Michael E. Chancey Jr. » RegEx http://michael.chanceyjr.com Fri, 20 May 2011 03:43:18 +0000 en hourly 1 http://wordpress.org/?v=3.2.1 Generic License Generation and Validation http://michael.chanceyjr.com/useful-code/generic-license-generation-and-validation/ http://michael.chanceyjr.com/useful-code/generic-license-generation-and-validation/#comments Fri, 20 May 2011 03:43:18 +0000 Michael E. Chancey Jr. http://michael.chanceyjr.com/?p=696 This was thrown together to see how quickly I could come up with something simple to allow for offline license validation. Up until now I previously used an online system. As well as this works it requires that the user access the internet in order to validate the key (which opens itself to traffic sniffing and server simulation in order to hack). This is by no means a perfect system but it should stump people long enough that they will feel better off just buying a key.

//Code To Generate A License Key

/// <summary>
/// GENERATE A UNIQUE KEY THAT CAN BE REVERESED TO VALIDATE WITHOUT INTERNET CONNECTION
/// </summary>
/// <param name="AppID">APPLIATION GUID THE KEY SHOULD BE GERNEATED FOR</param>
/// <returns>STRING VALUE REPRESENTING A VALID KEY</returns>
static string GenerateKey(string AppID)
{
    int curSegment = 1;
    string newLicense = "";
    string License = new string(Guid.NewGuid().ToString().Replace("-", "").ToUpper().ToCharArray().Take(12).ToArray());

    //GENERATE 4 BYTE SEGMENTS WHICH ARE [HASH,HASH][KEY,KEY]
    //VALUES ARE TAKEN FROM THE HASH AT A MATHIMATICALLY COMPUTED LOCATION [(FIRST CHAR ASCII VALUE + SEGMENT) % 32] TO MAKE IT DEPENDENT ON SEGMENT LOCATION AND VALUE
    //THIS SHOULD MAKE IT HARDER TO "GUESS" A KEY OR BRUTE FORCE ONE OUT OF THE SYSTEM
    foreach (Match tmpMatch in Regex.Matches(License, "[a-zA-Z0-9]{2}"))
        newLicense += (newLicense != "" ? "-" : "") + BitConverter.ToString(SHA256.Create().ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(tmpMatch.Value + AppID)).Skip((tmpMatch.Value.ToCharArray()[0] + curSegment++) % 32).Take(1).ToArray()).Replace("-", "") + tmpMatch.Value;

    //RETURN THE NEW LICENSE VALUE TO THE CALLING FUNCTION
    return newLicense;
}

//Code To Validate A License Key

/// <summary>
/// VALIDATES A KEY THAT HAS BEEN GENERATED FOR THE GIVEN APPLICATION ID
/// </summary>
/// <param name="AppID">APPLICATION THE KEY SHOULD BE VALIDATED AGAINST</param>
/// <param name="Key">UNIQUE KEY TO COMPARE AGAINST</param>
/// <returns>TRUE OR FALSE REPRESENTING THE VALIDATION OF THE GIVEN KEY AND APPLICATION ID</returns>
public static bool ValidateKey(string Key)
{
    try
    {
        int curSegment = 1;
        string[] segments = Key.ToUpper().Split(new char[] { '-' });
        string AppID = ((GuidAttribute)Assembly.GetCallingAssembly().GetCustomAttributes(typeof(GuidAttribute), false)[0]).Value;

        foreach (string segment in segments)
        {
            //SPLIT THE SEGMENT INTO HASH VALUE AND KEY VALUE
            string hashedValue = segment.Substring(0, 2);
            string keyValue = segment.Substring(2, 2);

            //COMPUTE THE HASH USING THE REVERSE ALGORITHM FROM CREATING A HASH
            string hash = BitConverter.ToString(SHA256.Create().ComputeHash(System.Text.ASCIIEncoding.ASCII.GetBytes(keyValue + AppID)).Skip((keyValue.ToCharArray()[0] + curSegment++) % 32).Take(1).ToArray());

            //IF THE HASH DOES NOT MATCH WHAT IS BELIEVED SHOULD BE A MATCH THEN DROP OUT BECAUSE THE KEY IS INVALID
            if (hash != hashedValue)
                return false;
        }

        //IF WE MADE IT THIS FAR THEN THE KEY IS VALID
        return true;
    }
    catch
    {
        //IF THERE WAS AN ERROR WHILE ATTEMPTING TO VALIDATE THEN THE KEY MUST BE INVALID
        return false;
    }
}
Share Twitter Digg StumbleUpon del.icio.us

]]> http://michael.chanceyjr.com/useful-code/generic-license-generation-and-validation/feed/ 0 Testing Password Complexity http://michael.chanceyjr.com/useful-code/testing-password-complexity/ http://michael.chanceyjr.com/useful-code/testing-password-complexity/#comments Wed, 16 Dec 2009 05:15:17 +0000 Michael E. Chancey Jr. http://michael.chanceyjr.com/?p=534 Password complexity is a huge deal when a company is applying for its compliance so below is a simple function to test for password complexity based on a rule set passed in. The following code allows for any of the following rules to be applied to a password. You can elect to require any or all of the following 1 upper case character, 1 lower case character, 1 numeric character and 1 special character.

//Function

        /// <summary>
        /// FUNCTION FOR TESTING PASSWORD COMPLEXITY
        /// </summary>
        /// <param name="s">INCOMING PASSWORD TO TEST</param>
        /// <param name="minLength">MIN LENGTH OF PASSWORD</param>
        /// <param name="maxLength">MAX LENGTH OF PASSWORD</param>
        /// <param name="rule">COMPARISON FLAGS CAN BE ANY COMBINATION OF THE FOLLOWING - UPPER, LOWER, NUMERIC, SPECIAL</param>
        /// <returns>TRUE OR FALSE IF THE PASSWORD PASSES OR NOT</returns>
        static bool ValidatePasswordComplexity(string s, int minLength, int maxLength, PasswordRules rule)
        {
            //CONSTANTS FOR COMPARISON GROUPS
            const string UPPER = "(?=.*[A-Z])";
            const string LOWER = "(?=.*[a-z])";
            const string NUMERIC = "(?=.*[0-9])";
            const string SPECIAL = "(?=.*[!@#$%^&*()<>])";

            //CREATE A NEW VAR TO HOLD THE COMPARE STRING WHILE ITS ASSEMBLED
            StringBuilder tmpCompare = new StringBuilder("^");

            //CHECK IF UPPER IS A REQUIREMENT
            if ((rule & PasswordRules.Upper) == PasswordRules.Upper)
                tmpCompare.Append(UPPER);

            //CHECK IF LOWER IS A REQUIREMENT
            if ((rule & PasswordRules.Lower) == PasswordRules.Lower)
                tmpCompare.Append(LOWER);

            //CHECK IF NUMERIC IS A REQUIREMENT
            if ((rule & PasswordRules.Numeric) == PasswordRules.Numeric)
                tmpCompare.Append(NUMERIC);

            //CHECK IF SPECIAL IS A REQUIREMENT
            if ((rule & PasswordRules.Special) == PasswordRules.Special)
                tmpCompare.Append(SPECIAL);

            //APPEND THE LENGTH REQUIREMENTS
            tmpCompare.Append(string.Format(".{{{0},{1}}}", minLength, maxLength));

            //RETURN THE RESULT OF THE COMPARISON
            return Regex.Match(s, tmpCompare.ToString()).Success;
        }

        /// <summary>
        /// ERNUMERATIONS FOR PASSWORD COMPLEXITY TESTING
        /// </summary>
        [Flags]
        public enum PasswordRules
        {
            Upper = 1,
            Lower = 2,
            Numeric = 4,
            Special = 8,
        }

//Usage

        /// <summary>
        /// MAIN APPLICATION ENTRY POINT
        /// </summary>
        /// <param name="args"></param>
        static void Main(string[] args)
        {
            //SOMETHING TO COMPARE
            string pwd = "Password1";

            //TWO DIFFERENT SAMPLES TO SHOW THE PASSWORD MEETS THE REQUIREMENTS IF YOU ARE NOT LOOKING FOR A SPECIAL CHARACTER
            //BUT FAILS ONCE THE SPECIAL REQUIREMENT IS ADDED TO THE PARAMETER
            Console.WriteLine("{0}: {1}", pwd, ValidatePasswordComplexity(pwd, 6, 15, PasswordRules.Upper | PasswordRules.Lower | PasswordRules.Numeric));
            Console.WriteLine("{0}: {1}", pwd, ValidatePasswordComplexity(pwd, 6, 15, PasswordRules.Upper | PasswordRules.Lower | PasswordRules.Numeric | PasswordRules.Special));

            //WAIT FOR USER INPUT
            Console.ReadLine();
        }
Share Twitter Digg StumbleUpon del.icio.us

]]> http://michael.chanceyjr.com/useful-code/testing-password-complexity/feed/ 0