PropertyGrid with a password property question. (also xml serialization)

  • Thread starter Thread starter EMonaco
  • Start date Start date
E

EMonaco

All,

I've got a Classs that just declares private members and public properties
to access those members. In addition it supports functionality to serialize
an instance of the class to and from XML file.This class is then selected
into a PropertyGrid. This turns out to be a slick, convenient way to
present, update, and persist, my applications data.

Basically I've got all the TypeConvert, Editor, Description, Default, etc
attributes set to my liking, except for one. One of my private members is a
password string. Is there a straight-forward way to:

1) Have the PropertyGrid display the string property with asterisk
characters? ( **** like a normal password editbox)

2) Serialize/Deserialize the password private member in an encrypted form?
 
Hello,

| 1) Have the PropertyGrid display the string property with asterisk
| characters? ( **** like a normal password editbox)

I am performing research on this problem now, and will update you as soon
as possible. (It seems hard to do it.)

| 2) Serialize/Deserialize the password private member in an encrypted form?

Perform a custom serialization, please refer to the following link for more
information.

http://msdn.microsoft.com/library/en-us/dnadvnet/html/vbnet09252001.asp
http://msdn.microsoft.com/library/en-us/dndotnet/html/objserializ.asp

If you have any questions, please reply to this post.
 
Parker,

Actually, the PropertyGrid password part is almost done, what I did is
create a PasswordString class that has a private string member and public
properties get/set a PasswordString. As well as some functions to
GetPassword and GetDisplayPassword that will return a string of '*'s of the
correct length.

I then changed the string password in my other classes to PasswordString
psPassword, and set up the PasswordString class so that it has its own
PasswordStringEditForm, for the editor, and a TypeConverter class that calls
the public method (GetDisplayString) of PasswordString class. The
PasswordStringEditForm uses two editboxes, one for password, one for confirm
password and both have the password char set to '*'. My
PasswordStringConverter overrides ConvertTo so it will display the string
using GetDisplayPassword() and does not override ConvertFrom so the can not
enter the string directly in the propertygrid. Thus they are forced to use
my editor and hence, will never be able to see what is typed!

The only issue I've got now is since I have a public PasswordString
Password{get;set;} property within the PasswordClass itslef, is that the
XMLSerializer throws an exception "Circular Reference". I've gotten around
that by adding the [XmlIgnore] attribute to that property. The problem
however is, that I have two classes that declare a PasswordString psPassword
as one of their members, and those two classes are themselves declared as
members of the root XML serializable class. Right now, when I serialize the
root class, but of the member classes psPassword field are blank. I've
broken the code right at the Serialize call. I can see both classes that
include the PasswordString class have a PasswordString class with a private
string which actually contains the password! So I'm not sure whats going on.

In order to get to the encryption/decription of that private password
string in the PasswordString class, I've got to get it to serialize properly
in the first place! I'm going to try to change the PasswordString classes
public get/set property back to a string get/set. My hope is that with the
editor and typeconverter in place it will just be an internal change that
will ultimately allow XMLSerializer to serialize the password. If that works
its just a matter of encrypt/decrypt of the string as part of the
serialization. (actually when serialization is working the get/set methods
and properties will handle encrypt/decrypt directly, so even in memory the
private string password will be encrypted!)

Regards,
Erin.
 
Parker,

I have successfully implemented the PasswordString class with PropertyGrid
TypeConversion, Custom UI Editor, and XML serialization. The only thing left
is to encrypt/decrypt the private password string. That way it can be
serialized with the standard serialization support and its also protected
(in an encrypted form) in memory.

Can you give me a straight forward way to encrypt/decrypt a string? I
prefer something strong, where I can embed the key or password used to
encrypt/decrypt the string within the application itself.


Regards,
Erin.
 
Hi Erin,

You've got a great solution!

As for the encryption and decryption, please refer to the following code:

Imports System.IO
Imports System.Security.Cryptography
Imports System.Text

Module Encrypt

' Change the following data (0 - 255) if you want to.
Private KEY() As Byte = {19, 77, 2, 23, 19, 78, 10, 31}
Private IV() As Byte = {123, 56, 23, 34, 34, 199, 17, 233}

Public Function EncryptString(ByVal value As String) As String
If value <> "" Then
' Make a copy of IV due to a known bug.
Dim tempIV(IV.Length - 1) As Byte
Array.Copy(IV, 0, tempIV, 0, IV.Length - 1)

Dim cryptoProvider As DESCryptoServiceProvider = New
DESCryptoServiceProvider()
Dim ms As MemoryStream = New MemoryStream()
Dim cs As CryptoStream = New CryptoStream(ms,
cryptoProvider.CreateEncryptor(KEY, tempIV), _
CryptoStreamMode.Write)
Dim sw As StreamWriter = New StreamWriter(cs)
sw.Write(value)
sw.Flush()
cs.FlushFinalBlock()
ms.Flush()
Return Convert.ToBase64String(ms.GetBuffer(), 0, ms.Length)
End If
End Function

Public Function DecryptString(ByVal value As String) As String
If value <> "" Then
' Make a copy of IV due to a known bug.
Dim tempIV(IV.Length - 1) As Byte
Array.Copy(IV, 0, tempIV, 0, IV.Length - 1)

Dim cryptoProvider As DESCryptoServiceProvider = New
DESCryptoServiceProvider()
Dim buffer As Byte() = Convert.FromBase64String(value)
Dim ms As MemoryStream = New MemoryStream(buffer)
Dim cs As CryptoStream = New CryptoStream(ms,
cryptoProvider.CreateDecryptor(KEY, tempIV), _
CryptoStreamMode.Read)
Dim sr As StreamReader = New StreamReader(cs)
Try
Return sr.ReadToEnd()
Catch ex As Exception
MsgBox(ex.ToString)
End Try
End If
End Function

End Module
 
Back
Top