public bool LoginToAccount(string username, string password) { if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password)) { return(false); } AccountStore store = AccountStore.Create(); Account account = GetAccountFromStore(store, username); if (account == null) { return(false); } byte[] salt, hashedPassword; // Upgrade existing passwords to our new format if (!account.Properties.ContainsKey(key_salt)) { salt = CryptoUtilities.Get256BitSalt(); hashedPassword = CryptoUtilities.GetHash(CryptoUtilities.StringToByteArray(account.Properties[key_password]), salt); account.Properties[key_password] = Convert.ToBase64String(hashedPassword); account.Properties.Add(key_salt, Convert.ToBase64String(salt)); store.Save(account, service_id); } salt = Convert.FromBase64String(account.Properties[key_salt]); hashedPassword = CryptoUtilities.GetHash(CryptoUtilities.StringToByteArray(password), salt); return(account.Properties[key_password] == Convert.ToBase64String(hashedPassword)); }
public bool CreateAndSaveAccount(string username, string password) { if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password)) { return(false); } byte[] salt = CryptoUtilities.Get256BitSalt(); byte[] hashedPassword = CryptoUtilities.GetHash(CryptoUtilities.StringToByteArray(password), salt); AccountStore store = AccountStore.Create(); if (GetAccountFromStore(store, username) != null) { return(false); } Account account = new Account(username); account.Properties.Add(key_password, Convert.ToBase64String(hashedPassword)); account.Properties.Add(key_salt, Convert.ToBase64String(salt)); account.Properties.Add(key_keymaterial, Convert.ToBase64String( CryptoUtilities.GetAES256KeyMaterial())); store.Save(account, service_id); return(true); }