Has anyone actually managed to set a users' password (hashed) via aspnet_Membership_SetPassword in a silverlight app?
I can do it in ASP.NET w/o problem. The System.Security.Cryptography class for ASP.NET seems to handle hashing (SHA1) exactly the way asp.net likes.
System.Security.Cryptography in Silverlight naturally is different than the one available in asp.net. Using System.Security.Cryptography.SHA1Managed to hash a password generates what looks like a hash, but save it using aspnet_Membership_SetPassword and the user will not be able to log in again.
So far, after most of the day spent searching/chasing dead ends/ etc I haven't found any code that actually works (in Silverlight).
This is part of the Administration module I've been writing.
for reference.. my password hasing classes..
// This generates a secure 1 time salt to use when encrypting/assigning a password
public static string CreateSalt()
{
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
byte[] buff = new byte[16]; // was [32]
rng.GetBytes(buff);
return Convert.ToBase64String(buff);
}
//uses the Salt generated in CreateSalt to hash the passed-in password.
//The hashed password and the salt must be passed to aspnet_Membership_CreateUser to create the user
public static string EncodePassword(string pass, string salt)
{
byte[] bytes = Encoding.Unicode.GetBytes(pass);
byte[] src = Encoding.Unicode.GetBytes(salt);
byte[] dst = new byte[src.Length + bytes.Length];
System.Buffer.BlockCopy(src, 0, dst, 0, src.Length);
System.Buffer.BlockCopy(bytes, 0, dst, src.Length, bytes.Length);
////System.Security.Cryptography.
////silverlight version
SHA1 algorithm = new System.Security.Cryptography.SHA1Managed();
byte[] inArray = algorithm.ComputeHash(dst);
//for asp.net version
//HashAlgorithm algorithm = HashAlgorithm.Create( "SHA1");
//byte[] inArray = algorithm.ComputeHash(dst);
return Convert.ToBase64String(inArray);
}
____________________________________
Don't Tread on Me
Overthrow the federal government NOW!
____________________________________