public void EncryptAndDecryptString()
{
string encrypted = AES256.Encrypt("test", "password");
string decrypted = AES256.Decrypt(encrypted, "password");
Assert.AreEqual(decrypted, "test");
}
static void Main()
{
string teste = "{ola:\"mundo\"}";
byte[] testeB = Encoding.UTF8.GetBytes(teste);
AES256 aes = new AES256();
Console.WriteLine(Encoding.UTF8.GetString(aes.Decrypt(aes.Encrypt(testeB))));
}
public void EncryptAndDecryptExactly16chars()
{
string encrypted = AES256.Encrypt(
"0123456789abcdef",
"password"
);
string decrypted = AES256.Decrypt(encrypted, "password");
Assert.AreEqual(
decrypted,
"0123456789abcdef"
);
}
public void EncryptAndDecryptLargeString()
{
string encrypted = AES256.Encrypt(
"test string that is longer than 16 characters",
"password"
);
string decrypted = AES256.Decrypt(encrypted, "password");
Assert.AreEqual(
decrypted,
"test string that is longer than 16 characters"
);
}
/// <summary>
/// Checks if user credentials are valid
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public bool AuthenticateUser(ref User user)
{
DataTable dtUser = new DataTable();
dtUser = _db.GetData($"SELECT Usuario, Contrasena FROM Usuario WHERE Usuario = '{user.Username}' AND Estatus = 1", autoConnect: true);
if (dtUser.Rows.Count > 0)
{
if (AES256.Decrypt(dtUser.Rows[0]["Contrasena"].ToString(), _config.Database.EncryptionKey) == user.Password)
{
GetUserDataByUsername(ref user);
}
}
return((user.Id == default) ? false : true);
}
public void AESEncrypt()
{
var sample = "something";
string key = "z,mv--342krnsdrfJDSf33dq2423nsda";
string iv = "12325346457462343654867843523421";
var aes = new AES256(key, iv);
var encryptedStr = aes.Encrypt(sample);
var decryptedStr = aes.Decrypt(encryptedStr);
var len1 = sample.Length;
var len2 = decryptedStr.Length;
True(sample.Length == decryptedStr.Length, "not match, dec:" + decryptedStr + " len1:" + len1 + " len2:" + len2);
}
public ValidateTokenOut ValidateToken(ValidateTokenIn input)
{
var output = new ValidateTokenOut();
AES256 aes256 = new AES256();
string tokenDecrypt = aes256.Decrypt(input.token);
// Se obtiene la información del token
ClaimsPrincipal simplePrinciple = GetPrincipal(tokenDecrypt);
if (simplePrinciple != null)
{
// Se obtienen las propiedades
var identity = simplePrinciple.Identity as ClaimsIdentity;
if (identity != null)
{
// Si no esta autenticado se denega el acceso
if (identity.IsAuthenticated)
{
// Se obtienen las variables de las propiedades que se le asignaron al Token cuando se genero
var sessionId = identity.FindFirst("sessionId");
var usrID = identity.FindFirst("usrID");
var ip = System.Web.HttpContext.Current.Request.UserHostAddress;
if (sessionId?.Value != null &&
usrID?.Value != null &&
ip != null)
{
var autentication = new SystemManagement.Business.Authentication.Authentication();
var validateSessionOut = autentication.ValidateSession(new MethodParameters.Authentication.ValidateSessionIn()
{
sessionId = sessionId.Value,
userId = Convert.ToDecimal(usrID.Value)
});
if (validateSessionOut.result == Entities.Common.Result.Success &&
validateSessionOut.session.usrID == Convert.ToDecimal(usrID.Value) &&
validateSessionOut.session.sesID == sessionId.Value &&
validateSessionOut.session.ses_status == "V")
{
output.tokenInformation = new Entities.Authentication.TokenInformation();
output.tokenInformation.sessionId = sessionId.Value;
output.tokenInformation.usrID = usrID.Value;
}
}
}
}
}
return(output);
}
public void AESEncryptBytes()
{
var sampleBytes = new byte[1024];
var rnd = new System.Random();
rnd.NextBytes(sampleBytes);
string key = "z,mv--342krnsdrfJDSf33dq2423nsda";
string iv = "12325346457462343654867843523421";
var aes = new AES256(key, iv);
var encryptedBytes = aes.Encrypt(sampleBytes);
var decryptedBytes = aes.Decrypt(encryptedBytes);
var bytesLen1 = sampleBytes.Length;
var bytesLen2 = decryptedBytes.Length;
True(sampleBytes.Length == decryptedBytes.Length, "not match," + " bytesLen1:" + bytesLen1 + " bytesLen2:" + bytesLen2);
True(sampleBytes.SequenceEqual(decryptedBytes), "not match");
}
