/// <summary>
/// Get the hash for the SHA-384 algorithim.
/// </summary>
/// <param name="data">
/// </param>
/// <returns>
/// </returns>
public byte[] GetHash(byte[] data)
{
byte[] hash = null;
using (System.Security.Cryptography.SHA384 crypto = System.Security.Cryptography.SHA384.Create())
{
hash = crypto.ComputeHash(data);
}
return(hash);
}
public override string ComputeHashFromFile(string filePath)
{
try
{
System.Security.Cryptography.SHA384 sha384 = System.Security.Cryptography.SHA384.Create();
FileStream fs = File.OpenRead(filePath);
byte[] outputBytes = sha384.ComputeHash(fs);
return(BitConverter.ToString(outputBytes).Replace("-", "").ToLower());
}
catch (Exception e)
{
return("\nERROR: " + e.Message);
}
}
public override string ComputeHashFromText(string text)
{
try
{
System.Security.Cryptography.SHA384 sha384 = System.Security.Cryptography.SHA384.Create();
byte[] inputBytes = Encoding.UTF8.GetBytes(text);
byte[] outputBytes = sha384.ComputeHash(inputBytes);
return(BitConverter.ToString(outputBytes).Replace("-", "").ToLower());
}
catch (Exception e)
{
return("\nERROR: " + e.Message);
}
}
public string Generate(string text)
{
using (System.Security.Cryptography.SHA384 sha384 = System.Security.Cryptography.SHA384.Create())
{
byte[] hashBytes = sha384.ComputeHash(Encoding.ASCII.GetBytes(text));
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hashBytes.Length; i++)
{
sb.Append(hashBytes[i].ToString("X2"));
}
return(sb.ToString());
}
}
public static bool _Create_System_String( )
{
//Parameters
System.String hashName = null;
//ReturnType/Value
System.Security.Cryptography.SHA384 returnVal_Real = null;
System.Security.Cryptography.SHA384 returnVal_Intercepted = null;
//Exception
Exception exception_Real = null;
Exception exception_Intercepted = null;
InterceptionMaintenance.disableInterception( );
try
{
returnValue_Real = System.Security.Cryptography.SHA384.Create(hashName);
}
catch (Exception e)
{
exception_Real = e;
}
InterceptionMaintenance.enableInterception( );
try
{
returnValue_Intercepted = System.Security.Cryptography.SHA384.Create(hashName);
}
catch (Exception e)
{
exception_Intercepted = e;
}
Return((exception_Real.Messsage == exception_Intercepted.Message) && (returnValue_Real == returnValue_Intercepted));
}
/// <summary>
/// Register an account. Returns true if succeed, otherwise return false and write logs.
/// </summary>
/// <param name="username"></param>
/// <param name="rawPassword"></param>
/// <param name="hashType"></param>
/// <returns></returns>
public static bool RegisterUser(string username, string rawPassword, int hashType)
{
try
{
string hashSaltBase64 = null;
string passwordHashBase64 = null;
byte[] saltBytes;
System.Security.Cryptography.HMAC hmac;
switch (hashType)
{
case (int)Enums.HMAC.MD5:
hashSaltBase64 = null;
using (System.Security.Cryptography.MD5 hasher = System.Security.Cryptography.MD5.Create())
{
passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
}
break;
case (int)Enums.HMAC.RIPEMD160:
hashSaltBase64 = null;
using (System.Security.Cryptography.RIPEMD160 hasher = System.Security.Cryptography.RIPEMD160.Create())
{
passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
}
break;
case (int)Enums.HMAC.SHA1:
hashSaltBase64 = null;
using (System.Security.Cryptography.SHA1 hasher = System.Security.Cryptography.SHA1.Create())
{
passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
}
break;
case (int)Enums.HMAC.SHA256:
hashSaltBase64 = null;
using (System.Security.Cryptography.SHA256 hasher = System.Security.Cryptography.SHA256.Create())
{
passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
}
break;
case (int)Enums.HMAC.SHA384:
hashSaltBase64 = null;
using (System.Security.Cryptography.SHA384 hasher = System.Security.Cryptography.SHA384.Create())
{
passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
}
break;
case (int)Enums.HMAC.SHA512:
hashSaltBase64 = null;
using (System.Security.Cryptography.SHA512 hasher = System.Security.Cryptography.SHA512.Create())
{
passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
}
break;
case (int)Enums.HMAC.HMACMD5:
saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt];
new Random().NextBytes(saltBytes);
hashSaltBase64 = Convert.ToBase64String(saltBytes);
hmac = new System.Security.Cryptography.HMACMD5(saltBytes);
passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
break;
case (int)Enums.HMAC.HMACRIPEMD160:
saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt];
new Random().NextBytes(saltBytes);
hashSaltBase64 = Convert.ToBase64String(saltBytes);
hmac = new System.Security.Cryptography.HMACRIPEMD160(saltBytes);
passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
break;
case (int)Enums.HMAC.HMACSHA1:
saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt];
new Random().NextBytes(saltBytes);
hashSaltBase64 = Convert.ToBase64String(saltBytes);
hmac = new System.Security.Cryptography.HMACSHA1(saltBytes);
passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
break;
case (int)Enums.HMAC.HMACSHA256:
saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt];
new Random().NextBytes(saltBytes);
hashSaltBase64 = Convert.ToBase64String(saltBytes);
hmac = new System.Security.Cryptography.HMACSHA256(saltBytes);
passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
break;
case (int)Enums.HMAC.HMACSHA384:
saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt];
new Random().NextBytes(saltBytes);
hashSaltBase64 = Convert.ToBase64String(saltBytes);
hmac = new System.Security.Cryptography.HMACSHA384(saltBytes);
passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
break;
case (int)Enums.HMAC.HMACSHA512:
saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt];
new Random().NextBytes(saltBytes);
hashSaltBase64 = Convert.ToBase64String(saltBytes);
hmac = new System.Security.Cryptography.HMACSHA512(saltBytes);
passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword)));
break;
default:
throw new NotImplementedException("Unspecified hash type.");
}
var acc = new Account()
{
Uname = username,
HashSaltBase64 = hashSaltBase64,
HashTypeId = hashType,
PasswordHashBase64 = passwordHashBase64,
IsTwoFactor = false,
TwoFactorSecretBase32 = null
};
using (AuthorizeEntities ctx = new AuthorizeEntities())
{
ctx.Accounts.Add(acc);
ctx.SaveChanges();
}
}
catch (Exception ex)
{
Log4netLogger.Error(MethodBase.GetCurrentMethod().DeclaringType, "Cannot register user", ex);
return(false);
}
return(true);
}
public static bool Login(string username, string password)
{
bool isOk = false;
byte[] saltBytes;
System.Security.Cryptography.HMAC hmac;
try
{
using (AuthorizeEntities ctx = new AuthorizeEntities())
{
var acc = ctx.Accounts.Where(x => x.Uname == username).FirstOrDefault();
if (acc != null)
{
switch (acc.HashTypeId)
{
case (int)Enums.HMAC.MD5:
using (System.Security.Cryptography.MD5 hasher = System.Security.Cryptography.MD5.Create())
{
isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password))));
}
break;
case (int)Enums.HMAC.RIPEMD160:
using (System.Security.Cryptography.RIPEMD160 hasher = System.Security.Cryptography.RIPEMD160.Create())
{
isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password))));
}
break;
case (int)Enums.HMAC.SHA1:
using (System.Security.Cryptography.SHA1 hasher = System.Security.Cryptography.SHA1.Create())
{
isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password))));
}
break;
case (int)Enums.HMAC.SHA256:
using (System.Security.Cryptography.SHA256 hasher = System.Security.Cryptography.SHA256.Create())
{
isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password))));
}
break;
case (int)Enums.HMAC.SHA384:
using (System.Security.Cryptography.SHA384 hasher = System.Security.Cryptography.SHA384.Create())
{
isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password))));
}
break;
case (int)Enums.HMAC.SHA512:
using (System.Security.Cryptography.SHA512 hasher = System.Security.Cryptography.SHA512.Create())
{
isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password))));
}
break;
case (int)Enums.HMAC.HMACMD5:
saltBytes = Convert.FromBase64String(acc.HashSaltBase64);
hmac = new System.Security.Cryptography.HMACMD5(saltBytes);
isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64);
break;
case (int)Enums.HMAC.HMACRIPEMD160:
saltBytes = Convert.FromBase64String(acc.HashSaltBase64);
hmac = new System.Security.Cryptography.HMACRIPEMD160(saltBytes);
isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64);
break;
case (int)Enums.HMAC.HMACSHA1:
saltBytes = Convert.FromBase64String(acc.HashSaltBase64);
hmac = new System.Security.Cryptography.HMACSHA1(saltBytes);
isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64);
break;
case (int)Enums.HMAC.HMACSHA256:
saltBytes = Convert.FromBase64String(acc.HashSaltBase64);
hmac = new System.Security.Cryptography.HMACSHA256(saltBytes);
isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64);
break;
case (int)Enums.HMAC.HMACSHA384:
saltBytes = Convert.FromBase64String(acc.HashSaltBase64);
hmac = new System.Security.Cryptography.HMACSHA384(saltBytes);
isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64);
break;
case (int)Enums.HMAC.HMACSHA512:
saltBytes = Convert.FromBase64String(acc.HashSaltBase64);
hmac = new System.Security.Cryptography.HMACSHA512(saltBytes);
isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64);
break;
default:
throw new NotImplementedException("Unspecified hash type.");
}
}
}
}
catch (Exception ex)
{
Log4netLogger.Error(MethodBase.GetCurrentMethod().DeclaringType, "Cannot login", ex);
isOk = false;
}
return(isOk);
}
