public void HashWithSaltTest()
{
PasswordHashing ph = new PasswordHashing();
string password = "******";
HashWithSaltResult hashResult = ph.HashWithSalt(password, 64, SHA512.Create());
HashWithSaltResult hashResult2 = ph.HashWithSalt(password, hashResult.Salt, SHA512.Create());
Assert.AreEqual <string>(hashResult.CipherText, hashResult2.CipherText);
}
/// <summary>
/// Tries to register user on db
/// </summary>
/// <param name="user"></param>
/// <returns></returns>
public static bool registerUser(UserData user)
{
bool result = false;
string SQLRegisterUser = "******" +
"(@userName, @cipherText, @salt, 0, 3)";
// Generate salt for user to use on password
PasswordHashing ph = new PasswordHashing();
HashWithSaltResult hashResult = ph.HashWithSalt(user.password, 64, SHA512.Create());
using (Con = new SqlConnection(DBConnection.DbConnectionString)) {
int insertedAfflicted = Con.Execute(SQLRegisterUser, new { userName = user.userName, cipherText = hashResult.CipherText, salt = hashResult.Salt });
if (insertedAfflicted > 0)
{
result = true;
}
}
return(result);
}
/// <summary>
/// Verifies user password with salt on db
/// </summary>
/// <param name="user">The user to try to login with</param>
/// <returns></returns>
public static bool loginUser(UserData user)
{
bool result = false;
string SQLLoginUser = "******";
PasswordHashing ph = new PasswordHashing();
// Get Salt and check agains server entry
string salt = getUserSalt(user);
if (salt != null)
{
HashWithSaltResult hashResult = ph.HashWithSalt(user.password, salt, SHA512.Create());
using (Con = new SqlConnection(DBConnection.DbConnectionString)) {
int vertices = Con.Query <int>(SQLLoginUser, new { userName = user.userName, password = hashResult.CipherText }).FirstOrDefault();
if (vertices >= 3)
{
result = true;
}
;
}
}
;
return(result);
}