Hi. Im doing a login form with decryption. So i did a modification to my login code for decryption. Before i did the decryption, the login form is functioning well. But after i edit it to insert decryption code it suddenly cannot connect to database. Im still a begginer in vb.net so maybe there is something that Im missing because there is no error in the code so I dont know where did I do wrong.

Here i put decryption code(just in case) and my login code
Decryption Code

 Private Function Decrypt(ByVal cipherText As String) As String
        'Firstly the encrypted text i.e. cipher text is converted into bytes and then similar to the encryption process here too we will generate Key and IV using the derived bytes and the symmetric key.
        'Using MemoryStream and CryptoStream the cipher text is decrypted and written to byte array and finally the byte array is converted to Base64String and returned, which is the decrypted original text.
        Dim EncryptionKey As String = "ABCDEFGHIJKLMNOPQRSTUVWXYZ123456789"
        Dim cipherBytes As Byte() = Convert.FromBase64String(cipherText)
        Using encryptor As Aes = Aes.Create()
            Dim pdb As New Rfc2898DeriveBytes(EncryptionKey, New Byte() {&H49, &H76, &H61, &H6E, &H20, &H4D, _
             &H65, &H64, &H76, &H65, &H64, &H65, _
            encryptor.Key = pdb.GetBytes(32)
            encryptor.IV = pdb.GetBytes(16)
            Using ms As New MemoryStream()
                Using cs As New CryptoStream(ms, encryptor.CreateDecryptor(), CryptoStreamMode.Write)
                    cs.Write(cipherBytes, 0, cipherBytes.Length)
                End Using
                cipherText = Encoding.Unicode.GetString(ms.ToArray())
            End Using
        End Using
        Return cipherText

Login Code**

 Private Sub SubmitButton4_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles SubmitButton4.Click
        'Check if username or password is empty
        If PasswordTextBox1.Text = "" Or UsernameTextBox2.Text = "" Then
            MessageBox.Show("Please fill-up all fields!", "Authentication Error", MessageBoxButtons.OK, MessageBoxIcon.Error)

            'Clear all fields
            PasswordTextBox1.Text = ""
            UsernameTextBox2.Text = ""

            'Focus on Username field

            'Connect to DB
            Dim conn As New System.Data.OleDb.OleDbConnection()
            conn.ConnectionString = "Provider=Microsoft.ACE.OLEDB.12.0;Data Source=" + "C:\Users\user1\Documents\Visual Studio 2010\Projects\Crypto\Crypto\crypto.accdb"

                'Open Database Connection
                Dim sql As String = "SELECT * FROM registration WHERE Username='" & UsernameTextBox2.Text & "' AND Password = '" & PasswordTextBox1.Text & "'"
                Dim cmd As OleDbCommand = New OleDbCommand(sql, conn)
                Dim sqlRead As OleDbDataReader = cmd.ExecuteReader()
                Dim Password As String = ""
                Dim IsExist As Boolean = False

                If sqlRead.Read() Then
                    If (Decrypt(Password).Equals(PasswordTextBox1.Text)) Then

                        MessageBox.Show("Login Success", "Success", MessageBoxButtons.OK, MessageBoxIcon.Information)
                        'Clear all fields

                        'Focus on Username field

                        ' If user enter wrong username or password
                        MessageBox.Show("Sorry, wrong username or password", "Authentication Failure", MessageBoxButtons.OK, MessageBoxIcon.Error)

                        'Clear all fields
                        PasswordTextBox1.Text = ""
                        UsernameTextBox2.Text = ""

                        'Focus on Username field
                    End If
                End If
            Catch ex As Exception
                MessageBox.Show("Failed to connect to Database", "Database Connection Error", MessageBoxButtons.OK, MessageBoxIcon.Error)
            End Try
        End If
    End Sub

Recommended Answers

All 2 Replies

From my opinion:
before use If sqlRead.Read() Then at line No. 27 of your code, ensure that the Reader object has any row to read on matching parameters you supplied in your sql statement. If the reader does not hold any record it may raised an exception, because it has no records to read..

If sqlRead.HasRows() Then
    <Codes of yours for matching records>
    <codes for unmatching>

In line No. 28 the code should be

If (Decrypt(sqlRead("Password")).Equals(PasswordTextBox1.Text))

Hope it can solve your problem

Another suggestion: Hardcoding all your exceptions to disply only one message, doesn't allow you to see if an exception you don't expect is being raised. I would suggest displaying ex.Message instead of literal text.

Be a part of the DaniWeb community

We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, learning, and sharing knowledge.