public bool LoginToAccount(string username, string password)
{
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(false);
}
AccountStore store = AccountStore.Create();
Account account = GetAccountFromStore(store, username);
if (account == null)
{
return(false);
}
byte[] salt, hashedPassword;
// Upgrade existing passwords to our new format
if (!account.Properties.ContainsKey(key_salt))
{
salt = CryptoUtilities.Get256BitSalt();
hashedPassword = CryptoUtilities.GetHash(CryptoUtilities.StringToByteArray(account.Properties[key_password]), salt);
account.Properties[key_password] = Convert.ToBase64String(hashedPassword);
account.Properties.Add(key_salt, Convert.ToBase64String(salt));
store.Save(account, service_id);
}
salt = Convert.FromBase64String(account.Properties[key_salt]);
hashedPassword = CryptoUtilities.GetHash(CryptoUtilities.StringToByteArray(password), salt);
return(account.Properties[key_password] == Convert.ToBase64String(hashedPassword));
}
public bool CreateAndSaveAccount(string username, string password)
{
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(false);
}
byte[] salt = CryptoUtilities.Get256BitSalt();
byte[] hashedPassword = CryptoUtilities.GetHash(CryptoUtilities.StringToByteArray(password), salt);
AccountStore store = AccountStore.Create();
if (GetAccountFromStore(store, username) != null)
{
return(false);
}
Account account = new Account(username);
account.Properties.Add(key_password, Convert.ToBase64String(hashedPassword));
account.Properties.Add(key_salt, Convert.ToBase64String(salt));
account.Properties.Add(key_keymaterial, Convert.ToBase64String(
CryptoUtilities.GetAES256KeyMaterial()));
store.Save(account, service_id);
return(true);
}
