public IActionResult Put(int id, [FromBody] VerificationKey key) { key.Id = id; _context.Entry(key).State = EntityState.Modified; _context.SaveChanges(); return(NoContent()); }
public bool Post([FromBody] VerificationKey verificationName) { using (var db = new ApplicationDbContext()) { try { if (verificationName == null) { return(default);
public SRPVerifier(HashAlgorithm hashAlgorithm, SRPParameter parameter, VerificationKey verification, byte[] A) : base(hashAlgorithm, parameter) { _hashAlgorithm = hashAlgorithm; _parameter = parameter; _s = verification.Salt.StringToByteArray().ToBigInteger(); _v = verification.Verifier.StringToByteArray().ToBigInteger(); _username = verification.Username; _A = A.ToBigInteger(); if ((_A % _parameter.PrimeNumber) == BigInteger.Zero) { throw new Exception("Safety check failed"); } _b = BigInteger.Parse("6120781328594294848119626246127827602386035851539447828004723105537643674485"); _k = Compute_k().ToBigInteger(); _B = (_k * _v + BigInteger.ModPow( _parameter.Generator, _b, _parameter.PrimeNumber) ) % _parameter.PrimeNumber; // _B = Compute_B(_v, _k, _b); _u = Compute_u(_A.ToBytes(), _B.ToBytes()).ToBigInteger(); _S = Compute_S(_A, _v, _u, _b); _K = Compute_K(_S.ToBytes()); _M = Compute_M(_username, _s.ToBytes(), _A.ToBytes(), _B.ToBytes(), _K); _HMAK = Compute_HAMK(_A.ToBytes(), _M, _K); _verificationKey = verification; #if DEBUG Console.WriteLine("=================== Verifier ===================="); Console.WriteLine("_s = {0}", _s); Console.WriteLine("_v = {0}", _v); Console.WriteLine("_username = {0}", _username); Console.WriteLine("_A = {0}", _A); Console.WriteLine("_b = {0}", _b); Console.WriteLine("_k = {0}", _k); Console.WriteLine("_B = {0}", _B); Console.WriteLine("_u = {0}", _u); Console.WriteLine("_S = {0}", _S); Console.WriteLine("_K = {0}", _K.ToBigInteger()); Console.WriteLine("_M = {0}", _M.ToBigInteger()); Console.WriteLine("============================================="); #endif }
[HttpPost("Create")] // Old public IActionResult Create([FromBody] VerificationKey key) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var result = _context.VerificationKeys.Add(key); _context.SaveChanges(); //return Created("[controller]/Get", result.Entity); return(CreatedAtAction(nameof(Get), new { result.Entity.Id }, result.Entity)); }
public SRPVerifier(HashAlgorithm hashAlgorithm, SRPParameter parameter, VerificationKey verification, byte[] A, byte[] b = null) : base(hashAlgorithm, parameter) { _hashAlgorithm = hashAlgorithm; _parameter = parameter; _s = verification.Salt.StringToBytes().ToBigInteger(); _v = verification.Verifier.StringToBytes().ToBigInteger(); _username = verification.Username; _A = A.ToBigInteger(); if ((_A % _parameter.PrimeNumber) == BigInteger.Zero) { throw new Exception("Safety check failed"); } _b = b != null?b.ToBigInteger() : GetRandomNumber().ToBytes().ToBigInteger(); _k = Compute_k().ToBigInteger(); _B = (_k * _v + BigInteger.ModPow( _parameter.Generator, _b, _parameter.PrimeNumber) ) % _parameter.PrimeNumber; _u = Compute_u(_A.ToBytes(), _B.ToBytes()).ToBigInteger(); _S = Compute_S(_A, _v, _u, _b); _K = Compute_K(_S.ToBytes()); _M = Compute_M(_username, _s.ToBytes(), _A.ToBytes(), _B.ToBytes(), _K); _HMAK = Compute_HAMK(_A.ToBytes(), _M, _K); _verificationKey = verification; #if DEBUG Console.WriteLine("=================== Verifier ===================="); Console.WriteLine("_s = {0}", _s); Console.WriteLine("_v = {0}", _v); Console.WriteLine("_username = {0}", _username); Console.WriteLine("_A = {0}", _A); Console.WriteLine("_b = {0}", _b); Console.WriteLine("_k = {0}", _k); Console.WriteLine("_B = {0}", _B); Console.WriteLine("_u = {0}", _u); Console.WriteLine("_S = {0}", _S); Console.WriteLine("_K = {0}", _K.ToBigInteger()); Console.WriteLine("_M = {0}", _M.ToBigInteger()); Console.WriteLine("============================================="); #endif }
public VerificationKey CreateVerificationKey(string username, string password) { _s = GetRandomNumber().ToBytes(); var v = new VerificationKey { Salt = _s.ByteArrayToString(), Username = username }; var x = Compute_x(_s, username, password); v.Verifier = BigInteger.ModPow(_parameter.Generator, x.ToBigInteger(), _parameter.PrimeNumber).ToBytes().ByteArrayToString(); _verificationKey = v; return(_verificationKey); }
public VerificationKey CreateVerificationKey(string username, string password) { _s = "A0AE7ED4898CBE1927CD5B3877516CFAF59F35EB43940B3640D44F2C86C38CD2".StringToBytes();//GetRandomNumber().ToBytes(); var v = new VerificationKey { Salt = _s.BytesToString(), Username = username }; var x = Compute_x(_s, username, password); v.Verifier = BigInteger.ModPow(_parameter.Generator, x.ToBigInteger(), _parameter.PrimeNumber).ToBytes().BytesToString(); _verificationKey = v; return(_verificationKey); }
protected override void OnInit(EventArgs e) { base.OnInit(e); if (!string.IsNullOrEmpty(Request["verify"]) && !string.IsNullOrEmpty(Request["user"])) { VerificationKey key = this.CurrentWebSession.CreateCriteria <VerificationKey>() .Add(Restrictions.Eq("Key", new Guid(Request["verify"]))) .Add(Restrictions.Eq("WebUserID", new Guid(Request["user"]))) .UniqueResult <VerificationKey>(); if (key == null) { Response.Redirect("/Login.aspx"); } key.IsVerifed = true; using (ITransaction x = this.CurrentWebSession.BeginTransaction()) { this.CurrentWebSession.SaveOrUpdate(key); try { x.Commit(); } catch (Exception ex) { x.Rollback(); throw ex; } } lblVerifyText.ForeColor = System.Drawing.Color.DarkGreen; lblVerifyText.Text = "Account verified! You may now <a href=\"/Login.aspx\">login</a>."; } else { Response.Redirect("/Login.aspx"); } }
protected void btnCreateUser_Click(object sender, EventArgs e) { ISession s = this.CurrentWebSession; using (ITransaction t = s.BeginTransaction()) { DateTime now = DateTime.Now; WebUser user = new WebUser(); user.Username = txtUsername.Text; user.EmailAddress = txtEmailAddress.Text; user.UserID = Guid.NewGuid(); user.IsActive = true; //user.CreatedBy = this.CurrentUser.UserID; //user.CreatedOn = DateTime.UtcNow; WebUserInfo info = new WebUserInfo(); info.WebUser = user; info.FirstName = txtFirstName.Text; info.ID = Guid.NewGuid(); info.LastName = txtLastName.Text; info.LastLogin = DateTime.Now; info.PrimaryPhone = txtPrimaryPhone.Text; info.SecondaryPhone = txtSecondaryPhone.Text; info.Hosts = int.Parse(ddlNumberOfHosts.SelectedValue); info.MainSecurityConcern = ddlMainConcern.SelectedValue; info.Provider = ddlProvider.SelectedValue; info.PrimaryWebsite = txtPrimaryWebsite.Text; info.IsActive = true; string hash = Hashing.GetMd5Hash(txtPassword.Text, "sadf"); user.PasswordHash = hash; VerificationKey vkey = new VerificationKey(); vkey.ID = Guid.NewGuid(); vkey.Key = Guid.NewGuid(); vkey.IsActive = true; vkey.CreatedBy = Guid.Empty; vkey.CreatedOn = now; vkey.LastModifiedBy = Guid.Empty; vkey.LastModifiedOn = now; vkey.IsVerifed = false; vkey.IsSent = true; //sending below vkey.User = user; s.SaveOrUpdate(vkey); s.SaveOrUpdate(info); s.SaveOrUpdate(user); try { t.Commit(); } catch (Exception ex) { t.Rollback(); throw ex; } SendVerificationEmail(info.FirstName + " " + info.LastName, user.EmailAddress, user.ID.ToString(), vkey.Key.ToString()); Response.Redirect("Login.aspx"); } }
protected void btnLogin_Click(object sender, System.EventArgs e) { string hash = AutoAssess.Misc.Hashing.GetMd5Hash(txtPassword.Text, "sadf"); WebUser user = this.CurrentWebSession.CreateCriteria <WebUser> () .Add(Restrictions.Eq("Username", txtUsername.Text)) .Add(Restrictions.Eq("PasswordHash", hash)) .Add(Restrictions.Eq("IsActive", true)) .List <WebUser>() .FirstOrDefault(); if (user == null) { lblLoginError.Text = "Invalid username/password combination."; txtUsername.Text = string.Empty; txtPassword.Text = string.Empty; return; } VerificationKey key = this.CurrentWebSession.CreateCriteria <VerificationKey>() .Add(Restrictions.Eq("WebUserID", user.ID)) .UniqueResult <VerificationKey>(); if (!key.IsVerifed) { lblLoginError.Text = "Please check your email for an account verification link."; txtUsername.Text = string.Empty; txtPassword.Text = string.Empty; return; } WebUserInfo info = this.CurrentWebSession.CreateCriteria <WebUserInfo>() .Add(Restrictions.Eq("WebUserID", user.ID)) .UniqueResult <WebUserInfo>(); info.LastLogin = DateTime.Now; using (ITransaction x = this.CurrentWebSession.BeginTransaction()) { this.CurrentWebSession.SaveOrUpdate(info); try{ x.Commit(); } catch (Exception ex) { x.Rollback(); throw ex; } } Session["User"] = user; FormsAuthenticationTicket tkt = new FormsAuthenticationTicket(1, user.UserID.ToString(), DateTime.Now, DateTime.Now.AddMinutes(30), false, string.Empty /*Whatever data you want*/); string cookiestr = FormsAuthentication.Encrypt(tkt); HttpCookie ck = new HttpCookie(FormsAuthentication.FormsCookieName, cookiestr); ck.Path = FormsAuthentication.FormsCookiePath; Response.Cookies.Add(ck); Response.Redirect("/Default.aspx", true); System.Security.Principal.GenericIdentity i = new System.Security.Principal.GenericIdentity(string.Empty, null); this.Context.User = new System.Security.Principal.GenericPrincipal(i, null); }