Hi everyone,
Can you help me find what conceptual problems exist in this exam question (regardless of library definitions):
Can you help me find what conceptual problems exist in this exam question (regardless of library definitions):
C#:
string oneWayEncode(string plaintextPassword) {
try {
var digest = new SHA256Managed();
digest.Initialize();
//plaintextPassword = string.Concat(plaintextPassword, "salt.");
byte[] data = digest.ComputeHash(System.Text.Encoding.UTF8.GetBytes(plaintextPassword));
return Convert.ToBase64String(data);
} catch (ArgumentNullException e) {
} catch (ObjectDisposedException e) {
}
}
bool login(string username, string password) {
string storedPassword = db.lookupField(username, "password");
return oneWayEncode(password) == oneWayEncode(storedPassword);
}
Last edited by a moderator: