Ejemplo n.º 1
0
        public void ShouldEncryptAndDecryptPasswordWhenRight()
        {
            string hashedpassword0 = Convert.ToBase64String(AESHelper.EncryptString("abcd", user.Password));
            string password0       = AESHelper.DecryptToString(Convert.FromBase64String(hashedpassword0), user.Password);

            Assert.Equal("abcd", password0);
        }
Ejemplo n.º 2
0
        public IActionResult EditPassword(int id)
        {
            if (_cache.Get(CacheNames.getMasterPassword).ToString() != "1") // ask user for masterpassword first time
            {
                return(RedirectToAction("MasterPassword"));
            }
            Passwd toEdit = _db.Passwds.Where(a => a.Id == id).FirstOrDefault(); // get password to decrypt by id
            User   usr    = Functions.getUser(_cache);

            if (toEdit.UserId != usr.Id)
            {
                _cache.Set(CacheNames.error4, "You can't edit that password");
                return(RedirectToAction("Index"));
            }
            var edit          = Convert.FromBase64String(toEdit.Password); // covnvert string into byte[] to decrypt
            var passwordOwner = _db.Users.Where(a => a.Id == toEdit.UserId).FirstOrDefault();

            toEdit.Password = AESHelper.DecryptToString(edit, passwordOwner.Password);  // decrypting password

            AppViewModel appViewModel = new AppViewModel
            {
                User   = Functions.getUser(_cache),
                Logged = Functions.getLogged(_cache),
                Passwd = toEdit
            };

            return(View(appViewModel));
        }
Ejemplo n.º 3
0
        public IActionResult Decrypt(int id)
        {
            if (_cache.Get(CacheNames.getMasterPassword).ToString() != "1") // ask user for masterpassword first time
            {
                return(RedirectToAction("MasterPassword"));
            }
            Passwd toDecrypt = _db.Passwds.Where(a => a.Id == id).FirstOrDefault(); // get password to decrypt by id
            User   usr       = Functions.getUser(_cache);

            if (toDecrypt.UserId != usr.Id)
            {
                var        sharedPass = _db.SharedPasswds.Where(a => a.UserSharedId == usr.Id).ToList();
                List <int> ids        = new List <int>();

                foreach (SharedPasswd sPass in sharedPass)
                {
                    ids.Add(sPass.PasswdId);
                }

                if (!ids.Contains(toDecrypt.Id))
                {
                    return(RedirectToAction("Index"));
                }
            }

            ActionType actionType = new ActionType()
            {
                Action = "Decrypt password id=" + id,
                UserId = usr.Id,
                Time   = DateTime.Now
            };

            Functions.AddActionToDatabase(_db, actionType);

            var decrypt       = Convert.FromBase64String(toDecrypt.Password); // covnvert string into byte[] to decrypt
            var passwordOwner = _db.Users.Where(a => a.Id == toDecrypt.UserId).FirstOrDefault();

            toDecrypt.Password = AESHelper.DecryptToString(decrypt, passwordOwner.Password);  // decrypting password

            AppViewModel appViewModel = new AppViewModel
            {
                User   = Functions.getUser(_cache),
                Logged = Functions.getLogged(_cache),
                Passwd = toDecrypt
            };

            return(View(appViewModel));
        }
Ejemplo n.º 4
0
        public void ShouldRehashPasswordWhenMasterPasswordChanged()
        {
            string password0 = AESHelper.DecryptToString(Convert.FromBase64String(passwdToRehash[0].Password), userToRehash.Password);

            Assert.Equal("testy", password0);
            string password1 = AESHelper.DecryptToString(Convert.FromBase64String(passwdToRehash[1].Password), userToRehash.Password);

            Assert.Equal("adam", password1);

            var userWithChangedPassword = Functions.ChangePasswordSHA("Lab1", user);

            Assert.True(Functions.Login(userWithChangedPassword, "Lab1"));

            passwdToRehash = AESHelper.rehashPasswds(passwdToRehash, userToRehash.Password, userWithChangedPassword.Password);

            string rehashedpassword0 = AESHelper.DecryptToString(Convert.FromBase64String(passwdToRehash[0].Password), userWithChangedPassword.Password);

            Assert.Equal(password0, rehashedpassword0);
            string rehashedpassword1 = AESHelper.DecryptToString(Convert.FromBase64String(passwdToRehash[1].Password), userWithChangedPassword.Password);

            Assert.Equal(password1, rehashedpassword1);
        }
Ejemplo n.º 5
0
        public void ShouldPasswordDecryptWhenRight()
        {
            string password0 = AESHelper.DecryptToString(Convert.FromBase64String(passwdList[0].Password), user.Password);

            Assert.Equal("a1", password0);
        }