EventArgs) Handles btnReg.Click
- Try
- Using conn As OleDbConnection = New OleDbConnection(System.Configuration.ConfigurationManager.ConnectionStrings("students").ConnectionString)
- Dim Sql As String = "INSERT INTO university (username,[password],strEmail) VALUES (@username,@password,@strEmail)"
- Dim cmd As New OleDbCommand(Sql, conn)
- conn.Open()
- cmd.Parameters.AddWithValue("@username", username.Text)
- cmd.Parameters.AddWithValue("@password", password.Text)
- cmd.Parameters.AddWithValue("@strEmail", strEmail.Text)
- cmd.ExecuteNonQuery()
- conn.Close()
- End Using
- End Try
- End Sub
- Public Sub New(password As String)
- Dim saltBytes = New Byte(31) {}
- Dim Salt As String = ""
- Dim Hash As String = ""
- Using provider = New RNGCryptoServiceProvider()
- provider.GetNonZeroBytes(saltBytes)
- End Using
- Salt = Convert.ToBase64String(saltBytes)
- Hash = ComputeHash(Salt, password)
- End Sub
- Private Shared Function ComputeHash(salt As String, password As String) As String
- Dim saltBytes = Convert.FromBase64String(salt)
- Using rfc2898DeriveBytes = New Rfc2898DeriveBytes(password, saltBytes, 1000)
- Return Convert.ToBase64String(rfc2898DeriveBytes.GetBytes(512))
- End Using
- End Function
- Public Shared Function Verify(salt As String, hash As String, password As String) As Boolean
- Return hash = ComputeHash(salt, password)
- End Function
- End Class
Thank you for any help.
Blueie