Click here to Skip to main content
15,867,453 members
Please Sign up or sign in to vote.
1.00/5 (2 votes)
See more:
i use this code to Crypt the value:-
C#
public static string Hash(string value)
        {
            return Convert.ToBase64String(
                System.Security.Cryptography.SHA256.Create()
                .ComputeHash(Encoding.UTF8.GetBytes(value))
                );
        }


This code when i insert value :-
C#
private void btn_Save_Click(object sender, EventArgs e)
        {
            if (txt_ID.Text != "" && txt_Name.Text != "")
            {
                // If id is Exist........
                string IfIdisExist = "select id from name where id = @id";
                SqlCommand sqlComId = new SqlCommand(IfIdisExist, con);
                sqlComId.Parameters.AddWithValue("@id", Convert.ToInt32(txt_ID.Text));
                con.Open();
                SqlDataAdapter sda = new SqlDataAdapter(sqlComId);
                DataTable dt = new DataTable();
                sda.Fill(dt);
                con.Close();
                if (dt.Rows.Count == 0)
                {
                    string QueryHistoryLogin = "INSERT INTO Name (id, name)";
                    QueryHistoryLogin += " VALUES (@id, @name)";
                    SqlCommand sCommand = new SqlCommand(QueryHistoryLogin, con);
                    sCommand.Parameters.AddWithValue("@id", Convert.ToInt32(txt_ID.Text));
                    sCommand.Parameters.AddWithValue("@name", Hash(txt_Name.Text));
                    con.Open();
                    sCommand.ExecuteNonQuery();
                    con.Close();
                    MessageBox.Show("Success Save!");
                    txt_ID.Text = "";
                    txt_Name.Text = "";
                }
                else
                {
                    MessageBox.Show("Id is Exist!");
                }
            }
            else
            {
                MessageBox.Show("Id or name is Empty!");
            }
        }


and this is code when i get that value i crypt to display it in textbox:-
C#
private void btn_Search_Click(object sender, EventArgs e)
        {
            string QueryString = "select * from Name where id = @id ";
            SqlCommand cmd = new SqlCommand(QueryString, con);
            cmd.Parameters.AddWithValue("@id", Convert.ToInt32(txt_ID.Text));
            con.Open();
            SqlDataAdapter sda = new SqlDataAdapter(cmd);
            DataTable dt = new DataTable();
            sda.Fill(dt);
            int i = cmd.ExecuteNonQuery();
            SqlDataReader rdr = cmd.ExecuteReader();
            rdr.Read();
            string name = rdr["name"].ToString();
            con.Close();
            if(dt.Rows.Count > 0)
            {
                //txt_Name.Text = Hash(name);
            }
        }


What I have tried:

How i decrypt the value when i select this value using id to display it in textbox?
Posted
Updated 6-Dec-17 22:04pm

That is a SHA-256 hash function; hash functions are not crypting functions, they are one way functions and thus cannot be "decrypted".
 
Share this answer
 
Comments
MahmoudOmar 7-Dec-17 4:17am    
ok, how i crypt value and decrypt
phil.o 7-Dec-17 4:23am    
You have to choose a cryptographic function first. One has been given in solution 2, but there are others.
You can have a look at .NET Framework Cryptography Model[^]
You can't: hashes are not encryption algorithms and the whole idea is that they cannot be reversed to get the original input - that's why they are used for password storage instead of encryption functions.

If you want to store encrypted data, you need to use an encryption function such as Triple DES or similar: TripleDES Class (System.Security.Cryptography)[^]
 
Share this answer
 
Comments
Kenneth Haugland 7-Dec-17 5:12am    
'that's why they are used for password storage instead of encryption functions.' Eh, so there is more than 1 correct passsword?
lukeer 8-Dec-17 2:15am    
Ad far as I understand it, yes. There's an unlimited number of passwords that all give the same hash and therefore are accepted by the password checking function.
Finding such a password that matches the hash is called a "collision".
But those passwords are not guessable from looking at the hash. You have to try them all. And there are far more possibilities that don't match than those that do.
OriginalGriff 8-Dec-17 2:44am    
Yes, in theory. But...not all of them are just valid characters that can be "typed" - the hash inputs take byte values of undetermined length, so the number of potential inputs you have to try to get a "reliable" collision is much, much higher than the chances of working it out using a "brute force" attack against a purely string input.
And you can't "work back" from the hash value and guarantee to get an input that you can type in any way shape or form! You will get a valid value, but it's pretty much useless (particularly if the input is "salted" as well - even if you can type it, it won't match any other user hash so it's the same process all over again for the next user).
Kenneth Haugland 8-Dec-17 2:55am    
I read that as if you store the password with hashes you actually make it weaker.
OriginalGriff 8-Dec-17 3:08am    
Where? I'd like to read it.

And weaker than what? Plain text? Encrypted? Bear in mind that encrypted passwords need the key to be available whenever you want to use them.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900