Windows Forms decrypt password SQL Entity Framework

tengo la siguiente cuestión, necesito hacer un proyecto en windows forms que consulte datos de una base de SQL que fue generada por Entity Framework, entonces estoy tratando de comparar contraseñas entre la que ingreso por WF con la que tengo en la base de datos, la cuestion está en que EF encripta los datos de la contraseña y por tanto si lo tengo que comparar pues, necesito desencriptarlo. Esto es una suposición, no se haya otra forma de comparar estos datos. Y pues este es el código que tengo

public partial class MainWindow : Window {     private Models.SecurityController _security;     public MainWindow()     {         InitializeComponent();         _security = new Models.SecurityController();     }      private void Button_Click(object sender, RoutedEventArgs e)     {         var email = EmailInput.Text;         var pass = PassInput.Password;         email = email.Replace(" ", "");         if (email == "" )         {             EmailInput.Focus();             Errorlbl.Content = "Por favor utiliza un mail valido";         }         else if (pass == "")         {             PassInput.Focus();             Errorlbl.Content = "Por favor utiliza una contraseña";         }         else if (email != null && pass != null)         {             using (DBEnt db = new DBEnt())             {                 var item = db.AspNetUsers.Where(u => u.Email.Equals(email)).FirstOrDefault();                  if (item == null)                 {                     Errorlbl.Content = "Usuario mail invalido";                 }                 else {                     Errorlbl.Content = "Usuario valido";                 }                  var query =                 db.AspNetUsers.Where(u => u.Email.Equals(email)).FirstOrDefault();                 var hashedpassword = query.PasswordHash;                 var unhashed = _security.Decrypt(pass, hashedpassword);             }         }     } } 

hasta este punto hashedpassword me devuelve null

Y todo esta es la clase SecurityController

class SecurityController {     public string Encrypt(string key, string data)     {         string encData = null;         byte[][] keys = GetHashKeys(key);          try         {             encData = EncryptStringToBytes_Aes(data, keys[0], keys[1]);         }         catch (CryptographicException) { }         catch (ArgumentNullException) { }          return encData;     }      public string Decrypt(string key, string data)     {         string decData = null;         byte[][] keys = GetHashKeys(key);          try         {             decData = DecryptStringFromBytes_Aes(data, keys[0], keys[1]);         }         catch (CryptographicException) { }         catch (ArgumentNullException) { }          return decData;     }      private byte[][] GetHashKeys(string key)     {         byte[][] result = new byte[2][];         Encoding enc = Encoding.UTF8;          SHA256 sha2 = new SHA256CryptoServiceProvider();          byte[] rawKey = enc.GetBytes(key);         byte[] rawIV = enc.GetBytes(key);          byte[] hashKey = sha2.ComputeHash(rawKey);         byte[] hashIV = sha2.ComputeHash(rawIV);          Array.Resize(ref hashIV, 16);          result[0] = hashKey;         result[1] = hashIV;          return result;     }      //source: https://msdn.microsoft.com/de-de/library/system.security.cryptography.aes(v=vs.110).aspx     private static string EncryptStringToBytes_Aes(string plainText, byte[] Key, byte[] IV)     {         if (plainText == null || plainText.Length <= 0)             throw new ArgumentNullException("plainText");         if (Key == null || Key.Length <= 0)             throw new ArgumentNullException("Key");         if (IV == null || IV.Length <= 0)             throw new ArgumentNullException("IV");          byte[] encrypted;          using (AesManaged aesAlg = new AesManaged())         {             aesAlg.Key = Key;             aesAlg.IV = IV;              ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);              using (MemoryStream msEncrypt = new MemoryStream())             {                 using (CryptoStream csEncrypt =                         new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))                 {                     using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))                     {                         swEncrypt.Write(plainText);                     }                     encrypted = msEncrypt.ToArray();                 }             }         }         return Convert.ToBase64String(encrypted);     }      //source: https://msdn.microsoft.com/de-de/library/system.security.cryptography.aes(v=vs.110).aspx     private static string DecryptStringFromBytes_Aes(string cipherTextString, byte[] Key, byte[] IV)     {         byte[] cipherText = Convert.FromBase64String(cipherTextString);          if (cipherText == null || cipherText.Length <= 0)             throw new ArgumentNullException("cipherText");         if (Key == null || Key.Length <= 0)             throw new ArgumentNullException("Key");         if (IV == null || IV.Length <= 0)             throw new ArgumentNullException("IV");          string plaintext = null;          using (Aes aesAlg = Aes.Create())         {             aesAlg.Key = Key;             aesAlg.IV = IV;              ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);              using (MemoryStream msDecrypt = new MemoryStream(cipherText))             {                 using (CryptoStream csDecrypt =                         new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))                 {                     using (StreamReader srDecrypt = new StreamReader(csDecrypt))                     {                         plaintext = srDecrypt.ReadToEnd();                     }                 }             }         }         return plaintext;     } }    

Quiza me estoy complicando mucho, alguien sabe como puedo hacer esto mejor o si lo estoy haciendo bien?

Will my familiar remember me when I re-summon it, or is it a new entity?

Playing D&D 5e, and my Pact of the Chain warlock’s quasit familiar, Jimmy Peanuts, has fallen at the hands of a lizardman and vanished upon hitting 0 hp.

I understand that I can cast Find Familiar again and summon a quasit familiar, but I’m not entirely sure if I’m re-summoning Jimmy Peanuts, or a ‘fresh’ quasit (for the sake of argument, we’ll call him Joey Walnuts).

Will the quasit be the returning Jimmy Peanuts, with whatever memories the quasit-resembling-familiar-spirit with INT 7 is capable of forming and retaining, or a fresh Joey Walnuts, who has no prior experience with me or my party?

(I have read this thread, but this particular familiar-death nuance isn’t discussed: What happens when a familiar 'dies'?)

What happens if modifications are made to the base entity while it is under the effects of a suppressed True Polymorph?

Posit the following situation: A wizard has True Polymorphed a stick into, say, an adult Silver Dragon, and maintained it for the full hour. He uses the thing as a mount, he’s kept it happy with the idea, and all is well with the world. An enemy catches them both in an antimagic field, and while he’s picking himself up off the ground, breaks the stick in half and hands the two halves to two goblins, who start running in opposite directions. What happens when the goblins in question clear the antimagic field?

error en metodo listar con asp,net entity

soy nuevo en lo que es c# asp.net con entity, la situación es que estoy haciendo un método listar donde me traiga., os datos de a tabla pare con sus hijos, pero no logro hacer que e traiga todos, solo me trae hasta clientes, en el método se ve.

[HttpGet("{id}")]     public async Task<ActionResult<MedicionPrincipal>> GetMedicion(int id)      {          var MedicionPrincipal = await _context.MedicionPrincipal.FirstOrDefaultAsync( m=> m.IdMedicion == id);          if (MedicionPrincipal == null)         {             return NotFound();         }          return Ok(MedicionPrincipal);     } 

esta bien formulado o me pueden guiar de alguna otra manera de hacerlo, tambien he visto que el metodo foreach puede hacerlo, o si me recomiendan algun link la verdad no he encontrado nada bueno

Como puedo agregar una vista u otra tabla al data entity model sin que se actualicen las demas tablas?

tengo una aplicacion que utiliza un data entity model. Como puedo agregar una vista a este modelo de datos sin que se me actualicen las demas entidades ya que las demas entidades estan decoradas manualmente y al actualizar se me borran estos cambios. Gracias de ante mano

CWE-611: Improper Restriction of XML External Entity Reference with XSL include

Veracode reports that the below code is susceptible to CWE-611: Improper Restriction of XML External Entity Reference.

XslCompiledTransform transform = new XslCompiledTransform(); transform.Load(xslwithospath); StringWriter results = new StringWriter(); using (XmlReader reader = XmlReader.Create(new StringReader(xml))) 

Unfortunately I can’t set the XMLResolver to null because the XSLT uses an include

<xsl:include href="localfileNameWithoutPath"/> 

Is the only resolution to rewrite the XSLT so that it does not have XSL includes, and then set the resolver to null?

Can you combine Symbiotic Entity with Unarmed Strikes?

I accidentally stumbled upon what seems like an incredibly resource heavy but incredibly powerful monk build. The mechanics seem to work together but I want to get clarification on if I’m correct or not in my understanding.

Symbiotic Entity contains the following section.

“As an action, you can expend a use of your Wild Shape feature to awaken those spores, rather than transforming into a beast form, and you gain 4 temporary hit points for each level you have in this class. While this feature is active, you gain the following benefits: • When you deal your Halo of Spores damage, roll the damage die a second time and add it to the total. • Your melee weapon attacks deal an extra 1d6 poison damage to any target they hit.”

The build follows as such: • 5 Levels of Circle of Spores Druid • 13 Levels of Way of the Four Elements Monk • 2 Levels of Hexblade Warlock

(Please assume for the sake of argument that all required stats are at least a 13 and Dexterity is a 20)

Turn 1: I use my action to invoke my Symbiotic Entity and my bonus action to cast Hexblade’s curse on my target Turn 2: I use my bonus action to cast Hex on my target and then use my action to perform 2 Unarmed strikes on my target. Turn 3: I take the attack action and spend 1 Ki to activate Fangs of the Fire Snake, I proceed to attack a total of 4 times expending 1 Ki per attack and 1 Ki for Flurry it Blows (Totaling 6 Ki Spent)

So albeit a lengthy and semi-convoluted process, by turn 3 I am doing 1d6 Poison+1d8 Bludgeoning+1d10 Fire+1d6 Necrotic+11 (Dex+Prof {Due to Hexblade’s Curse}) meaning my average Damage per hit is 28. I also do 4 Damage types of damage in one hit.

So is this correct? I understand the requirements are moderate but this seems like a fairly easy way to boost the monk’s attacking power up quite a bit.

Ways of hiding the reviewer’s identity from the entity being reviewed


Background

Let’s suppose I have a platform much like Yelp, but it’s only for ONE small town (80k inhabitants) and it only has listings of workers, not businesses.

In such a small town, most people are close in the social network. That means that it’s relatively easy for a person to stumble across another.


The problem

If Mary hires John for a job, but then Mary doesn’t like the end result of John’s work and leaves him a bad review on the platform, how to give Mary the option to hide her identity in order to avoid any awkward situation in the case she stumbles across John? Not only awkward situations but also harassment from John, which is a possibility, am I right?

Why just hiding her name doesn’t work:

If John had only one client (Mary) in a long period of time, and then shortly after the job he gets an anonymous bad review, he would do the Math in his head and know the author of the review must be Mary.


My solution

I thought of only releasing anonymous reviews by groups of 2 or more, so that John couldn’t know for sure who is the person behind the review.


The questions

Feel free to answer any one (or all) of these.

  • Have you faced a problem like this? How did you solve it?
  • Can you think of ways I can improve my solution?
  • Is this an old problem I’m not aware of? If so, is there any better solution?