Cryptography in .NET : Digital Signatures

I have previously written a number of articles on Cryptography in .NET, like the following :

Part 1 – Advanced Encryption Standard (AES)

Part 2 – RSA

Part 3 – Random Numbers and Hashes

Part 4 – Hybrid Encryption Protocols

Block Encrypter .NET Library for secure AES Encryption

In this article I will show you how to create and use Digital Signatures in .NET.

A digital signature is a mathematical scheme that demonstrates the authenticity of a message or document. A valid digital signature gives the recipient reason to believe that the message was created by a known sender, such that the sender cannot deny having sent the message (authentication and non-repudiation) and that the message was not altered in transit (integrity). Digital signatures are commonly used for software distribution, financial transactions, and in other cases where it is important to detect forgery or tampering.

Digital signatures are often used to implement a digital analog to hand written signatures. In broader terms this refers to any electronic data that carries the intent of a signature. Digital signatures employ a type of asymmetric cryptography. For messages sent through a non-secure channel, a properly implemented digital signature gives the receiver reason to believe the message was sent by the claimed sender. Digital signatures are equivalent to traditional handwritten signatures in many respects, but properly implemented digital signatures are more difficult to forge than the handwritten type. Digital signature schemes, in the sense used here, are cryptographic based, and must be implemented properly to be effective. Digital signatures can also provide non-repudiation, meaning that the signer cannot successfully claim they did not sign a message, while also claiming their private key remains secret.

Example Digital Signature Flow

Example Digital Signature Flow

A digital signature scheme consists of three algorithms

  • A key generation algorithm that generates a private and public key, such as RSA.
  • A signing algorithm that, given a message and a private key, produces a signature.
  • A signature verifying algorithm that, given a message, public key and a signature, either accepts or rejects the message’s claim to authenticity.

Two main properties are required. First, the authenticity of a signature generated from a fixed message and fixed private key can be verified by using the corresponding public key. Secondly, it should be computationally infeasible to generate a valid signature for a party without knowing that party’s private key. A digital signature is an authentication mechanism that enables the creator of the message to attach a code that act as a signature. It is formed by taking the hash of message and encrypting the message with creator’s private key.

Continue reading

Posted in Coding, Cryptography, Security | Tagged , , | 1 Comment

My First Pluralsight Course Update

It’s been a while since I posted an update about my Pluralsight course development, but I am please to say that the course is now complete and has passed all of the peer review and audio/visual review stages. The course now goes off to be encoded into the right format and enters the release queue.

The course will be released on Friday 28th November.

Pluralsight : Developer to Manager : Screenshot

Pluralsight : Developer to Manager : Screenshot

It has been a lot of hard work but I have really enjoyed the process and feel honoured to be a part of the Plurasight family. They are a great company to work for. My first course is called “Developer to Manager” and it is a course that helps developers decide whether going into a team leadership or management role is the right decision for them.

The course is based off an article I wrote earlier this year called Transition from Developer to Manager. This has been the single most popular article on this blog a lot of my articles have been very popular. I frequently receive emails from people asking advice on moving into a supervisor / leading role, so I hope this course will help everyone who watches it.

The course will start off by covering what a typical supervisor / management role looks like and its aim is to set the listeners expectations about the role to help them make an informed decision. The course then goes on to help the listener come up with a 90 day plan to help them make a real impact in the role if they choose to make the leap.

Continue reading

Posted in Commentary, Pluralsight | Tagged , | Leave a comment

Forcing an Application to a Single Instance in C#

In this short code snippet, I want to show a simple technique for ensuring only one instance of your .NET application can run at a time.

The technique is below :

    using System.Threading;
    using System.Windows;

    namespace MyApplication
    {
	    public partial class App : Application
	    {
	        private Mutex _mutex;

	        public App()
	        {
	            bool aIsNewInstance;

	            _mutex = new Mutex(true, @"Global\" + "MyUniqueWPFApplicationName", out aIsNewInstance);

	            GC.KeepAlive(_mutex);

	            if (aIsNewInstance) return;

	            MessageBox.Show("There is already an instance running.",
	                "Instance already running.",
	                MessageBoxButton.OK, MessageBoxImage.Information);

	            Current.Shutdown();
	        }
	    }
    }

What happens is that a Mutex is created when the application starts up and it is given a unique name, in this case, “MyUniqueWPFApplicationName“. If another instance of the application is started up and the Mutex is already created with that name, the application will shut down. You will also notice that there is a prefix to the name (Global\) that makes the unique name global to a sever running terminal services. If you leave off this prefix, then the mutex is considered local.

Continue reading

Posted in Coding | Tagged , | Leave a comment

APR Calculator Code Open Sourced

Last year I wrote an article about some code to help calculate the Annual Percentage Rate for a loan. The code discussed how to calculate APR’s that were compliant with the United Kingdoms Financial Conduct Authorities FCAMCOB 10.3 Formula for calculating APR.

APR

Even though all the code in contained in the article, I have received many requests for a Visual Studio project containing the code and all the unit tests that cover the test scenarios in the original article, so what I have done is open source the code on Codeplex. It seems many people have found this code useful, which is great, so I hope that by open sourcing it, more people will get use out of it.

Posted in Coding, Finance, Open Source | Tagged , , | Leave a comment

Using Async and Await to update the UI Thread Part 2

In a previous article on async and await, I showed a very simple example of how to run some code asynchronously. Then in the 2nd article I showed an example of updating the user interface in the main thread from an async method.

The code below (from the previous article) would execute a long running task which in this case counts to 5,000,000. As the task was running, on a set interval, the UI would be updated. This effectively decoupled the running of the task from the updating of the UI. You could have the task update the UI every 10ms, or you could update every 5 seconds. It really depends on what you are trying to do.

using System;
using System.Threading;
using System.Threading.Tasks;
using System.Windows.Forms;

namespace WindowsFormsAsync
{
    public partial class Form1 : Form
    {
        private readonly SynchronizationContext synchronizationContext;
        private DateTime previousTime = DateTime.Now;

        public Form1()
        {
            InitializeComponent();
            synchronizationContext = SynchronizationContext.Current;
        }

        private async void ButtonClickHandlerAsync(object sender, EventArgs e)
        {
            button1.Enabled = false;
            var count = 0;

            await Task.Run(() =>
            {
                for (var i = 0; i <= 5000000; i++)
                {
                    UpdateUI(i);
                    count = i;
                }
            });

            label1.Text = @"Counter " + count;
            button1.Enabled = true;
        }

        public void UpdateUI(int value)
        {
            var timeNow = DateTime.Now;

            if ((DateTime.Now - previousTime).Milliseconds <= 50) return;

            synchronizationContext.Post(new SendOrPostCallback(o =>
            {
                label1.Text = @"Counter " + (int)o;
            }), value);             

            previousTime = timeNow;
        }
    }
}

A reader on Reddit suggested that you can write this code in a much more succinct way as shown below. The code is much simpler to see what’s going on, but the behaviour is slightly different. In this example, the code similarly counts upto 5,000,000 and updates the UI label. The await statement here will correctly restore the synchronisation context to update the UI thread which means you don’t have to deal with it manually (I didn’t realise that at the time). To enable the asynchrony of the task in this example we need to have a Task.Delay(1) as we are not using any other asynchronous objects in .NET for file or DB access for example.

Continue reading

Posted in Coding | Tagged , | Leave a comment

Training : AutoMapper

In this article I have collated a few training links about the AutoMapper Library. I will keep adding to this page as I find other useful free resources. If you have any videos or articles that you feel would be useful here then please let me know in the comments and I will add them to the post. I would like it to be an archive of good material.

A convention-based object-object mapper. 100% organic and gluten-free. Takes out all of the fuss of mapping one object to another.

A convention-based object-object mapper. 100% organic and gluten-free. Takes out all of the fuss of mapping one object to another.

Automapper Website

Getting Started with AutoMapper

Using AutoMapper in Your ASP.Net MVC Applications

What is AutoMapper and How to map two objects using AutoMapper?

C# Object-to-Object Mapping – AutoMapper Example

Using Automapper with ASP.NET MVC application

STOP USING AUTOMAPPER IN YOUR DATA ACCESS CODE

Simplify Your Projections with AutoMapper

Automapper: Mapping objects Part 1 of 7 (NullSubstitution)

Automapper: Mapping objects Part 2 of 7 (Flattening by Convention)

Automapper: Mapping objects Part 3 of 7 (Nested Mapping)

Automapper: Mapping objects Part 4 of 7 (Projection)

Automapper: Mapping objects Part 5 of 7 (CustomResolver)

** Warning Customer Formatters are now not supported. https://github.com/AutoMapper/AutoMapper/wiki/Custom-value-formatters **

Automapper: Mapping objects Part 6 of 7 (CustomFormatter)

Automapper: Mapping Objects Part 7 of 7 (Startup Registration)

Posted in AutoMapper, Training | Tagged , | 2 Comments

Using Async and Await to update the UI Thread

In a previous article on async and await, I showed a very simple example of how to run some code asynchronously. In this article, I want to take this a little further with another example.

I have recently had to go and maintain an old c# Winforms application (yes I know winforms is a little old and considered the new vb6 but the application works and still provides value) that needed some new features adding. The problem with this application is that is feels a little sluggish for the user and constantly locks up, or gives the impression that it has crashed which means users have been trying to kill the application when really, it is processing a lot of work and the UI has become unresponsive.

Whilst I was in the code base, I wanted to try and improve some of this unresponsiveness by moving code out into tasks and asynchronously updating the UI. In this article I will cover how to do this.

Example of Unresponsive Application

First lets start with a small example. Below is a screen shot of a very simple winforms app. It doesn’t really do much. When you load it up, you press the button and the application counts to 5,000,000. I want this count to be displayed on the screen.

Simple Application for an Async and Await Example

Simple Application for an Async and Await Example

public partial class Form1 : Form
{
    public Form1()
    {
        InitializeComponent();
    }

    private void ButtonClickHandler(object sender, EventArgs e)
    {
        for (var i = 0; i <= 5000000; i++)
        {
            label1.Text = @"Counter = " + i;
        }
    }
}

In the code above, when you click the button in the application it calls the ButtonClickHandler which starts a count to 5,000,000. Inside the for loop we also try to update the text on the label to tell the user how far the count has got.

Continue reading

Posted in Coding | Tagged , | 1 Comment

Multi-Threaded Life : Fitting it all in

I was talking with a colleague the other day about all the extra things I do outside of work, like recording my pluralsight course, writing for my blog, a simple educational game I am writing plus my other little open source projects I maintain. He asked the question, “How do you fit it all in?”.

It’s a great question, because I am a Dad to 2 children, plus a husband, and I work a full-time day job, so how do I fit it all in working on these projects and keeping my skills up to date. The rest of this post explains what I do.

Commuting

Everyday I commute to work. This involves a 15 minute walk to the train station, 45 minutes on the train, and then another 20 minutes walk from the train station to the office. A lot of people would think that I am mad doing this everyday, but I wouldn’t give up this time for anything.

Working on the train.

Working on the train.

When I am walking to and from train stations I normally listen to podcasts like DotNetRocks,HelloWorld. These podcasts give you loads of new information and ideas, plus they are entertaining. Also, the walking is good exercise. I don’t go to the gym, but 35 minutes brisk walking everyday keeps me fit.

Continue reading

Posted in Commentary | Tagged | Leave a comment

Simple Async Await Example for Asynchronous Programming

In this article I want to give a simple example for how to use the async await keywords in C# to create asynchronous background tasks.

Writing multi-threaded or asynchronous code has traditionally always been very hard to get right but is something that is needed to help keep our applications responsive and to avoid performance bottlenecks. C# 5 introduced a simplified model for doing asynchronous programming with the introduction of 2 new keywords, async and await.

If you specify that a method is an asynchronous method by using an async modifier, you enable the following two capabilities.

  • The marked async method can use the await keyword to designate suspension points. The await operator tells the compiler that the async method can’t continue past that point until the awaited asynchronous process is complete. In the meantime, control returns to the caller of the async method. The suspension of an async method at an await expression doesn’t constitute an exit from the method, and finally blocks don’t run.

  • The marked async method can itself be awaited by methods that call it.

An async method typically contains one or more occurrences of an await operator, but the absence of await expressions doesn’t cause a compiler error. If an async method doesn’t use an await operator to mark a suspension point, the method executes as a synchronous method does, despite the async modifier. The compiler issues a warning for such methods.

Asynchrony is essential for activities that are potentially blocking, such as when your application accesses the web or a file system. Access to a web resource, for example, is sometimes slow or delayed. If such an activity is blocked within a synchronous process, the entire application must wait. In an asynchronous process, the application can continue with other work that doesn’t depend on the web resource until the potentially blocking task finishes.

Continue reading

Posted in Coding | Tagged , | 7 Comments

Password Based Key Derivation Functions in .NET

In this article I want to talk a little about Password Based Key Derivation Functions and their use in .NET. A Password Based Key Derivation Function or PBKDF2 as it is known, is a way to encode passwords as an alternative to hashing functions which are susceptible to rainbow table attacks.

Password Based Key Derivation Functions in .NET : PBKDF2

Password Based Key Derivation Functions in .NET : PBKDF2

For this article though I am going to try a different method of explaining it. I am going to talk about this subject and do a little code demo by video. Yes, you have to suffer my voice and video editing. This video was actually recoded back in June, and the astute amongst you will notice that this looks very much like a Pluralsight video. Well, it is, kind of. This is one of my audition videos that I had to produce to  become a Pluralsight author.

I was very pleased with the result seeing as it was my first time recording and editing a video / code demo, and Pluralsight were gracious enough to give me permission to post the video on my blog, but minus the Pluralsight branding, as it is not an official video of theirs.

Now that I have the video recording bug, plus I have paid for all the software and hardware etc, I may do more of these along side my Pluralsight courses.

Posted in Coding, Cryptography, Pluralsight, Security | Tagged , , , | Leave a comment