I was writing some code the other night on a little pet project I am working on and I needed to persist some data to disc. The data was quite large so I needed to compress it first. I have not used any of the compression libraries in .NET before so I had a little investigation and wrote the static methods below.
They are very easy to use, just pass in a byte array to compress and recieve a compressed byte array back out, and visa versa to decompress the data.
I thought I would share these code snippets as they are quite useful. Enjoy.
private static byte Compress(byte input)
using (var outputStream = new MemoryStream())
using (var zip = new GZipStream(outputStream, CompressionMode.Compress))
zip.Write(input, 0, input.Length);
compressesData = outputStream.ToArray();
private static byte Decompress(byte input)
using (var outputStream = new MemoryStream())
using (var inputStream = new MemoryStream(input))
using (var zip = new GZipStream(inputStream, CompressionMode.Decompress))
decompressedData = outputStream.ToArray();
This is the 2nd part in a small series on using encryption primitives in .NET. In the first article I concentrated on symmetric cryptography and more specifically the AES algorithm. In this article I will take a brief look at Asymmetric cryptography using the RSA system.
RSA is an algorithm for public-key cryptography that is based on the presumed difficulty of factoring large integers, the factoring problem. RSA stands for Ron Rivest, Adi Shamir and Leonard Adleman, who first publicly described the algorithm in 1977. Clifford Cocks, an English mathematician, had developed an equivalent system in 1973, but it was classified until 1997.
A user of RSA creates and then publishes the product of two large prime numbers, along with an auxiliary value, as their public key. The prime factors must be kept secret. Anyone can use the public key to encrypt a message, but with currently published methods, if the public key is large enough, only someone with knowledge of the prime factors can feasibly decode the message. Whether breaking RSA encryption is as hard as factoring is an open question known as the RSA problem.
The AES symmetric process is classed as an algorithm where the plain text goes through multiple computation rounds to produce the cipher text. RSA is different in that is it a mathematical process. I won’t go into too much detail of how the keys are generated, but as stated above it is all around the complexity of factoring large prime numbers. The actual encryption process is based around modular arithmetic. For more detailed information on how this works check out this very useful Wikipedia page.
Recently a few of the developers on my team decided to put a build monitor up on the TV we have in our team area. They settled on a system called Siren of Shame. Essentially this monitor tells you the health of your builds (we use it with TFS but it supports many more source code repositories and build systems). Siren of shame has a little twist though that has some other advantages.
The system is built around a leader board and points system. For a successful build you get 1 point. For a failed build you lose 4 points. Not only do you lose points, the PC that the monitor is running on emits a very loud trumpet like alarm, alerting the team to you failed build. It is really rather amusing when the alarm goes off, although not so amusing for the poor person who has broken his build!!!
You can also earn awards the longer you use the system like CI NINJA and other such funny power ups. You also get awarded points for fixing someone else’s broken build. Whilst this is all amusing and a bit of fun, it does encourage a slight behaviour change in a team. For a start, no one wants to be at the bottom of the leader board, so to get a better position in the board you need to check in little and often, no more only checking in once a day as this should be frowned upon anyway.
I think using this tool has made a difference to the team in the short time we have been using it. I would summarise the benefits as:
Visibility your build health.
Encourage developers to check in little and often.
Rewarded for fixing other peoples builds.
Promotes a little healthy competition.
More accuracy. No one wants that build siren going off as we poke fun at them..
In unit testing, all mocks are evil! Now there’s a controversial statement to start a blog post with, but let me explain. I am writing this from my own experience as a software developer and a leader of software developers. This is the sort of thing that software religious wars are made of, so if you agree, or disagree, I would love for you to share your thoughts in the comments.
I think Mocking libraries, although very powerful, can enable developers to over complicate their unit tests. Unit tests should be short and easy to understand. I have lost count of the times where I have seen a developer mock out more than they need to because of excessive class coupling in their code. Just because you can mock out any object doesn’t mean that you should and avoid reducing excessive coupling.
Cryptography is a subject that I personally find fascinating. It really is one of the mathematical branches of computer science that really does seem to have a sense of magic to it. But this “magic” normally comes at a price, and that is the need for some really heavy duty mathematics. This normally puts people off, including myself as I am no math genius.
Lots of cryptography books are very heavy on the math and theoretical aspects of encryption, like Applied Cryptography by Bruce Schneier, which is great if you want to delve that deep, but most people including software developers just need to understand at a higher level how the algorithms work and how best to apply them in real life. That is where this book, Everyday Cryptography: Fundamental Principles and Applications by Keith M. Martin, comes in. The book is structured as follows :
This isn’t a long post, but just a useful snippet of code. I was working on some code for a system this afternoon and I needed to check that a username was a valid user in ActiveDirectory using C#. This isn’t something I have had to code before, so I thought I would share this useful nugget of code. I hope you find it useful.
public static class ActiveDirectory
public static bool CheckUserinAD(string domain, string username)
using (var domainContext = new PrincipalContext(ContextType.Domain, domain))
using (var user = new UserPrincipal(domainContext))
user.SamAccountName = username;
using (var pS = new PrincipalSearcher())
pS.QueryFilter = user;
using (PrincipalSearchResult<Principal> results = pS.FindAll())
if (results != null && results.Count() > 0)
I have released an Open Source libray under the GPL 3.0 license called Block Encrypter that builds on the code discussed in this article. If you need to do reliable and secure symmedtric encryption then this library would be very useful to you.
I thought I would start a little series on using some of the cryptography primitives in .NET. Cryptography and Encryption is something that most developers working on enterprise applications will come across, especially if you work in the financial services industry.
Whilst cryptography is a fascinating subject and the design of these algorithms is very interesting, I do not recommend using an algorithm that you have designed yourself. The standard algorithms in practice today have been through lots of analysis by experts both in private industry and governments all around the world trying to find faults and weaknesses, so you are much better off using these recommended systems.
The main algorithms fall into 2 categories, Symmetric encryption and Asymmetric encryption. Symmetric encryption contains algorithms that are based solely on an encryption key. For example, if you encrypt some plaintext with Key1 you get a cipher text out the other end. If you then decrypt the cipher text with the same key (Key1) you will get back to the original plaintext.
Asymmetric encryption works by having 2 keys, a public and private key. These keys are mathematically derived from each other. The public key can be used by anyone and the private key has to be kept secret. I will talk about asymmetric encryption and more specifically RSA in another post.
What I will show in this article is a good practical implementation of AES in .NET. We will start with the following interface. The interface contains 2 methods, Encrypt and Decrypt. They methods take cipher text/plaintext and an encryption key.
The system monitor discussed previously will collect a lot of data from different systems. The amount of information that is collected can be vast and in its raw form may not be that useful except to people who really understand what the data represents. The key thing with a dashboard is to break this information down for different users. This may be a complete view of the data, or just a subset for different purposes, so you have to think about the context in which the data is going to be provided and the intended audience.
For me, a key requirement of the dashboard I built was to make the data from the monitor available to my development and operations team in an easy to view format. This dashboard contains more technical information including exceptions as that is more appropriate for the intended audience. You may need to provide another dashboard to key business stakeholders. The level of information you provide here would most likely be different and contain more business level data.
Your dashboard may be viewed in different places. This might include a large TV attached to the wall, projected against a wall, or the dashboard might be run on a person’s desktop computer. If you are displaying the dashboard in a place where people cannot interact with it, i.e. on a large TV Screen, then you want to make sure the dashboard automatically refreshes itself. I will cover this more later on in the article.
Types of Dashboard
You really are spoilt for choice these days when it comes writing a dashboard. You can keep the display simple or you can really embellish the presentation. As I said earlier, it depends on your target audience. I personally find that keeping the display simple is the best thing to do. I have seen some dashboards that go overboard with dials, speedometers and other fancy graphics, and these can confuse the information you are trying to communicate if you are not careful.
You can develop your dashboard as a native application. This is what I did with my own solution for the company I work for. I work at a company that is based around the Microsoft stack, so this really gave me 2 choices as a .NET developer; Winforms or WPF. As I needed to get the dashboard up and running quickly I used Winforms, mainly because I am very familiar with this particular technology. WPF would also have been a very good choice.
My dashboard was aimed squarely at a technical audience, so the level of detail could be higher. The context of the dashboard was to allow developers spot any problems in our critical systems. I decided to keep the screen design very simple. I used a tabbed control, where each tab represented one sensor from the xml stream written out by the monitoring system.