public ActionResult <InitResponse> DoSignup([FromBody] CredentialCreateDto credentialCreateDto) { /* Checks if the request body respects the Template Decorators of the CredentialCreateDto Objects */ if (!ModelState.IsValid) { return(BadRequest()); } /* Checks if there's present a user with the same username */ if (_vaultDbContext.Credentials.Any(credential => credential.Username.Equals(credentialCreateDto.Username))) { return(Unauthorized()); //401 } // Creates a Credential object Credential credential = new Credential { // Sets the passed Username Username = credentialCreateDto.Username, // Sets the passed Password - Sha256(<passed_password>+salt) - OBSOLETE AND INSECURE! //Password = CryptoHelper.ComputeSha256Hash(credentialCreateDto.Password.PadLeft(32, '*') + _configuration.GetSection("NCLVaultConfiguration").GetValue(typeof(string), "PASSWORD_SALT")) Password = PBKDF2Provider.Generate(credentialCreateDto.Password.PadLeft(32, '*')) }; // Adds the element to Credential table and save _vaultDbContext.Credentials.Add(credential); _vaultDbContext.SaveChanges(); // Returns the stored Credential return(Ok(new InitResponse { Username = credential.Username })); }
public void T2_001_HashAndVerify() { string STRING_HashedString = PBKDF2Provider.Generate("!//Lab2020"); Assert.IsTrue(PBKDF2Provider.IsValid("!//Lab2020", STRING_HashedString)); }