public static bool PasswordAuthentication(String AUserID, String APassword)
{
TPetraPrincipal PetraPrincipal = null;
SUserRow UserDR = TUserManagerWebConnector.LoadUser(AUserID, out PetraPrincipal);
string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);
if (UserAuthenticationMethod == "OpenPetraDBSUser")
{
if (TUserManagerWebConnector.CreateHashOfPassword(String.Concat(APassword,
UserDR.PasswordSalt)) != UserDR.PasswordHash)
{
return(false);
}
}
else
{
IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);
string ErrorMessage;
if (!auth.AuthenticateUser(AUserID, APassword, out ErrorMessage))
{
return(false);
}
}
return(true);
}
internal static void SetNewPasswordHashAndSaltForUser(SUserRow AUserDR, string ANewPassword,
string AClientComputerName, string AClientIPAddress, TDBTransaction ATransaction)
{
byte[] Salt;
int PwdSchemeVersionUpTillNow = AUserDR.PwdSchemeVersion;
int CurrentPwdSchemeVersion = TPasswordHelper.CurrentPasswordSchemeNumber;
EnsurePasswordHashingSchemeChangeIsAllowed(AUserDR.UserId, PwdSchemeVersionUpTillNow);
// Note: In this Method we deliberately ignore the present value of the PwdSchemeVersion Column of AUserDR
// because we *always* want to save the new password with the password hash of the current (=newest) version!
// We always assign a new 'Salt' with every password change (best practice)!
Salt = TPasswordHelper.CurrentPasswordScheme.GetNewPasswordSalt();
AUserDR.PasswordSalt = Convert.ToBase64String(Salt);
AUserDR.PasswordHash = TUserManagerWebConnector.CreateHashOfPassword(ANewPassword,
Convert.ToBase64String(Salt), CurrentPwdSchemeVersion);
if (PwdSchemeVersionUpTillNow != CurrentPwdSchemeVersion)
{
// Ensure AUserDR.PwdSchemeVersion gets set to the current (=newest) version!
AUserDR.PwdSchemeVersion = CurrentPwdSchemeVersion;
TUserAccountActivityLog.AddUserAccountActivityLogEntry(AUserDR.UserId,
TUserAccountActivityLog.USER_ACTIVITY_PWD_HASHING_SCHEME_UPGRADED,
String.Format(Catalog.GetString(
"The Password Scheme of User {0} got upgraded to {1}; previously it was {2}. "), AUserDR.UserId,
TPasswordHelper.CurrentPasswordSchemeNumber, PwdSchemeVersionUpTillNow) +
String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress),
ATransaction);
}
}
public static bool SetUserPassword(string AUsername, string APassword, bool APasswordNeedsChanged)
{
string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);
if (UserAuthenticationMethod == "OpenPetraDBSUser")
{
TPetraPrincipal tempPrincipal;
SUserRow UserDR = TUserManagerWebConnector.LoadUser(AUsername.ToUpper(), out tempPrincipal);
SUserTable UserTable = (SUserTable)UserDR.Table;
Random r = new Random();
UserDR.PasswordSalt = r.Next(1000000000).ToString();
UserDR.PasswordHash = TUserManagerWebConnector.CreateHashOfPassword(String.Concat(APassword,
UserDR.PasswordSalt), "SHA1");
UserDR.PasswordNeedsChange = APasswordNeedsChanged;
TDBTransaction Transaction = DBAccess.GDBAccessObj.BeginTransaction(IsolationLevel.Serializable);
SUserAccess.SubmitChanges(UserTable, Transaction);
DBAccess.GDBAccessObj.CommitTransaction();
return(true);
}
else
{
IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);
return(auth.SetPassword(AUsername, APassword));
}
}
public static bool SetUserPassword(string AUsername, string APassword, bool APasswordNeedsChanged, bool AUnretireIfRetired)
{
string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);
if (UserAuthenticationMethod == "OpenPetraDBSUser")
{
TDBTransaction SubmitChangesTransaction = null;
bool SubmissionResult = false;
TPetraPrincipal tempPrincipal;
DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction,
ref SubmissionResult,
delegate
{
SUserRow UserDR = TUserManagerWebConnector.LoadUser(AUsername.ToUpper(), out tempPrincipal);
SUserTable UserTable = (SUserTable)UserDR.Table;
Random r = new Random();
UserDR.PasswordSalt = r.Next(1000000000).ToString();
UserDR.PasswordHash = TUserManagerWebConnector.CreateHashOfPassword(String.Concat(APassword,
UserDR.PasswordSalt), "SHA1");
UserDR.PasswordNeedsChange = APasswordNeedsChanged;
// unretire the user if it has been previously retired
if (AUnretireIfRetired)
{
UserDR.Retired = false;
}
SUserAccess.SubmitChanges(UserTable, SubmitChangesTransaction);
SubmissionResult = true;
});
return(true);
}
else
{
IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);
return(auth.SetPassword(AUsername, APassword));
}
}
/// <summary>
/// Compares the new password with existing password - are they the same?
/// </summary>
/// <param name="ANewPassword">New password.</param>
/// <param name="AUserDR">DataRow of the user record in s_user DB Table whose password should be changed.</param>
/// <param name="AVerificationResult">Will be null if the new password is not the same than the old password,
/// otherwise it will be populated.</param>
/// <returns>False if the new password is not the same than the old password, otherwise true.</returns>
private static bool IsNewPasswordSameAsExistingPassword(string ANewPassword, SUserRow AUserDR,
out TVerificationResult AVerificationResult)
{
string NewPasswordHashWithOldSalt = TUserManagerWebConnector.CreateHashOfPassword(ANewPassword,
AUserDR.PasswordSalt, AUserDR.PwdSchemeVersion);
if (TPasswordHelper.EqualsAntiTimingAttack(Convert.FromBase64String(AUserDR.PasswordHash),
Convert.FromBase64String(NewPasswordHashWithOldSalt)))
{
AVerificationResult = new TVerificationResult("Password change",
ErrorCodes.GetErrorInfo(PetraErrorCodes.ERR_NEW_PASSWORD_MUST_BE_DIFFERENT));
return(true);
}
AVerificationResult = null;
return(false);
}
public static bool SetUserPassword(string AUsername,
string APassword,
string AOldPassword,
bool APasswordNeedsChanged,
out TVerificationResultCollection AVerification)
{
TDBTransaction Transaction;
string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);
TVerificationResult VerificationResult;
AVerification = new TVerificationResultCollection();
if (!TSharedSysManValidation.CheckPasswordQuality(APassword, out VerificationResult))
{
return(false);
}
if (APasswordNeedsChanged && APassword == AOldPassword)
{
AVerification = new TVerificationResultCollection();
AVerification.Add(new TVerificationResult("\nPassword check.",
Catalog.GetString(
"Password not changed as the old password was reused. Please use a new password."),
TResultSeverity.Resv_Critical));
return(false);
}
if (UserAuthenticationMethod == "OpenPetraDBSUser")
{
TPetraPrincipal tempPrincipal;
SUserRow UserDR = TUserManagerWebConnector.LoadUser(AUsername.ToUpper(), out tempPrincipal);
if (TUserManagerWebConnector.CreateHashOfPassword(String.Concat(AOldPassword,
UserDR.PasswordSalt)) != UserDR.PasswordHash)
{
AVerification = new TVerificationResultCollection();
AVerification.Add(new TVerificationResult("\nPassword quality check.",
String.Format(
Catalog.GetString(
"Old password entered incorrectly. Password not changed.")),
TResultSeverity.Resv_Critical));
return(false);
}
SUserTable UserTable = (SUserTable)UserDR.Table;
UserDR.PasswordHash = TUserManagerWebConnector.CreateHashOfPassword(String.Concat(APassword,
UserDR.PasswordSalt));
UserDR.PasswordNeedsChange = false;
Transaction = DBAccess.GDBAccessObj.BeginTransaction(IsolationLevel.Serializable);
try
{
SUserAccess.SubmitChanges(UserTable, Transaction);
DBAccess.GDBAccessObj.CommitTransaction();
}
catch (Exception Exc)
{
TLogging.Log("An Exception occured during the setting of the User Password:" + Environment.NewLine + Exc.ToString());
DBAccess.GDBAccessObj.RollbackTransaction();
throw;
}
return(true);
}
else
{
IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);
return(auth.SetPassword(AUsername, APassword, AOldPassword));
}
}
public static bool SetUserPassword(string AUserID,
string ANewPassword,
string ACurrentPassword,
bool APasswordNeedsChanged,
string AClientComputerName, string AClientIPAddress,
out TVerificationResultCollection AVerification)
{
string UserAuthenticationMethod = TAppSettingsManager.GetValue("UserAuthenticationMethod", "OpenPetraDBSUser", false);
TVerificationResult VerificationResult;
TVerificationResultCollection VerificationResultColl = null;
SUserRow UserDR = null;
SUserTable UserTable = null;
bool BogusPasswordChangeAttempt = false;
AVerification = new TVerificationResultCollection();
// Security check: Is the user that is performing the password change request the current user?
if (AUserID != UserInfo.GUserInfo.UserID)
{
throw new EOPAppException(
"The setting of a User's Password must only be done by the user itself, but this isn't the case here and therefore the request gets denied");
}
// Password quality check
if (!TSharedSysManValidation.CheckPasswordQuality(ANewPassword, out VerificationResult))
{
AVerification.Add(VerificationResult);
return(false);
}
if (UserAuthenticationMethod == "OpenPetraDBSUser")
{
TPetraPrincipal tempPrincipal;
TDBTransaction SubmitChangesTransaction = null;
bool SubmissionResult = false;
DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction,
ref SubmissionResult,
delegate
{
try
{
UserDR = TUserManagerWebConnector.LoadUser(AUserID.ToUpper(), out tempPrincipal,
SubmitChangesTransaction);
}
catch (EUserNotExistantException)
{
// Because this cannot happen when a password change gets effected through normal OpenPetra
// operation this is treated as a bogus operation that an attacker launches!
BogusPasswordChangeAttempt = true;
// Logging
TUserAccountActivityLog.AddUserAccountActivityLogEntry(AUserID,
TUserAccountActivityLog.USER_ACTIVITY_PWD_CHANGE_ATTEMPT_BY_USER_FOR_NONEXISTING_USER,
String.Format(Catalog.GetString(
"User {0} tried to make an attempt to change a User's password for UserID {1} " +
"but that user doesn't exist! "), UserInfo.GUserInfo.UserID, AUserID) +
String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress),
SubmitChangesTransaction);
SubmissionResult = true; // Need to set this so that the DB Transaction gets committed!
// Simulate that time is spent on 'authenticating' a user (although the user doesn't exist)...! Reason for that: see Method
// SimulatePasswordAuthenticationForNonExistingUser!
TUserManagerWebConnector.SimulatePasswordAuthenticationForNonExistingUser();
return;
}
UserTable = (SUserTable)UserDR.Table;
// Security check: Is the supplied current password correct?
if (TUserManagerWebConnector.CreateHashOfPassword(ACurrentPassword,
UserDR.PasswordSalt, UserDR.PwdSchemeVersion) != UserDR.PasswordHash)
{
VerificationResultColl = new TVerificationResultCollection();
VerificationResultColl.Add(new TVerificationResult("Password Verification",
Catalog.GetString(
"The current password was entered incorrectly! The password did not get changed."),
TResultSeverity.Resv_Critical));
try
{
SUserAccess.SubmitChanges(UserTable, SubmitChangesTransaction);
TUserAccountActivityLog.AddUserAccountActivityLogEntry(UserDR.UserId,
TUserAccountActivityLog.USER_ACTIVITY_PWD_WRONG_WHILE_PWD_CHANGE,
String.Format(Catalog.GetString(
"User {0} supplied the wrong current password while attempting to change " +
"his/her password! ") +
String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress),
UserInfo.GUserInfo.UserID),
SubmitChangesTransaction);
SubmissionResult = true;
}
catch (Exception Exc)
{
TLogging.Log(String.Format(
"An Exception occured during the changing of the User Password by user '{0}' (Situation 1):", AUserID) +
Environment.NewLine + Exc.ToString());
throw;
}
}
});
if (BogusPasswordChangeAttempt)
{
// Note: VerificationResultColl will be null in this case because we don't want to disclose to an attackeer
// why the password change attempt was denied!!!
return(false);
}
if (VerificationResultColl != null)
{
AVerification = VerificationResultColl;
return(false);
}
// Security check: Is the supplied new password the same than the current password?
if (IsNewPasswordSameAsExistingPassword(ANewPassword, UserDR, out VerificationResult))
{
AVerification.Add(VerificationResult);
return(false);
}
//
// All checks passed: We go aheand and change the user's password!
//
SetNewPasswordHashAndSaltForUser(UserDR, ANewPassword, AClientComputerName, AClientIPAddress, SubmitChangesTransaction);
UserDR.PasswordNeedsChange = false;
DBAccess.GDBAccessObj.BeginAutoTransaction(IsolationLevel.Serializable, ref SubmitChangesTransaction,
ref SubmissionResult,
delegate
{
try
{
SUserAccess.SubmitChanges(UserTable, SubmitChangesTransaction);
TUserAccountActivityLog.AddUserAccountActivityLogEntry(UserDR.UserId,
(APasswordNeedsChanged ? TUserAccountActivityLog.USER_ACTIVITY_PWD_CHANGE_BY_USER_ENFORCED :
TUserAccountActivityLog.USER_ACTIVITY_PWD_CHANGE_BY_USER),
String.Format(Catalog.GetString("User {0} changed his/her password{1}"),
UserInfo.GUserInfo.UserID,
(APasswordNeedsChanged ? Catalog.GetString(" (enforced password change.) ") : ". ")) +
String.Format(ResourceTexts.StrRequestCallerInfo, AClientComputerName, AClientIPAddress),
SubmitChangesTransaction);
SubmissionResult = true;
}
catch (Exception Exc)
{
TLogging.Log(String.Format("An Exception occured during the changing of the User Password by user '{0}' (Situation 2):",
AUserID) +
Environment.NewLine + Exc.ToString());
throw;
}
});
return(true);
}
else
{
IUserAuthentication auth = TUserManagerWebConnector.LoadAuthAssembly(UserAuthenticationMethod);
return(auth.SetPassword(AUserID, ANewPassword, ACurrentPassword));
}
}
