// GOOD: Password hash without salt is further hashed with salt
public byte[] GetScrable(byte[] password, byte[] decodedSalt)
{
var first20SaltBytes = new byte[20];
Array.Copy(decodedSalt, first20SaltBytes, 20);
var step1 = Sha1Utils.Hash(password);
var step2 = Sha1Utils.Hash(step1);
var step3 = Sha1Utils.Hash(first20SaltBytes, step2);
var scrambleBytes = Xor(step1, step3);
return(scrambleBytes);
}
private Task <ClaimsIdentity> GetClaimsIdentity(Usuario user)
{
var us = Context.Usuario.FirstOrDefault(o => o.Login == user.Login &&
o.Password == Sha1Utils.GetSha1(user.Password));
if (us != null)
{
return(Task.FromResult(new ClaimsIdentity(
new GenericIdentity(user.Login, "Token"),
new Claim[] { })));
}
return(Task.FromResult <ClaimsIdentity>(null));
}
private static byte[] GetScrable(GreetingsResponse greetings, string password)
{
var decodedSalt = greetings.Salt;
var first20SaltBytes = new byte[20];
Array.Copy(decodedSalt, first20SaltBytes, 20);
var step1 = Sha1Utils.Hash(password);
var step2 = Sha1Utils.Hash(step1);
var step3 = Sha1Utils.Hash(first20SaltBytes, step2);
var scrambleBytes = Sha1Utils.Xor(step1, step3);
return(scrambleBytes);
}
private static byte[] CalculateScramble(ReadOnlySpan <byte> base64Salt, string password)
{
var encodedSalt = Encoding.ASCII.GetString(base64Salt);
var decodedSalt = Convert.FromBase64String(encodedSalt);
var first20SaltBytes = new byte[20];
Array.Copy(decodedSalt, first20SaltBytes, 20);
var step1 = Sha1Utils.Hash(password);
var step2 = Sha1Utils.Hash(step1);
var step3 = Sha1Utils.Hash(first20SaltBytes, step2);
var scrambleBytes = Sha1Utils.Xor(step1, step3);
return(scrambleBytes);
}
public static void Initialize(ProductoContext context)
{
if (!context.Usuario.Any())
{
context.Usuario.Add(new Usuario()
{
Login = "******",
Password = Sha1Utils.GetSha1("1234")
});
context.SaveChanges();
}
if (context.Producto.Any())
{
return;
}
var tienda = new Tienda()
{
Nombre = "La tienda de telefonos",
};
context.Tienda.Add(tienda);
var cat = new Categoria()
{
Nombre = "Telefonia",
};
context.Categoria.Add(cat);
var productos = new Producto[] {
new Producto()
{
Nombre = "Iphone",
Existencias = 5,
Precio = 1100,
Categoria = cat
},
new Producto()
{
Nombre = "Galaxy s9",
Existencias = 3,
Precio = 900,
Categoria = cat
},
};
foreach (var compra in productos)
{
context.Producto.Add(compra);
var ti = new ProductoTienda()
{
Producto = compra,
Tienda = tienda
};
context.ProductoTienda.Add(ti);
}
context.SaveChanges();
}
