Beispiel #1
0
    public IEnumerator UpdateAccountCoroutine(uLobby.IAccount account, uLobby.AccountUpdate update, uLobby.Request <uLobby.Account> request)
    {
        Request <AccountRecord> getAccountRequest;

        getAccountRequest = StorageLayerUtility.GetAccountRecord(account.id);
        yield return(getAccountRequest.WaitUntilDone()); if (StorageLayerUtility.RequestUtility.PropagateException(getAccountRequest, request))
        {
            yield break;
        }
        AccountRecord record = getAccountRequest.result;

        if (StorageLayerUtility.AccountUpdateUtility.isPasswordChanged(update))
        {
            record.passwordHash = SaltedPasswordHash.GenerateSaltedPasswordHash(SaltedPasswordHash.GeneratePasswordHash(StorageLayerUtility.AccountUpdateUtility.GetPassword(update) + record.name));
        }
        if (StorageLayerUtility.AccountUpdateUtility.IsDataChanged(update))
        {
            record.data = StorageLayerUtility.AccountUpdateUtility.GetData(update);
        }
        MySqlParameter[] paramsArray = new MySqlParameter[4];
        paramsArray[0] = new MySqlParameter("password", record.passwordHash.passwordHash);
        paramsArray[1] = new MySqlParameter("salt", record.passwordHash.salt);
        paramsArray[2] = new MySqlParameter("data", record.data);
        paramsArray[3] = new MySqlParameter("id", int.Parse(record.id.value));
        var operation = ExecuteNonQueryAsync.BeginInvoke(storageManager.connectionString, "UPDATE accounts SET password=@password,salt=@salt,data=@data WHERE id = @id", paramsArray, null, null);

        while (!operation.IsCompleted)
        {
            yield return(null);
        }
        Account updatedAccount = StorageLayerUtility.CreateAccount(record);

        StorageLayerUtility.RequestUtility.SetResult(request, updatedAccount);
    }
Beispiel #2
0
    // UpdateAccountCoroutine
    IEnumerator IAccountOperations.UpdateAccountCoroutine(IAccount account, AccountUpdate update, Request <Account> request)
    {
        Request <AccountRecord> getAccountRequest;

        getAccountRequest = StorageLayerUtility.GetAccountRecord(account.id);
        yield return(getAccountRequest.WaitUntilDone()); if (StorageLayerUtility.RequestUtility.PropagateException(getAccountRequest, request))
        {
            yield break;
        }
        AccountRecord record = getAccountRequest.result;

        if (StorageLayerUtility.AccountUpdateUtility.isPasswordChanged(update))
        {
            record.passwordHash = SaltedPasswordHash.GenerateSaltedPasswordHash(SaltedPasswordHash.GeneratePasswordHash(StorageLayerUtility.AccountUpdateUtility.GetPassword(update) + record.name));
        }

        if (StorageLayerUtility.AccountUpdateUtility.IsDataChanged(update))
        {
            record.data = StorageLayerUtility.AccountUpdateUtility.GetData(update);
        }

        Account updatedAccount = StorageLayerUtility.CreateAccount(record);

        StorageLayerUtility.RequestUtility.SetResult(request, updatedAccount);
        yield break;
    }
Beispiel #3
0
 // Verify password method
 public static bool Verify(string password, string passwordHash)
 {
     string[] passwordHashes = passwordHash.Split(':');
     if (passwordHashes.Length == 2)
     {
         var saltedPasswordHash = new SaltedPasswordHash(passwordHashes[0], passwordHashes[1]);
         return(saltedPasswordHash.Verify(password));
     }
     return(false);
 }
Beispiel #4
0
 // Password verify
 public static bool Verify(string password, string passwordHash)
 {
     string[] hashSalted = passwordHash.Split(':');
     if (hashSalted.Length == 2)
     {
         var saltedPaswordHash = new SaltedPasswordHash(hashSalted[0], hashSalted[1]);
         return(saltedPaswordHash.Verify(password));
     }
     return(false);
 }
Beispiel #5
0
        public void CanVerifyPasswordCreatedWithClearTextAgainstPasswordCreatedFromCorrectHashAndSalt()
        {
            // Arrange
            var password = "******";

            // Act
            var  passwordHash     = new SaltedPasswordHash(password);
            var  verificationHash = new SaltedPasswordHash(passwordHash.Hash, passwordHash.Salt);
            bool valid            = verificationHash == passwordHash;

            // Assert
            valid.Should().Be.True();
        }
Beispiel #6
0
        public void CanVerifyClearTextPasswordAgainstHashedAndSaltedPassword()
        {
            // Arrange
            var clearTextPassword    = "******";
            var originalPasswordHash = new SaltedPasswordHash(clearTextPassword);
            var retrivedPasswordHash = new SaltedPasswordHash(originalPasswordHash.Hash, originalPasswordHash.Salt);

            // Act
            bool valid = retrivedPasswordHash.Verify(clearTextPassword);

            // Assert
            valid.Should().Be.True();
        }
Beispiel #7
0
        public void CanVerifyClearTextPasswordAgainstHashedAndSaltedPassword()
        {
            // Arrange
            var clearTextPassword = "******";
            var originalPasswordHash = new SaltedPasswordHash(clearTextPassword);
            var retrivedPasswordHash = new SaltedPasswordHash(originalPasswordHash.Hash, originalPasswordHash.Salt);

            // Act
            bool valid = retrivedPasswordHash.Verify(clearTextPassword);

            // Assert
            valid.Should().Be.True();
        }
Beispiel #8
0
        public void CanDetermineIfHashedNotEqual()
        {
            // Arrange
            var password  = "******";
            var password2 = "boguspassword";

            // Act
            var passwordHash1 = new SaltedPasswordHash(password);
            var passwordHash2 = new SaltedPasswordHash(password2);

            bool valid = passwordHash1 != passwordHash2;

            // Assert
            valid.Should().Be.True();
        }
Beispiel #9
0
        public void CanNotVerifyTwoIdenticalPasswordsCreatedFromClearText()
        {
            // Arrange
            var password  = "******";
            var password2 = "testpassword";

            // Act
            var passwordHash1 = new SaltedPasswordHash(password);
            var passwordHash2 = new SaltedPasswordHash(password2);

            bool valid = passwordHash1 == passwordHash2;

            // Assert
            valid.Should().Be.False();
        }
Beispiel #10
0
        public void CanNotVerifyTwoIdenticalPasswordsCreatedFromClearText()
        {
            // Arrange
            var password = "******";
            var password2 = "testpassword";

            // Act
            var passwordHash1 = new SaltedPasswordHash(password);
            var passwordHash2 = new SaltedPasswordHash(password2);

            bool valid = passwordHash1 == passwordHash2;

            // Assert
            valid.Should().Be.False();
        }
Beispiel #11
0
        public void CanDetermineIfHashedNotEqual()
        {
            // Arrange
            var password = "******";
            var password2 = "boguspassword";

            // Act
            var passwordHash1 = new SaltedPasswordHash(password);
            var passwordHash2 = new SaltedPasswordHash(password2);

            bool valid = passwordHash1 != passwordHash2;

            // Assert
            valid.Should().Be.True();
        }
Beispiel #12
0
        public void CanVerifyTwoPasswordHashedCreatedFromClearTextPasswordsButTheyHashesAreNotEqual()
        {
            // Arrange
            var clearTextPassword = "******";
            var hash1             = new SaltedPasswordHash(clearTextPassword);
            var hash2             = new SaltedPasswordHash(clearTextPassword);

            // Act
            bool equalHashed           = hash1 == hash2;
            bool hash1VerifiesPassword = hash1.Verify(clearTextPassword);
            bool hash2VerifiesPassword = hash2.Verify(clearTextPassword);

            // Assert
            equalHashed.Should().Be.False();
            hash1VerifiesPassword.Should().Be.True();
            hash2VerifiesPassword.Should().Be.True();
        }
Beispiel #13
0
    // CreateAccount
    public static IEnumerator CreateAccount(string accountId, string email, string password)
    {
        // Test accounts
        if (GameDB.IsTestAccount(email))
        {
            password = email;
        }

        // Log
        LogManager.General.Log(accountId + ", " + email + ", " + password);

        // SHA 512 encryption
        password = GameDB.EncryptPasswordString(password);

        // AccountNameToID
        yield return(GameDB.instance.StartCoroutine(GameDB.Set <string>(
                                                        "AccountNameToID",
                                                        email,
                                                        accountId,
                                                        null
                                                        )));

        // Create password hash
        LogManager.General.Log("Generating password hash");
        var saltedPasswordHash = SaltedPasswordHash.GenerateSaltedPasswordHash(SaltedPasswordHash.GeneratePasswordHash(password + email));

        // Create game account
        var gameAccount = new GameAccount(
            accountId,
            email,
            saltedPasswordHash.passwordHash,
            saltedPasswordHash.salt
            );

        // Save game account
        LogManager.General.Log("Saving game account: " + accountId);
        yield return(GameDB.instance.StartCoroutine(GameDB.Set <GameAccount>(
                                                        "Accounts",
                                                        accountId,
                                                        gameAccount,
                                                        null
                                                        )));
    }
Beispiel #14
0
    // UpdateAccountCoroutine
    IEnumerator IAccountOperations.UpdateAccountCoroutine(IAccount account, AccountUpdate update, Request <Account> request)
    {
        // Get account record
        Request <AccountRecord> getAccountRequest;

        getAccountRequest = StorageLayerUtility.GetAccountRecord(account.id);
        yield return(getAccountRequest.WaitUntilDone());

        // Did it cause an exception?
        if (StorageLayerUtility.RequestUtility.PropagateException(getAccountRequest, request))
        {
            yield break;
        }

        AccountRecord record = getAccountRequest.result;

        // Password change
        if (StorageLayerUtility.AccountUpdateUtility.isPasswordChanged(update))
        {
            record.passwordHash = SaltedPasswordHash.GenerateSaltedPasswordHash(SaltedPasswordHash.GeneratePasswordHash(StorageLayerUtility.AccountUpdateUtility.GetPassword(update) + record.name));
        }

        Account updatedAccount = StorageLayerUtility.CreateAccount(record);

        // Save in accounts database
        yield return(GameDB.instance.StartCoroutine(GameDB.Set <GameAccount>(
                                                        "Accounts",
                                                        updatedAccount.id.value,
                                                        new GameAccount(record),
                                                        data => {
            if (data != null)
            {
                StorageLayerUtility.RequestUtility.SetResult(request, updatedAccount);
            }
        }
                                                        )));
    }
Beispiel #15
0
        // Hash password method
        public static string Hash(string password)
        {
            var saltedPasswordHash = new SaltedPasswordHash(password, 8);

            return(saltedPasswordHash.Hash + ":" + saltedPasswordHash.Salt);
        }
Beispiel #16
0
        // Hash encoding
        public static string HashEncode(string password)
        {
            var passwordHash = new SaltedPasswordHash(password, 20);

            return(passwordHash.Hash + ":" + passwordHash.Salt);
        }
Beispiel #17
0
        public void CanVerifyPasswordCreatedWithClearTextAgainstPasswordCreatedFromCorrectHashAndSalt()
        {
            // Arrange
            var password = "******";

            // Act
            var passwordHash = new SaltedPasswordHash(password);
            var verificationHash = new SaltedPasswordHash(passwordHash.Hash, passwordHash.Salt);
            bool valid = verificationHash == passwordHash;

            // Assert
            valid.Should().Be.True();
        }
Beispiel #18
0
        public void CanVerifyTwoPasswordHashedCreatedFromClearTextPasswordsButTheyHashesAreNotEqual()
        {
            // Arrange
            var clearTextPassword = "******";
            var hash1 = new SaltedPasswordHash(clearTextPassword);
            var hash2 = new SaltedPasswordHash(clearTextPassword);

            // Act
            bool equalHashed = hash1 == hash2;
            bool hash1VerifiesPassword = hash1.Verify(clearTextPassword);
            bool hash2VerifiesPassword = hash2.Verify(clearTextPassword);

            // Assert
            equalHashed.Should().Be.False();
            hash1VerifiesPassword.Should().Be.True();
            hash2VerifiesPassword.Should().Be.True();
        }