public void CompareHashWithSalt()
        {
            IHashProvider hashProvider = SaltedHashProvider;

            byte[] providerHash = hashProvider.CreateHash(plainText);
            Assert.IsTrue(hashProvider.CompareHash(plainText, providerHash), "true");

            byte[] badHash = new byte[50];
            RNGCryptoServiceProvider.Create().GetBytes(badHash);
            Assert.IsFalse(hashProvider.CompareHash(plainText, badHash), "false");
        }
Esempio n. 2
0
        internal static bool CompareHash(IHashProvider provider, string plaintext, string hashedText)
        {
            byte[] bytes      = Encoding.Unicode.GetBytes(plaintext);
            byte[] hashedtext = Convert.FromBase64String(hashedText);
            bool   flag       = provider.CompareHash(bytes, hashedtext);

            CryptographyUtility.GetRandomBytes(bytes);
            return(flag);
        }
Esempio n. 3
0
        internal static bool CompareHash(string hashInstance, byte[] plaintext, byte[] hashedText, ConfigurationContext context)
        {
            ArgumentValidation.CheckForNullReference(hashInstance, "hashInstance");
            ArgumentValidation.CheckForEmptyString(hashInstance, "hashInstance");

            HashProviderFactory factory      = new HashProviderFactory(context);
            IHashProvider       hashProvider = factory.CreateHashProvider(hashInstance);

            return(hashProvider.CompareHash(plaintext, hashedText));
        }
        /// <devdoc>
        /// Compares the password passed in against the password stored in the database.
        /// </devdoc>
        private bool PasswordsMatch(byte[] password, string userName)
        {
            DbAuthenticationProviderData dbAuthenticationProviderData = (DbAuthenticationProviderData)securityConfigurationView.GetAuthenticationProviderData(ConfigurationName);
            bool            result  = false;
            UserRoleManager manager = new UserRoleManager(dbAuthenticationProviderData.Database, securityConfigurationView.ConfigurationContext);

            byte[] hashedPassword = manager.GetPassword(userName);

            if (hashedPassword != null)
            {
                HashProviderFactory hashFactory  = new HashProviderFactory(securityConfigurationView.ConfigurationContext);
                IHashProvider       hashProvider = hashFactory.CreateHashProvider(dbAuthenticationProviderData.HashProvider);
                result = hashProvider.CompareHash(password, hashedPassword);
            }
            return(result);
        }
Esempio n. 5
0
        /// <overrides>
        /// Compares plain text input with a computed hash using the given hash provider instance.
        /// </overrides>
        /// <summary>
        /// Compares plain text input with a computed hash using the given hash provider instance.
        /// </summary>
        /// <remarks>
        /// Use this method to compare hash values. Since hashes may contain a random "salt" value, two seperately generated
        /// hashes of the same plain text may result in different values.
        /// </remarks>
        /// <param name="hashInstance">A hash instance from configuration.</param>
        /// <param name="plaintext">The input for which you want to compare the hash to.</param>
        /// <param name="hashedText">The hash value for which you want to compare the input to.</param>
        /// <returns><c>true</c> if plainText hashed is equal to the hashedText. Otherwise, <c>false</c>.</returns>
        public static bool CompareHash(string hashInstance, byte[] plaintext, byte[] hashedText)
        {
            if (string.IsNullOrEmpty(hashInstance))
            {
                throw new ArgumentException(Resources.ExceptionNullOrEmptyString, "hashInstance");
            }

            try
            {
                HashProviderFactory factory      = new HashProviderFactory(ConfigurationSourceFactory.Create());
                IHashProvider       hashProvider = factory.Create(hashInstance);

                return(hashProvider.CompareHash(plaintext, hashedText));
            }
            catch (ConfigurationErrorsException configurationException)
            {
                TryLogHashConfigurationError(configurationException, hashInstance);

                throw;
            }
        }
        /// <overrides>
        /// Compares plain text input with a computed hash using the given hash provider instance.
        /// </overrides>
        /// <summary>
        /// Compares plain text input with a computed hash using the given hash provider instance.
        /// </summary>
        /// <remarks>
        /// Use this method to compare hash values. Since hashes may contain a random "salt" value, two seperately generated
        /// hashes of the same plain text may result in different values.
        /// </remarks>
        /// <param name="hashInstance">A hash instance from configuration.</param>
        /// <param name="plaintext">The input for which you want to compare the hash to.</param>
        /// <param name="hashedText">The hash value for which you want to compare the input to.</param>
        /// <returns><c>true</c> if plainText hashed is equal to the hashedText. Otherwise, <c>false</c>.</returns>
        public override bool CompareHash(string hashInstance, byte[] plaintext, byte[] hashedText)
        {
            IHashProvider hashProvider = GetHashProvider(hashInstance);

            return(hashProvider.CompareHash(plaintext, hashedText));
        }
        internal static bool CompareHash(IHashProvider provider, string plaintext, string hashedText)
        {
            byte[] plainTextBytes = UnicodeEncoding.Unicode.GetBytes(plaintext);
            byte[] hashedTextBytes = Convert.FromBase64String(hashedText);

            bool result = provider.CompareHash(plainTextBytes, hashedTextBytes);
            CryptographyUtility.GetRandomBytes(plainTextBytes);

            return result;
        }
Esempio n. 8
0
 internal static bool CompareHash(IHashProvider provider, string plaintext, string hashedText)
 {
     byte[] bytes = Encoding.Unicode.GetBytes(plaintext);
     byte[] hashedtext = Convert.FromBase64String(hashedText);
     bool flag = provider.CompareHash(bytes, hashedtext);
     CryptographyUtility.GetRandomBytes(bytes);
     return flag;
 }