public virtual float GetBestScoreForLevel(int lvlNr, bool checkUserID) { if (MFPClassic.Hook.devMode) { return(0); } float num1 = 0.0f; for (float num2 = new float(); (double)num2 <= 2.0; ++num2) { int num3 = SavedData.GetInt(CryptoString.Encrypt(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition("lvlScore", (object)lvlNr), "diff"), (object)num2))); if ((double)num3 > (double)num1) { if (checkUserID) { string str = SavedData.GetString(CryptoString.Encrypt(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition("lvlScore", (object)lvlNr), "diff"), (object)num2), "ID"))); if (this.userID == "0" && str != "-1" && str != "-999" || str == this.userID) { num1 = (float)num3; } } else { num1 = (float)num3; } } } return(num1); }
public void SymmetricEncryptor_HeavyUsage() { CryptoRandomizer random = new CryptoRandomizer(); const int Iterations = 100; const int MaxMemoryBlock = 100000; for (int i = 0; i < Iterations; i++) { int blockSize = random.Next(MaxMemoryBlock); byte[] buffer = new ByteGenerator().GenerateBytes(blockSize); string key = CryptoString.GenerateRandomText(1000); byte[] decryptedBuffer; byte[] encryptedBuffer; using (SymmetricEncryptor encryptor = new SymmetricEncryptor()) { //Encrypt encryptedBuffer = encryptor.EncryptBytes(buffer, key); // Decrypt decryptedBuffer = encryptor.DecryptBytes(encryptedBuffer, key); } // IDispose - Closes and clears the keys in memory // Assert - Check to make sure the bytes are all the same Assert.IsTrue(buffer.SequenceEqual(decryptedBuffer)); } }
public void PasswordHasher_BasicUsage() { Hasher sha256 = new Hasher(SHA256.Create()); // Create password -> SecureString -> CryptpString string password = "******"; SecureString securePassword = CryptoString.StringToSecureString(password); CryptoString cryptoPassword = new CryptoString(securePassword); // Create the Hash PasswordHasher hasher = new PasswordHasher(); string hash = hasher.PasswordHash(cryptoPassword); // FAIL - BAD Hash string badHash = sha256.Hash("randomhash203984vb5230984vb230984tb7v23b098tu13908tu31908vn"); Assert.IsFalse(hasher.PasswordCheck(cryptoPassword, badHash)); // FAIL - BAD Password CryptoString badPassword = new CryptoString(CryptoString.StringToSecureString("BADPASSWORD")); Assert.IsFalse(hasher.PasswordCheck(badPassword, hash)); // SUCCESS - GOOD Password and Hash Assert.IsTrue(hasher.PasswordCheck(cryptoPassword, hash)); }
/// <summary> /// Generazione del token di autenticazione per l'utente specificato /// </summary> /// <param name="userId">User id dell'utente proprietario del token</param> /// <param name="tokenType">Tipo di token da generare</param> /// <param name="milliseconds">Durata del token espressa in millisecondi</param> /// <param name="keyLength">Lunghezza della chiave espressa in numero di caratteri</param> /// <param name="initializationVectorLength">Lunghezza dell'initialization vector espressa in numero di caratteri</param> /// <returns>Token criptato</returns> public override string Generate(string userId, AuthTokenManager.TokenTypeEnum tokenType, double milliseconds, AuthTokenManager.KeyLengthEnum keyLength, AuthTokenManager.KeyLengthEnum initializationVectorLength) { // Chiave privata, vettore di inizializzazione e la userid pulita String key, initializationVector, cleanedUserId; // Pulizia dello user id cleanedUserId = userId.Trim().ToUpper(); // Decifratura lunghezza della chiave e dell'initialization vector int kLength = this.DecodeKeyLength(keyLength); int ivLength = this.DecodeKeyLength(initializationVectorLength); // Generazione della chiavi key = KeyGeneratorHelper.BetterRandomString(kLength); initializationVector = KeyGeneratorHelper.BetterRandomString(ivLength); try { CryptoString crypto = new CryptoString(key, initializationVector); string encodedValue = crypto.Encrypt(String.Format(ENCRYPTED_VALUE_FORMAT, cleanedUserId, GetSessionId(), this.GetActualDateFromDB(), tokenType, this.GetExpirationDate(tokenType, milliseconds))); // Salvataggio token su db this.SaveToken(key, encodedValue, initializationVector, cleanedUserId); return(string.Format("{0}{1}", TOKEN_PREFIX, encodedValue)); } catch (Exception ex) { throw new EncryptionException(ex); } }
public virtual float GetBestTimeForLevel(int lvlNr) { float num1 = 9999999f; for (float num2 = new float(); (double)num2 <= 2.0; ++num2) { float num3 = SavedData.GetFloat(CryptoString.Encrypt(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition("lvlTime", (object)lvlNr), "diff"), (object)num2))); if ((double)num3 != 0.0 && (double)num3 < (double)num1) { num1 = num3; } } return(num1); }
/// <summary> /// Hashes a Password and returns a hash fingerprint /// </summary> /// <param name="password"></param> /// <returns></returns> public string PasswordHash(CryptoString password) { Hasher hasher = new Hasher(); string pepper; string hash; // Generate Pepper pepper = new string(Enumerable.Repeat(Options.PepperChars, 1).Select(s => s[random.Next(s.Length)]).ToArray()); // Create your hash hash = hasher.SecureHash(CryptoString.SecureStringToString(password.GetSecureString()) + Options.Salt + pepper, SecureHashDelay); return(hash); }
public void TestCryptoString() { string key = CryptoString.MakeKey(); string iv = CryptoString.MakeIV(); string test = "Test String"; CryptoString cs = new CryptoString(key, iv); string crypto = cs.Encrypt(test); string plain = cs.Decrypt(crypto); Assert.AreEqual(test, plain); }
public void PasswordHasher_BasicUsageWiki() { // Create password -> SecureString -> CryptpString string password = "******"; PasswordHasher hasher = new PasswordHasher(); SecureString securePassword = CryptoString.StringToSecureString(password); CryptoString cryptoPassword = new CryptoString(securePassword); // Create the Hash string hash = hasher.PasswordHash(cryptoPassword); // Check the password against the hash, salt and pepper bool valid = hasher.PasswordCheck(cryptoPassword, hash); }
/// <summary> /// Ripristino del token di autenticazione per l'utente specificato /// </summary> /// <param name="userId">Identificativo dell'utente proprietario del token</param> /// <param name="token">Token criptato</param> /// <returns>Token decriptato</returns> public override string Restore(string userId, string token) { if (IsAuthToken(token)) { // Pulizia del token String cleanedToken = token.Replace(TOKEN_PREFIX, String.Empty); // Pulizia e della user id String cleanedUserId = userId.Trim().ToUpper(); // Recupero delle informazioni di encryption dal DB CryptoString crypto = this.LoadToken(cleanedToken); String decryptedValue = String.Empty; try { decryptedValue = crypto.Decrypt(cleanedToken); } catch (Exception ex) { throw new DecryptionException(ex); } // Spacchettamento del token Dictionary <String, String> keyValuePairs = GetTokenKeyValuePairs(decryptedValue); // Controllo della validità del token bool expired = this.IsExpiredToken(keyValuePairs[TOKENEXPIRATIONDATE]); // Se il token è scaduto, viene cancellato il record dalla tabella if (expired) { this.RemoveTokenFromDB(cleanedToken); } if (String.Compare(cleanedUserId, keyValuePairs[UID], true) == 0 && (!expired || this.DecodeTokenType(keyValuePairs[TOKENTYPE]) == AuthTokenManager.TokenTypeEnum.OneTime)) { return(keyValuePairs[SESSIONID]); } else { throw new NoAuthenticationTokenForUserException(userId); } } else { throw new AuthenticationTokenNotValidException(); } }
public virtual void CheckForBrokenScores() { for (int index = new int(); index <= 52; ++index) { for (float num1 = new float(); (double)num1 <= 2.0; ++num1) { int num2 = SavedData.GetInt(CryptoString.Encrypt(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition("lvlScore", (object)index), "diff"), (object)num1))); if (num2 >= 9999999 || num2 < 0) { MonoBehaviour.print((object)RuntimeServices.op_Addition("BROKEN SCORE DETECTED: ", (object)num2)); SavedData.SetInt(CryptoString.Encrypt(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition("lvlScore", (object)index), "diff"), (object)num1)), 0); } } } }
public void TestCryptoGetters() { string key = CryptoString.MakeKey(); string iv = CryptoString.MakeIV(); CryptoString cs = new CryptoString { Key = key, IV = iv }; string key2 = cs.Key; string iv2 = cs.IV; Assert.AreEqual(key, key2); Assert.AreEqual(iv, iv2); }
public void TestCryptoStringDefaultConstructor() { string key = CryptoString.MakeKey(); string iv = CryptoString.MakeIV(); string test = "Test String"; CryptoString cs = new CryptoString { Key = key, IV = iv }; string crypto = cs.Encrypt(test); string plain = cs.Decrypt(crypto); Assert.AreEqual(test, plain); }
public void TestCryptoStringNoKeyEncrypt() { string test = "Test String"; CryptoString cs = new CryptoString(); try { string crypto = cs.Encrypt(test); string plain = cs.Decrypt(crypto); Assert.Fail("Should have thrown an exception"); } catch (Exception ex) { Assert.AreEqual("savedKey and savedIV must be non-null.", ex.Message); } }
public virtual void Update() { if (this.simulateMousePos) { this.fakeMousePos += new Vector2(Input.GetAxisRaw("Mouse X"), Input.GetAxisRaw("Mouse Y")) * (0.005f + this.simulateMousePosSensitivity) * 68f * (Mathf.Round((float)(Screen.width + Screen.height)) / 2f / 1500f); this.fakeMousePos.x = Mathf.Clamp(this.fakeMousePos.x, 0.0f, (float)Screen.width); this.fakeMousePos.y = Mathf.Clamp(this.fakeMousePos.y, 0.0f, (float)Screen.height); } if (!this.allowLeaderboard || !this.uploadAllScores) { return; } if (this.curUploadAllScores <= 52) { if (!this.OkToUploadScore()) { return; } string empty = string.Empty; for (float num1 = new float(); (double)num1 <= 2.0; ++num1) { if (SavedData.GetString(CryptoString.Encrypt(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition("lvlScore", (object)this.curUploadAllScores), "diff"), (object)num1), "ID"))) == "-999") { int num2 = empty == "-999" ? 1 : 0; } } string leaderboardName = this.GetLeaderboardName(this.curUploadAllScores, string.Empty, false); if (leaderboardName != string.Empty) { float num1 = new float(); float num2 = !this.speedrunnerLeaderboard ? this.GetBestScoreForLevel(this.curUploadAllScores, true) : this.GetBestTimeForLevel(this.curUploadAllScores) * 1000f; if ((double)num2 > 0.0 && (double)num2 < 9999999.0) { this.steamLeaderboardsScript.DoUploadScore((int)num2, leaderboardName); MFPClassic.MFPEditorUtils.Log("Uploading leaderboard score for:" + leaderboardName); } } ++this.curUploadAllScores; } else { this.uploadAllScores = false; } }
public IList GetPersonOnJob(string sUserCode, string sPassWord, string sOperationJobId) { PersonOnJob o; ObjectQuery oQuery = new ObjectQuery(); string sTempPassWord = string.Empty; if (string.IsNullOrEmpty(sPassWord)) { sPassWord = ""; } sTempPassWord = CryptoString.Encrypt(sPassWord, sPassWord); //oQuery.AddCriterion(Expression.Eq("StandardPerson.Password", sPassWord)); oQuery.AddCriterion(Expression.Eq("StandardPerson.Code", sUserCode)); oQuery.AddCriterion(Expression.Eq("OperationJob.Id", sOperationJobId)); oQuery.AddCriterion(Expression.Eq("State", 1)); oQuery.AddFetchMode("OperationJob", FetchMode.Eager); oQuery.AddFetchMode("StandardPerson", FetchMode.Eager); oQuery.AddFetchMode("OperationJob.OperationOrg", FetchMode.Eager); IList lstResult = dao.ObjectQuery(typeof(PersonOnJob), oQuery); for (int i = lstResult.Count - 1; i > -1; i--) { PersonOnJob oPersonOnJob = lstResult[i] as PersonOnJob; if (oPersonOnJob.StandardPerson != null) { if (string.Equals(oPersonOnJob.StandardPerson.Password, sTempPassWord) || string.Equals(oPersonOnJob.StandardPerson.Password, sPassWord)) { continue; } else if (string.IsNullOrEmpty(oPersonOnJob.StandardPerson.Password) && string.IsNullOrEmpty(sTempPassWord)) { continue; } else { lstResult.RemoveAt(i); } } } return(lstResult); }
public void CryptoString_TestUtilityMethods() { string password = "******"; int length = 100; string random = CryptoString.GenerateRandomText(length); Assert.IsTrue(random.Length > (length / 2)); string byteString = CryptoString.BytesToString(new ByteGenerator().GenerateBytes(length)); Assert.IsTrue(byteString.Length > 0); // String conversions SecureString secureString = CryptoString.StringToSecureString(password); string unsecureString = CryptoString.SecureStringToString(secureString); Assert.IsTrue(password.Equals(unsecureString)); }
public void CryptoCredential_ConfirmPropertiesSet() { // Create Credentials CryptoString passphrase = new CryptoString("My Passphrase"); int pin = 1234; CryptoCredentials credentials = new CryptoCredentials(); // Assign Credentials and ensure the 'Use' properties get updated Assert.IsFalse(credentials.UsePassphrase); credentials.Passphrase = passphrase; Assert.IsTrue(credentials.UsePassphrase); Assert.IsFalse(credentials.UsePin); credentials.Pin = pin; Assert.IsTrue(credentials.UsePin); string key = credentials.Key; Assert.IsTrue(Hasher.IsHashValid(key)); }
public void CryptoString_BasicUsuage() { string password = "******"; SecureString secureString = CryptoString.StringToSecureString(password); // Only used for test string decryptedString; CryptoString crypto = new CryptoString(secureString); // Make sure the ToString DOES NOT return the string decryptedString = crypto.ToString(); Assert.IsFalse(decryptedString.Equals(password)); // Use this only if SecureString is not accepted string useString = CryptoString.SecureStringToString(crypto.GetSecureString()); //////////////////////////////////////////// // You can now use the useString variable //////////////////////////////////////////// // When you done fill the variable full of random Text // NOTE: Not totally secure, but an added level of obsfucation useString = CryptoString.GenerateRandomText(10000); }
public virtual void DoVersionCheck() { MonoBehaviour.print((object)"Checking build number..."); float num1 = SavedData.GetFloat(CryptoString.Encrypt("BuildVersionNumber")); if ((double)this.currentBuildVersionNumber == 0.0 || (double)num1 == (double)this.currentBuildVersionNumber || ((double)num1 == 1.01999998092651 || (double)this.currentBuildVersionNumber != 1.02999997138977)) { return; } for (int index = new int(); index <= 52; ++index) { for (float num2 = new float(); (double)num2 <= 2.0; ++num2) { if (SavedData.HasKey(CryptoString.Encrypt(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition("lvlScore", (object)index), "diff"), (object)num2), "ID")))) { SavedData.SetString(CryptoString.Encrypt(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition(RuntimeServices.op_Addition("lvlScore", (object)index), "diff"), (object)num2), "ID")), "-1"); } } } SavedData.SetFloat(CryptoString.Encrypt("BuildVersionNumber"), this.currentBuildVersionNumber); MonoBehaviour.print((object)"Save from older build. Disabling auto-score-upload for saved scores on boot."); }
/// <summary> /// Funzione per la rimozione del token specificato /// </summary> /// <param name="userId">Id dell'utente proprietario del token</param> /// <param name="token">Token da eliminare</param> public override void RemoveToken(String userId, String token) { if (IsAuthToken(token)) { // Pulizia del token String cleanedToken = token.Replace(TOKEN_PREFIX, String.Empty); // Recupero delle informazioni di encryption dal DB CryptoString crypto = this.LoadToken(cleanedToken); string decryptedValue = string.Empty; try { decryptedValue = crypto.Decrypt(cleanedToken); } catch (Exception ex) { throw new DecryptionException(ex); } // Spacchettamento delle informazioni Dictionary <string, string> keyValuePairs = GetTokenKeyValuePairs(decryptedValue); // Se user id passato per parametro e user id presente nel token non corrispondono, non si può procedere if (!userId.Trim().ToUpper().Equals(keyValuePairs[UID])) { throw new NoAuthenticationTokenForUserException(userId); } // Rimozione del token dal DB this.RemoveTokenFromDB(cleanedToken); } else { throw new AuthenticationTokenNotValidException(); } }
public void CryptoDataFile_EncryptedEntireFileTest() { string passphraseString = "My Passphrase"; CryptoString passphrase = new CryptoString(CryptoString.StringToSecureString(passphraseString)); CryptoCredentials credentials = new CryptoCredentials { Passphrase = passphrase, }; string dataFileName = "EncryptedFile.bin"; string fileContent = "My Test Content"; using (AutoDeleteFiles autoDeleteFile = new AutoDeleteFiles(dataFileName)) { // Save some data CryptoDataFile dataFile = new CryptoDataFile(dataFileName); byte[] content1 = Encoding.UTF8.GetBytes(fileContent); dataFile.Credentials = credentials; dataFile.EncryptFile = true; dataFile.Content = content1; dataFile.Save(); byte[] fileBytes1 = dataFile.SaveToBytes(); // Now load the data and compare CryptoDataFile dataLoader = new CryptoDataFile(dataFileName); dataLoader.Credentials = credentials; dataLoader.EncryptFile = true; dataLoader.Load(); dataLoader.LoadFromBytes(fileBytes1); byte[] content2 = dataLoader.Content; Assert.IsTrue(content1.SequenceEqual(content2)); Assert.IsTrue(dataFile.Content.SequenceEqual(dataLoader.Content)); } }
/// <summary> /// Checks a password against its hash to validate if it matches. The check automagically handles incorporating the Salt and even checks /// against all the Pepper value as well. As a User you just pass in the password and Hash and let the method do the work for you. /// </summary> /// <param name="password"></param> /// <param name="hash"></param> /// <returns></returns> public bool PasswordCheck(CryptoString password, string hash) { Hasher hasher = new Hasher(); bool isValid = false; int iterations = 0; foreach (var c in Options.PepperChars.ToArray()) { iterations++; string attemptPassword = password + Options.Salt + c; string attemptHash = hasher.SecureHash(CryptoString.SecureStringToString(password.GetSecureString()) + Options.Salt + c, SecureHashDelay); // Check if you got a hit if (hash.Equals(attemptHash)) { // You got a hit so the Password is Valid isValid = true; Debug.WriteLine($"Found a hit after {iterations} iterations."); break; } } return(isValid); }
/// <summary> /// 获取身份验证的Value /// </summary> /// <returns></returns> public static string GetAuthMenuIdEncryptValue(string key) { return(CryptoString.Encrypt(key, key)); }