/// <summary>
/// Compares 2 data using SHA-256 algorithm.
/// </summary>
/// <param name="data1">Data 1.</param>
/// <param name="data2">Data 2.</param>
/// <returns>Returs true if both are same, otherwise false.</returns>
/// <exception cref="ArgumentNullException">First data cannot be null.</exception>
/// <exception cref="ArgumentNullException">Second data cannot be null.</exception>
public static bool CompareHashes(byte[] data1, byte[] data2)
{
if (data1 == null)
{
throw new ArgumentNullException(nameof(data1), "First data cannot be null.");
}
if (data2 == null)
{
throw new ArgumentNullException(nameof(data2), "Second data cannot be null.");
}
if (data1.Length != data2.Length)
{
return(false);
}
byte[] hashedData1 = new SHA256Crypto().GetHashBytes(data1);
byte[] hashedData2 = new SHA256Crypto().GetHashBytes(data2);
if (hashedData1 == null || hashedData2 == null)
{
return(false);
}
for (int i = 0; i < hashedData1.Length; i++)
{
if (hashedData1[i] != hashedData2[i])
{
return(false);
}
}
return(true);
}
public MainResult Login(string clearTextPassword)
{
if (String.IsNullOrEmpty(clearTextPassword))
{
return(new MainResult
{
ErrorMessage = "Password cannot be null",
Success = false
});
}
bool success = true;
string error = "";
try
{
var hashedMasterKeyResult = RetrieveHashedMasterKeyBytes();
if (!hashedMasterKeyResult.MainResult.Success)
{
success = false;
error = hashedMasterKeyResult.MainResult.ErrorMessage;
}
else
{
byte[] hashedMasterKey = hashedMasterKeyResult.Data;
byte[] hashedPassword = new SHA256Crypto().GetHashBytes(clearTextPassword);
if (hashedPassword == null)
{
success = false;
error = "An error occured during password hashing";
}
else
{
if (!BitComparer.CompareBytes(hashedMasterKey, hashedPassword))
{
success = false;
error = "Login failed. Password is invalid";
}
}
}
}
catch (Exception ex)
{
success = false;
error = ex.Message;
}
return(new MainResult
{
Success = success,
ErrorMessage = error
});
}
private void HandleLogin(string username, string password)
{
string hashedPwd = new SHA256Crypto().GetHashBase64String(password);
UsersBLL usersBLL = new UsersBLL();
var result = usersBLL.Login(username, password);
if (result.Granted)
{
CoreGlobal.LoggedUser = result.UserName;
this.Hide();
new FormMain().Show();
}
else
{
MessageBox.Show(result.Error, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
}
}
private MainResult StoreMasterKey(string clearTextPassword)
{
if (String.IsNullOrEmpty(clearTextPassword))
{
return(new MainResult
{
ErrorMessage = "Password cannot be null",
Success = false
});
}
bool success = true;
string error = "";
try
{
byte[] hashedKey = new SHA256Crypto().GetHashBytes(clearTextPassword);
if (hashedKey == null)
{
success = false;
error = "Failed to hash master key";
}
else
{
byte[] encryptedKey = null;
try
{
//this entropy is not a secret
byte[] optionalEntropy = BitHelpers.CreateSecurePassword("#EF$RCVDFQER!#@#~~!WE@R@?>?KU$%#THT%#$HK%TH%YU%**($%DADGDFHWEJdfsffwgt34t#%@#r4t3T3r43", 128);
encryptedKey = ProtectedData.Protect(hashedKey, optionalEntropy, DataProtectionScope.LocalMachine);
}
catch
{
encryptedKey = null;
}
if (encryptedKey == null)
{
success = false;
error = "Failed during master key encryption";
}
else
{
bool exists = File.Exists(Global.MasterKeyLocation) ? true : false;
MainResult unlockFileResult = null;
unlockFileResult = exists ? UnlockFile(Global.MasterKeyLocation) : new MainResult();
if (exists && !unlockFileResult.Success)
{
success = false;
error = unlockFileResult.ErrorMessage;
}
else
{
bool save = true;
try
{
File.WriteAllBytes(Global.MasterKeyLocation, encryptedKey);
}
catch { save = false; }
if (!save)
{
success = false;
error = "Failed to write master key to desired location";
}
else
{
var result = LockFile(Global.MasterKeyLocation);
if (!result.Success)
{
success = false;
error = result.ErrorMessage;
}
}
}
}
}
}
catch (Exception ex)
{
success = false;
error = ex.Message;
}
return(new MainResult
{
Success = success,
ErrorMessage = error
});
}
