Beispiel #1
0
        public void CryptoCreateHash()
        {
            var crypto = new MD5Crypto();
            crypto.SaltSize = 64;

            var password = "******";

            var encoding = new UTF8Encoding();
            var passwordBytes = encoding.GetBytes(password);

            crypto.SaltHash = true;

            var hash = crypto.ComputeHash(passwordBytes);
            var salt = crypto.Salt;

            crypto.Salt = salt;
            var newHash = crypto.ComputeHash(passwordBytes);

            var saltstring = Convert.ToBase64String(salt);
            var hashstring = Convert.ToBase64String(hash);

            Assert.IsTrue(hash.SequenceEqual(newHash));
        }
Beispiel #2
0
        public bool AllowLogin(string username, string password, ref User user)
        {
            var userAccount = GetUserByUserName(username);

            if (Equals(userAccount, null))
            {
                if (!Equals(UserNotFound, null))
                    UserNotFound.Invoke(this, EventArgs.Empty);
                return false;
            }
            var encoding = new UTF8Encoding();
            var passwordBytes = encoding.GetBytes(password);

            var salt = Convert.FromBase64String(userAccount.Salt);

            var crypto = new MD5Crypto();
            crypto.Salt = salt;
            var hash = crypto.ComputeHash(passwordBytes, salt);

            var stringHash = Convert.ToBase64String(hash);

            if(Equals(stringHash, userAccount.Password))
            {
                user = new User(userAccount.UserRoleID,
                    userAccount.ID, userAccount.UserName, string.Empty, string.Empty, "Default");

                return true;
            }

            if (!Equals(InvalidPassword, null))
                InvalidPassword.Invoke(this, EventArgs.Empty);

            return false;
        }