public void ShouldEncryptAndDecryptPasswordWhenRight()
{
string hashedpassword0 = Convert.ToBase64String(AESHelper.EncryptString("abcd", user.Password));
string password0 = AESHelper.DecryptToString(Convert.FromBase64String(hashedpassword0), user.Password);
Assert.Equal("abcd", password0);
}
public IActionResult EditPassword(int id)
{
if (_cache.Get(CacheNames.getMasterPassword).ToString() != "1") // ask user for masterpassword first time
{
return(RedirectToAction("MasterPassword"));
}
Passwd toEdit = _db.Passwds.Where(a => a.Id == id).FirstOrDefault(); // get password to decrypt by id
User usr = Functions.getUser(_cache);
if (toEdit.UserId != usr.Id)
{
_cache.Set(CacheNames.error4, "You can't edit that password");
return(RedirectToAction("Index"));
}
var edit = Convert.FromBase64String(toEdit.Password); // covnvert string into byte[] to decrypt
var passwordOwner = _db.Users.Where(a => a.Id == toEdit.UserId).FirstOrDefault();
toEdit.Password = AESHelper.DecryptToString(edit, passwordOwner.Password); // decrypting password
AppViewModel appViewModel = new AppViewModel
{
User = Functions.getUser(_cache),
Logged = Functions.getLogged(_cache),
Passwd = toEdit
};
return(View(appViewModel));
}
public IActionResult Decrypt(int id)
{
if (_cache.Get(CacheNames.getMasterPassword).ToString() != "1") // ask user for masterpassword first time
{
return(RedirectToAction("MasterPassword"));
}
Passwd toDecrypt = _db.Passwds.Where(a => a.Id == id).FirstOrDefault(); // get password to decrypt by id
User usr = Functions.getUser(_cache);
if (toDecrypt.UserId != usr.Id)
{
var sharedPass = _db.SharedPasswds.Where(a => a.UserSharedId == usr.Id).ToList();
List <int> ids = new List <int>();
foreach (SharedPasswd sPass in sharedPass)
{
ids.Add(sPass.PasswdId);
}
if (!ids.Contains(toDecrypt.Id))
{
return(RedirectToAction("Index"));
}
}
ActionType actionType = new ActionType()
{
Action = "Decrypt password id=" + id,
UserId = usr.Id,
Time = DateTime.Now
};
Functions.AddActionToDatabase(_db, actionType);
var decrypt = Convert.FromBase64String(toDecrypt.Password); // covnvert string into byte[] to decrypt
var passwordOwner = _db.Users.Where(a => a.Id == toDecrypt.UserId).FirstOrDefault();
toDecrypt.Password = AESHelper.DecryptToString(decrypt, passwordOwner.Password); // decrypting password
AppViewModel appViewModel = new AppViewModel
{
User = Functions.getUser(_cache),
Logged = Functions.getLogged(_cache),
Passwd = toDecrypt
};
return(View(appViewModel));
}
public void ShouldRehashPasswordWhenMasterPasswordChanged()
{
string password0 = AESHelper.DecryptToString(Convert.FromBase64String(passwdToRehash[0].Password), userToRehash.Password);
Assert.Equal("testy", password0);
string password1 = AESHelper.DecryptToString(Convert.FromBase64String(passwdToRehash[1].Password), userToRehash.Password);
Assert.Equal("adam", password1);
var userWithChangedPassword = Functions.ChangePasswordSHA("Lab1", user);
Assert.True(Functions.Login(userWithChangedPassword, "Lab1"));
passwdToRehash = AESHelper.rehashPasswds(passwdToRehash, userToRehash.Password, userWithChangedPassword.Password);
string rehashedpassword0 = AESHelper.DecryptToString(Convert.FromBase64String(passwdToRehash[0].Password), userWithChangedPassword.Password);
Assert.Equal(password0, rehashedpassword0);
string rehashedpassword1 = AESHelper.DecryptToString(Convert.FromBase64String(passwdToRehash[1].Password), userWithChangedPassword.Password);
Assert.Equal(password1, rehashedpassword1);
}
public void ShouldPasswordDecryptWhenRight()
{
string password0 = AESHelper.DecryptToString(Convert.FromBase64String(passwdList[0].Password), user.Password);
Assert.Equal("a1", password0);
}