public void HashWithSaltTest()
        {
            PasswordHashing    ph          = new PasswordHashing();
            string             password    = "******";
            HashWithSaltResult hashResult  = ph.HashWithSalt(password, 64, SHA512.Create());
            HashWithSaltResult hashResult2 = ph.HashWithSalt(password, hashResult.Salt, SHA512.Create());

            Assert.AreEqual <string>(hashResult.CipherText, hashResult2.CipherText);
        }
Ejemplo n.º 2
0
        /// <summary>
        /// Tries to register user on db
        /// </summary>
        /// <param name="user"></param>
        /// <returns></returns>
        public static bool registerUser(UserData user)
        {
            bool   result          = false;
            string SQLRegisterUser = "******" +
                                     "(@userName, @cipherText, @salt, 0, 3)";
            // Generate salt for user to use on password
            PasswordHashing    ph         = new PasswordHashing();
            HashWithSaltResult hashResult = ph.HashWithSalt(user.password, 64, SHA512.Create());

            using (Con = new SqlConnection(DBConnection.DbConnectionString)) {
                int insertedAfflicted = Con.Execute(SQLRegisterUser, new { userName = user.userName, cipherText = hashResult.CipherText, salt = hashResult.Salt });
                if (insertedAfflicted > 0)
                {
                    result = true;
                }
            }
            return(result);
        }
Ejemplo n.º 3
0
        /// <summary>
        /// Verifies user password with salt on db
        /// </summary>
        /// <param name="user">The user to try to login with</param>
        /// <returns></returns>
        public static bool loginUser(UserData user)
        {
            bool   result       = false;
            string SQLLoginUser = "******";

            PasswordHashing ph = new PasswordHashing();
            // Get Salt and check agains server entry
            string salt = getUserSalt(user);

            if (salt != null)
            {
                HashWithSaltResult hashResult = ph.HashWithSalt(user.password, salt, SHA512.Create());
                using (Con = new SqlConnection(DBConnection.DbConnectionString)) {
                    int vertices = Con.Query <int>(SQLLoginUser, new { userName = user.userName, password = hashResult.CipherText }).FirstOrDefault();
                    if (vertices >= 3)
                    {
                        result = true;
                    }
                    ;
                }
            }
            ;
            return(result);
        }