Thursday, June 27, 2013

XML Serializable Dictionary, Tuple, and Object

Serializing a data class to an XML file using XmlSerializer is very useful. However, some of the most useful data classes in .NET are not serializable. Dictionary and Tuple most notably. If you looking for a blog post on how to make a Dictionary that accepts duplicate keys by storing the values values with identical keys in a List, please see this blog post.

The below SerializableDictionary class works by inheriting from IXmlSerializable, which requires you implement the following three methods:
* GetSchema() - Remember, you should always return null for this function.
* ReadXml(XmlReader reader)
* WriteXml(XmlWriter writer)
(Read about IXmlSerializable on MSDN)

Here is the code to serialize a dictionary or serialize a tuple:

namespace XMLSerializableDictionary
    using System;
    using System.Collections.Generic;
    using System.Runtime.Serialization;
    using System.Xml;
    using System.Xml.Schema;
    using System.Xml.Serialization;

    public class SerializableDictionary<TKey, TValue>
        : Dictionary<TKey, TValue>, IXmlSerializable
        private const string DefaultTagItem = "Item";
        private const string DefaultTagKey = "Key";
        private const string DefaultTagValue = "Value";
        private static readonly XmlSerializer KeySerializer =
                                        new XmlSerializer(typeof(TKey));

        private static readonly XmlSerializer ValueSerializer =
                                        new XmlSerializer(typeof(TValue));

        public SerializableDictionary() : base()

        protected SerializableDictionary(SerializationInfo info, StreamingContext context)
                : base(info, context)

        protected virtual string ItemTagName
            get { return DefaultTagItem; }

        protected virtual string KeyTagName
            get { return DefaultTagKey; }

        protected virtual string ValueTagName
            get { return DefaultTagValue; }

        public XmlSchema GetSchema()
            return null;

        public void ReadXml(XmlReader reader)
            bool wasEmpty = reader.IsEmptyElement;


            if (wasEmpty)

                while (reader.NodeType != XmlNodeType.EndElement)
                        TKey tKey;
                        TValue tValue;

                            tKey = (TKey)KeySerializer.Deserialize(reader);

                            tValue = (TValue)ValueSerializer.Deserialize(reader);

                        this.Add(tKey, tValue);


        public void WriteXml(XmlWriter writer)
            foreach (KeyValuePair<TKey, TValue> keyValuePair in this)
                        KeySerializer.Serialize(writer, keyValuePair.Key);

                        ValueSerializer.Serialize(writer, keyValuePair.Value);

The idea behind the serializable tuple is we just make our own Tuple that stores the items by declaring the properties to represent them with their generic T type. If you are not used to working with generics, this can be a little strange. T1, T2 and T3 are just placeholders for the type that is to be determined by the calling function, or the function above that if the calling function uses generics too.

And a serializable tuple:

public class SerializableTuple<T1,T2,T3>
 public T1 Item1 { get; set; }
 public T2 Item2 { get; set; }
 public T3 Item3 { get; set; }
 public static implicit operator Tuple<T1,T2,T3>(SerializableTuple<T1,T2,T3>  st)
  return Tuple.Create(st.Item1,st.Item2,st.Item3);

 public static implicit operator SerializableTuple<T1,T2,T3>(Tuple<T1,T2,T3> t)
  return new SerializableTuple<T1,T2,T3>() {
   Item1 = t.Item1,
   Item2 = t.Item2,
   Item3 = t.Item3
 public SerializableTuple()

And finally, a generic object serializer and deserializer:

public static class XML
   public static class Serialize
      public static void Object(string Filename, object obj)
         using (StreamWriter streamWriter = new StreamWriter(Filename))
            XmlSerializer xmlSerializer = new XmlSerializer(obj.GetType());
            xmlSerializer.Serialize(streamWriter, obj);

   public static class DeSerialize
      public static string Generic<T>(T data)
         if (data == null)
            return string.Empty;

         string content = string.Empty;
         using (MemoryStream memoryStream = new MemoryStream())
            XmlSerializer serializer = new XmlSerializer(typeof(T));
            serializer.Serialize(memoryStream, data);

            memoryStream.Seek(0, SeekOrigin.Begin);
            using (StreamReader reader = new StreamReader(memoryStream))
               content = reader.ReadToEnd();
         return content;

      public static object Object(string Filename, Type type)
         object result = null;
         using (TextReader reader = new StringReader(Filename))
            XmlSerializer serializer = new XmlSerializer(type);
            result = serializer.Deserialize(reader);
         return result;

And perhaps after you serialize your data to an XML file, you would like to generate a schema XML file from it:
void XmlToSchema(string FileName)
 XmlReader xmlReader = XmlReader.Create(FileName);
 XmlSchemaSet schemaSet = new XmlSchemaSet();
 XmlSchemaInference schemaInfer = new XmlSchemaInference();
 schemaSet = schemaInfer.InferSchema(xmlReader);

 string outFilename = Path.ChangeExtension(FileName,".xsd");
 using(Stream streamOut = new FileStream(outFilename,FileMode.Create) )
  TextWriter textWriter =  new StreamWriter(streamOut);    
  foreach (XmlSchema s in schemaSet.Schemas())
   s.Write(textWriter );
  textWriter .Close();

PeriodicTable Element Class

Periodic Table as an Array of class Element in C#

public class Element
    public int AtomicNumber { get; set; }
    public string Symbol { get; set; }
    public string Name { get; set; }
    public decimal AtomicWeight { get; set; }
//  public string GroupNumber { get; set; }
//  public string GroupName { get; set; }
//  public string Period { get; set; }
//  public string Block { get; set; }
//  public string CASRegistryID { get; set; }
//  public string DiscoveryDate { get; set; }
//  public string DiscovererName { get; set; }
    public Element() { }
    public Element(int atomicNumber,string symbol,string name,decimal atomicWeight)
        AtomicNumber = atomicNumber;
        Symbol = symbol;
        Name = name;
        AtomicWeight = atomicWeight;

public class PeriodicTable
    public List<element> Elements;

    public PeriodicTable()
        Elements = new List();
        Elements.Add(new Element(1,     "H",    "Hydrogen",     1.007825M ));
        Elements.Add(new Element(2,     "He",   "Helium",       4.00260M  ));
        Elements.Add(new Element(3,     "Li",   "Lithium",      6.941M    ));
        Elements.Add(new Element(4,     "Be",   "Beryllium",    9.01218M  ));
        Elements.Add(new Element(5,     "B",    "Boron",        10.81M    ));
        Elements.Add(new Element(6,     "C",    "Carbon",       12.011M   ));
        Elements.Add(new Element(7,     "N",    "Nitrogen",     14.0067M  ));
        Elements.Add(new Element(8,     "O",    "Oxygen",       15.999M   ));
        Elements.Add(new Element(9,     "F",    "Fluorine",     18.99840M ));
        Elements.Add(new Element(10,    "Ne",   "Neon",         20.179M   ));
        Elements.Add(new Element(11,    "Na",   "Sodium",       22.98977M ));
        Elements.Add(new Element(12,    "Mg",   "Magnesium",    24.305M   ));
        Elements.Add(new Element(13,    "Al",   "Aluminum",     26.98154M ));
        Elements.Add(new Element(14,    "Si",   "Silicon",      28.0855M  ));
        Elements.Add(new Element(15,    "P",    "Phosphorus",   0.0M      ));
        Elements.Add(new Element(16,    "S",    "Sulphur",      32.06M    ));
        Elements.Add(new Element(17,    "Cl",   "Chlorine",     35.453M   ));
        Elements.Add(new Element(18,    "Ar",   "Argon",        39.948M   ));
        Elements.Add(new Element(19,    "K",    "Potassium",    39.0983M  ));
        Elements.Add(new Element(20,    "Ca",   "Calcium",      40.08M    ));
        Elements.Add(new Element(21,    "Sc",   "Scandium",     44.9559M  ));
        Elements.Add(new Element(22,    "Ti",   "Titanium",     47.90M    ));
        Elements.Add(new Element(23,    "V",    "Vanadium",     50.9414M  ));
        Elements.Add(new Element(24,    "Cr",   "Chromium",     51.996M   ));
        Elements.Add(new Element(25,    "Mn",   "Manganese",    54.9380M  ));
        Elements.Add(new Element(26,    "Fe",   "Iron",         55.85M    ));
        Elements.Add(new Element(27,    "Co",   "Cobalt",       58.9332M  ));
        Elements.Add(new Element(28,    "Ni",   "Nickel",       58.71M    ));
        Elements.Add(new Element(29,    "Cu",   "Copper",       63.546M   ));
        Elements.Add(new Element(30,    "Zn",   "Zinc",         65.37M    ));
        Elements.Add(new Element(31,    "Ga",   "Gallium",      69.72M    ));
        Elements.Add(new Element(32,    "Ge",   "Germanium",    72.59M    ));
        Elements.Add(new Element(33,    "As",   "Arsenic",      74.9216M  ));
        Elements.Add(new Element(34,    "Se",   "Selenium",     78.96M    ));
        Elements.Add(new Element(35,    "Br",   "Bromine",      79.904M   ));
        Elements.Add(new Element(36,    "Kr",   "Krypton",      83.80M    ));
        Elements.Add(new Element(37,    "Rb",   "Rubidium",     85.4678M  ));
        Elements.Add(new Element(38,    "Sr",   "Strontium",    87.62M    ));
        Elements.Add(new Element(39,    "Y",    "Yttrium",      88.9059M  ));
        Elements.Add(new Element(40,    "Zr",   "Zirconium",    91.22M    ));
        Elements.Add(new Element(41,    "Nb",   "Niobium",      92.91M    ));
        Elements.Add(new Element(42,    "Mo",   "Molybdenum",   95.94M    ));
        Elements.Add(new Element(43,    "Tc",   "Technetium",   99.0M     ));
        Elements.Add(new Element(44,    "Ru",   "Ruthenium",    101.1M    ));
        Elements.Add(new Element(45,    "Rh",   "Rhodium",      102.91M   ));
        Elements.Add(new Element(46,    "Pd",   "Palladium",    106.42M   ));
        Elements.Add(new Element(47,    "Ag",   "Silver",       107.87M   ));
        Elements.Add(new Element(48,    "Cd",   "Cadmium",      112.4M    ));
        Elements.Add(new Element(49,    "In",   "Indium",       114.82M   ));
        Elements.Add(new Element(50,    "Sn",   "Tin",          118.69M   ));
        Elements.Add(new Element(51,    "Sb",   "Antimony",     121.75M   ));
        Elements.Add(new Element(52,    "Te",   "Tellurium",    127.6M    ));
        Elements.Add(new Element(53,    "I",    "Iodine",       126.9045M ));
        Elements.Add(new Element(54,    "Xe",   "Xenon",        131.29M   ));
        Elements.Add(new Element(55,    "Cs",   "Cesium",       132.9054M ));
        Elements.Add(new Element(56,    "Ba",   "Barium",       137.33M   ));
        Elements.Add(new Element(57,    "La",   "Lanthanum",    138.91M   ));
        Elements.Add(new Element(58,    "Ce",   "Cerium",       140.12M   ));
        Elements.Add(new Element(59,    "Pr",   "Praseodymium", 140.91M   ));
        Elements.Add(new Element(60,    "Nd",   "Neodymium",    0.0M      ));
        Elements.Add(new Element(61,    "Pm",   "Promethium",   147.0M    ));
        Elements.Add(new Element(62,    "Sm",   "Samarium",     150.35M   ));
        Elements.Add(new Element(63,    "Eu",   "Europium",     167.26M   ));
        Elements.Add(new Element(64,    "Gd",   "Gadolinium",   157.25M   ));
        Elements.Add(new Element(65,    "Tb",   "Terbium",      158.925M  ));
        Elements.Add(new Element(66,    "Dy",   "Dysprosium",   162.50M   ));
        Elements.Add(new Element(67,    "Ho",   "Holmium",      164.9M    ));
        Elements.Add(new Element(68,    "Er",   "Erbium",       167.26M   ));
        Elements.Add(new Element(69,    "Tm",   "Thulium",      168.93M   ));
        Elements.Add(new Element(70,    "Yb",   "Ytterbium",    173.04M   ));
        Elements.Add(new Element(71,    "Lu",   "Lutetium",     174.97M   ));
        Elements.Add(new Element(72,    "Hf",   "Hafnium",      178.49M   ));
        Elements.Add(new Element(73,    "Ta",   "Tantalum",     180.95M   ));
        Elements.Add(new Element(74,    "W",    "Tungsten",     183.85M   ));
        Elements.Add(new Element(75,    "Re",   "Rhenium",      186.23M   ));
        Elements.Add(new Element(76,    "Os",   "Osmium",       190.2M    ));
        Elements.Add(new Element(77,    "Ir",   "Iridium",      192.2M    ));
        Elements.Add(new Element(78,    "Pt",   "Platinum",     195.09M   ));
        Elements.Add(new Element(79,    "Au",   "Gold",         196.9655M ));
        Elements.Add(new Element(80,    "Hg",   "Mercury",      200.59M   ));
        Elements.Add(new Element(81,    "Tl",   "Thallium",     204.383M  ));
        Elements.Add(new Element(82,    "Pb",   "Lead",         207.2M    ));
        Elements.Add(new Element(83,    "Bi",   "Bismuth",      208.9804M ));
        Elements.Add(new Element(84,    "Po",   "Polonium",     210.0M    ));
        Elements.Add(new Element(85,    "At",   "Astatine",     210.0M    ));
        Elements.Add(new Element(86,    "Rn",   "Radon",        222.0M    ));
        Elements.Add(new Element(87,    "Fr",   "Francium",     233.0M    ));
        Elements.Add(new Element(88,    "Ra",   "Radium",       226.0254M ));
        Elements.Add(new Element(89,    "Ac",   "Actinium",     227.0M    ));
        Elements.Add(new Element(90,    "Th",   "Thorium",      232.04M   ));
        Elements.Add(new Element(91,    "Pa",   "Protactinium", 231.0359M ));
        Elements.Add(new Element(92,    "U",    "Uranium",      238.03M   ));
        Elements.Add(new Element(93,    "Np",   "Neptunium",    237.0M    ));
        Elements.Add(new Element(94,    "Pu",   "Plutonium",    244.0M    ));
        Elements.Add(new Element(95,    "Am",   "Americium",    243.0M    ));
        Elements.Add(new Element(96,    "Cm",   "Curium",       247.0M    ));
        Elements.Add(new Element(97,    "Bk",   "Berkelium",    247.0M    ));
        Elements.Add(new Element(98,    "Cf",   "Californium",  251.0M    ));
        Elements.Add(new Element(99,    "Es",   "Einsteinium",  254.0M    ));
        Elements.Add(new Element(100,   "Fm",   "Fermium",      257.0M    ));
        Elements.Add(new Element(101,   "Md",   "Mendelevium",  258.0M    ));
        Elements.Add(new Element(102,   "No",   "Nobelium",     259.0M    ));
        Elements.Add(new Element(103,   "Lr",   "Lawrencium",   262.0M    ));
        Elements.Add(new Element(104,   "Rf",   "Rutherfordium",260.9M    ));
        Elements.Add(new Element(105,   "Db",   "Dubnium",      261.9M    ));
        Elements.Add(new Element(106,   "Sg",   "Seaborgium",   262.94M   ));
        Elements.Add(new Element(107,   "Bh",   "Bohrium",      262.0M    ));
        Elements.Add(new Element(108,   "Hs",   "Hassium",      264.8M    ));
        Elements.Add(new Element(109,   "Mt",   "Meitnerium",   265.9M    ));
        Elements.Add(new Element(110,   "Ds",   "Darmstadtium", 261.9M    ));
        Elements.Add(new Element(112,   "Uub",  "Ununbium",     276.8M    ));
        Elements.Add(new Element(114,   "Uuq",  "Ununquadium",  289.0M    ));
        Elements.Add(new Element(116,   "Uuh",  "Ununhexium",   0.0M      ));

Improvements could include implementing a the PeriodicTable as a Dictionary, such as a Dictionary<string,Element>. This adds the ability to to retrieve Element information given only its symbol or atomic number. Use SortedDictionary<string,Element> to order the elements by symbol, name, atomic number or weight (the dictionary will be sorted off of the key).

Admittedly, this still isn't a very useful class, its just for fun.

Fake/Random Identity Generator


During my research on RSA cryptography and the importance of a truly random number for having a large key-space, I stumbled on to I thought the concept could be really useful for certain applications and could easily envision how to implement it in C#, and make it extensible/customizable.

Take a look at these:

<?xml version="1.0" standalone="yes"?>
    <TrackingNumber>1Z 8A8 238 01 9398 182 1</TrackingNumber>
    <FirstName>Keaton </FirstName>
    <StreetAddress>4828 Cherry St.</StreetAddress>

    <FirstName>Xyla </FirstName>
    <Address>8348 Court Ave.</Address>

 CREATE TABLE ReservationData (
  `id` mediumint(8) unsigned NOT NULL auto_increment,
  `UniqueID` MEDIUMINT default NULL,
  `TripDate` varchar(50) default NULL,
  `FirstName` varchar(255) default NULL,
  `LastName` varchar(255) default NULL,
  `Phone` varchar(100) default NULL,
  `AltPhone` varchar(100) default NULL,
  `Email` varchar(255) default NULL,
  `StreetAddress` varchar(255) default NULL,
  `City` varchar(50) default NULL,
  `State` varchar(50) default NULL,
  `Zip` varchar(10) default NULL,
  `Country` varchar(255) default NULL,
  `DayOfYear` varchar(50) default NULL,
  `TotalCost` varchar(50) default NULL,
  `Balance` varchar(10) default NULL,
  `CCard` varchar(18) default NULL,
  `Expires` varchar(5) default NULL,
  `CVC2` varchar(3) default NULL,
  PRIMARY KEY (`id`)

This would make great honey for a honey pot; just fill an SQL database with this random, realistic looking data, serve and log any and all attempts to access, query or dump the database. This can be done on a VM and you have a easily deployed, high interaction honeypot!

Aside from being able to see their IP address, I think the most useful data that can be attained is their behavior; what injection attacks are they using to drop the database? Write rules to prevent your honey against trivial attempts such as the ' AND 1=(SELECT attacks and see what they come up with next. Rule writing is inherently a cat-and-mouse game, honeypots like this clearly give the white-hats the upper hand.


A quick, fast and dirty solution is to simply read a random line from a text file (i.e. Name_First.txt and Address_Street.txt).

This way, you can choose from names that are common, or customize your list to for different nationalities.

One could read the whole file in to a string, Parse() it into an array of strings, then randomly select an index, but this would be unacceptable for very large files. Instead, we can set the file pointer to a random position that is less than its size, roll back to the last new line and call ReadLine.

public string ReturnRandomLine(string FileName)
 string sReturn = string.Empty;
 using(FileStream myFile = new FileStream(FileName,FileMode.Open,FileAccess.Read))
  using(StreamReader myStream = new StreamReader(myFile))
   // Seek file stream pointer to a rand position...
   // Read the rest of that line.
   // Return the next, full line...
   sReturn = myStream.ReadLine();
 // If our random file position was too close to the end of the file, it will return an empty string
 // I avoided a while loop in the case that the file is empty or contains only one line
 if(System.String.IsNullOrWhiteSpace(sReturn)) {
  sReturn = ReturnRandomLine(FileName);
 return sReturn;

Example use:

public string GenerateFistName()
 return ReturnRandomLine("Name_First.txt") + " ";

public string GenerateLastName()
 return ReturnRandomLine("Name_Last.txt");

public string GenerateFullName()
 return GenerateFistName() + GenerateLastName();

public string GenerateGender()
 if(ReturnPercent(84)) {
  return "Male";
 } else {
  return "Female";

public string GenerateStreetNumber()
 return rand.Next(1,9999).ToString();

public string GenerateStreetName()
 return ReturnRandomLine("Address_Street.txt");

One limitation is where the data is relational, such as in the case of generating a random zip code along with the city and state that it exists in.

A quick work-around would be CityZipState.txt

Other types of data that can be generated that would not make sense to put in a text file:

public bool ReturnPercent(int Percent) // Return true Percent times out of 100, randomly
 int iTemp = rand.Next(1,101);
 if(iTemp<=Percent) {
  return true;
 } else {
  return false;

public string GenerateDate(int YearFrom,int YearTo)
 int Month = rand.Next(1,13);
 int Day  = rand.Next(1,32);
 int Year = GenerateYear(YearFrom,YearTo);
 return Month.ToString() + "/" + Day.ToString() + "/" + Year.ToString();

public string GenerateYear(int YearFrom,int YearTo)
 return rand.Next(YearFrom,YearTo+1).ToString();

public string GeneratePhoneNumber()
 return GeneratePhoneNumber(ReturnRandomLine("PhoneNumber_Prefix.txt"));

public string GeneratePhoneNumber(string Prefix)
 int iThree = rand.Next(192,999);
 int iFour = rand.Next(1000,9999);
 return Prefix + iThree.ToString() + "-" + iFour.ToString();

public string GenerateSSN()
 int iThree = rand.Next(132,921);
 int iTwo = rand.Next(12,83);
 int iFour = rand.Next(1423,9211);
 return iThree.ToString() + "-" + iTwo.ToString() + "-" + iFour.ToString();

Obviously, these methods can be improved to conform to the standards of a real social security number, national identification number, credit card number, ect...

public string GenerateCCNum()
 string sCCNum = string.Empty;
 byte[] bCCNum = {0};
 // generate random 16 digit number
 int iTemp1 = rand.Next(10000000,99999999);
 int iTemp2 = rand.Next(10000000,99999999);
 string sTemp = iTemp1.ToString() + iTemp2.ToString();
 // while loop?
  iTemp1 = rand.Next(10000000,99999999);
  iTemp2 = rand.Next(10000000,99999999);
  sTemp = iTemp1.ToString() + iTemp2.ToString();
 sCCNum = sTemp;
 return sCCNum;

The implementation of IsValidNumber() is left as an exercise for the reader.

The serialization of your data is a trivial matter. Please see my post on a XML Serializable Dictionary, Tuple, and Object for the code to serialize an object (such as a list, or a class).

Sunday, June 23, 2013

Gracefull error handling with a global exception handler

Every published C# application should have graceful error handling. Here I show you the implementation of a global exception handler using ThreadExceptionEventHandler.

First, you have to add System.Threading to both your Program.cs and Mainform.cs:
// Program.cs and Mainform.cs
using System.Threading;

Then add an event handler to Application.ThreadException:
// Program.cs
// static class Program {
//  private static void Main(string[] args) {
Application.ThreadException += new ThreadExceptionEventHandler(MainForm.MyExceptionHandler);
// Application.Run(new MainForm());

Or, if you are writing a console app, add an event handler to AppDomain.UnhandledException:
AppDomain.CurrentDomain.UnhandledException += new UnhandledExceptionEventHandler(MyExceptionHandler);

Then add the exception handler body:
// Mainform.cs
public static void MyExceptionHandler(object sender, ThreadExceptionEventArgs e)

The example here simply shows a message box, but an even more graceful approach would be to log all the unhanded exceptions to a log file. That way, the errors are transparent to the user, but the developer still has access to detailed debug information.

Here is the full code: