>>>I'm putting together some table to manage users, roles, and rights.
>>>
>>>Anyone see any problems with encrypting all the data in all three tables?
>>
>>I'm working on a similar thing at the moment. Your needs are probably different but I decided:
>>(a) To handle the encryption in a tier that will make it back-end agnostic.
>>(b) To only secure the password - and then by hash value rather than encryption.
>>
>>FWIW, here's the class I use for hashing/comparing.
static public class HashFunctions
>> {
>> public static Byte[] GetHashValue(string s)
>> {
>> byte[] source = ASCIIEncoding.ASCII.GetBytes(s);
>> return new MD5CryptoServiceProvider().ComputeHash(source);
>> }
>>
>> public static bool CompareHash(byte[] first, byte[] second)
>> {
>> bool equal = false;
>> if (first.Length == second.Length)
>> {
>> int i=0;
>> while (i < first.Length && (first[i] == second[i]))
>> i++;
>> equal = i == first.Length;
>> }
>> return equal;
>> }
>>
>> public static bool CompareHash(byte[] b,string s)
>> {
>> return CompareHash(b, GetHashValue(s));
>> }
>> }The password is stored as a byte array (varbinary() in MSSQL)
>
>
>
>Viv,
>
>This extension method may be useful for your CompareHash() method
>
>namespace GregoryAdam.Base.ExtensionMethods
>{
> public static partial class ExtensionMethods_Array
> {
> //______________________________________________________________________
> /// <summary>
> /// returns whether the contents of a range are equal to another range
> /// </summary>
> /// <typeparam name="T"></typeparam>
> /// <param name="thisArray"></param>
> /// <param name="thisIndex"></param>
> /// <param name="otherArray"></param>
> /// <param name="otherIndex"></param>
> /// <param name="length"></param>
> /// <returns></returns>
> public static bool ContentsEqual<T>(this T[] thisArray, int thisIndex, T[] otherArray, int otherIndex, int length)
> where T : IEquatable<T>
> {
> if ( otherArray == null )
> return false;
>
> for (;
> if (!thisArray[thisIndex++].Equals(otherArray[otherIndex++]))
> return false;
>
> return true;
> }
> //______________________________________________________________________
> public static bool ContentsEqual<T>( this T[] array, int index1, int index2, int length )
> where T : IEquatable<T>
> {
> return array.ContentsEqual(index1, array, index2, length);
> }
> //______________________________________________________________________
> public static bool ContentsEqual<T>( this T[] array, T[] otherArray )
> where T : IEquatable<T>
> {
> if ( otherArray == null )
> return false;
>
> if ( array.Length != otherArray.Length )
> return false;
>
> return array.ContentsEqual(array.GetLowerBound(0), otherArray, otherArray.GetLowerBound(0), array.Length);
> }
> //______________________________________________________________________
> }
>}
>Thanks! In this instance I probably won't use it since I don't need the flexibility of specifying a range - but it will be useful elsewhere.
BTW I wonder which is more efficient - Your:
for (;
> if (!thisArray[thisIndex++].Equals(otherArray[otherIndex++]))
> return false;
or my:
while (i < first.Length && (first[i] == second[i]))
i++;
equal = i == first.Length;
