public async Task Post(UserModel userModel, string creditCard)
        {
            var user = await _userRepository.Get(userModel.Username);

            if (user != null)
            {
                var salt             = PasswordEncryptor.CreateSalt(ChaCha20Poly1305.ChaCha20Poly1305.NonceSize);
                var key              = _keyVault.Get();
                var hashedCreditCard = PasswordEncryptor.EncryptSensitiveData(creditCard, salt, key);

                user.CreditCardHash = hashedCreditCard;
                user.CreditCardSalt = HexToBytesConverter.BytesArrayToHexString(salt);

                await _userRepository.Update(user);
            }
        }
Beispiel #2
0
        public static string DecryptSensitiveData(string encryptedData, byte[] salt, byte[] keyBytesArray)
        {
            var dataBytesArray = HexToBytesConverter.HexStringToBytesArray(encryptedData);

            var key           = Key.Import(AeadAlgorithm.ChaCha20Poly1305, keyBytesArray, KeyBlobFormat.NSecSymmetricKey);
            var nonce         = new Nonce(salt, 0);
            var decryptedData = AeadAlgorithm.ChaCha20Poly1305.Decrypt(key, nonce, null, dataBytesArray, out var plaintext);

            if (decryptedData)
            {
                var hashedEncryptedData = HexToBytesConverter.BytesArrayToHexString(plaintext);

                return(hashedEncryptedData);
            }

            throw new Exception("Decryption failed");
        }
Beispiel #3
0
        public async Task <bool> Register(UserModel userModel)
        {
            var salt           = PasswordEncryptor.CreateSalt(SaltLength);
            var hashedPassword = PasswordEncryptor.HashPassword(userModel.Password, salt);

            var user = new User
            {
                Id           = Guid.NewGuid(),
                Email        = userModel.Username,
                PasswordHash = hashedPassword,
                PasswordSalt = HexToBytesConverter.BytesArrayToHexString(salt)
            };

            await _userRepository.Add(user);

            return(true);
        }
Beispiel #4
0
        public static string EncryptSensitiveData(string data, byte[] salt, byte[] keyBytesArray)
        {
            try
            {
                var dataBytesArray = Encoding.Default.GetBytes(data);

                var key           = Key.Import(AeadAlgorithm.ChaCha20Poly1305, keyBytesArray, KeyBlobFormat.NSecSymmetricKey);
                var nonce         = new Nonce(salt, 0);
                var encryptedData = AeadAlgorithm.ChaCha20Poly1305.Encrypt(key, nonce, null, dataBytesArray);

                var hashedEncryptedData = HexToBytesConverter.BytesArrayToHexString(encryptedData);

                return(hashedEncryptedData);
            }
            catch (Exception e)
            {
                Console.WriteLine(e);
                throw;
            }
        }