public byte[] Connect(string username, string masterPassword){
using (var db = new TP1Context())
{
var data = from u in db.Users where u.Username == username select u;
User user = data.FirstOrDefault();
if(user == null){
return null;
}
using(var sha256 = SHA256.Create())
{
byte[] salt = Convert.FromBase64String(user.Salt);
byte[] passwordBytes = System.Text.Encoding.Unicode.GetBytes(masterPassword);
byte[] encodedBytes = new byte[passwordBytes.Length + salt.Length];
passwordBytes.CopyTo(encodedBytes, 0);
salt.CopyTo(encodedBytes,passwordBytes.Length);
var hashedBytes = sha256.ComputeHash(encodedBytes);
string encodedTxt = Convert.ToBase64String(encodedBytes);
if(encodedTxt != user.Password){
return null;
}
return KeyDerivation.Pbkdf2(masterPassword, salt, KeyDerivationPrf.HMACSHA256, 10000, 256/8);
}
}
}
public void TestHash(string username){
using (var db = new TP1Context())
{
var data = db.Users.Where(u => u.Username == username);
User user = data.FirstOrDefault();
if(user == null){
System.Console.WriteLine("User does not exist");
}
System.Console.WriteLine("{0}:{1}",user.Salt,user.Password);
}
}
public void ShowPassword(string username, byte[] encryptionKey, string tag){
using (var db = new TP1Context())
{
var data = db.Users.Include(u => u.SavedPassword).Where(u => u.Username == username);
User user = data.FirstOrDefault();
if(user == null || user.SavedPassword == null){
System.Console.WriteLine("Password does not exist");
return;
}
Password pwd = user.SavedPassword.Where(p => p.Tag == tag).FirstOrDefault();
if(pwd == null){
System.Console.WriteLine("Password does not exist");
return;
}
var fullCipher = Convert.FromBase64String(pwd.SavedPassword);
var iv = new byte[16];
var cipher = new byte[fullCipher.Length - 16];
Buffer.BlockCopy(fullCipher, 0, iv, 0, iv.Length);
Buffer.BlockCopy(fullCipher, iv.Length, cipher, 0, iv.Length);
using (var aesAlg = Aes.Create())
{
using (var decryptor = aesAlg.CreateDecryptor(encryptionKey, iv))
{
string result;
using (var msDecrypt = new MemoryStream(cipher))
{
using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read))
{
using (var srDecrypt = new StreamReader(csDecrypt))
{
result = srDecrypt.ReadToEnd();
}
}
}
System.Console.WriteLine(result);
}
}
}
}
public void AddPassword(string username, byte[] encryptionKey, string tag, string password){
using (var db = new TP1Context())
{
var data = from u in db.Users where u.Username == username select u;
User user = data.FirstOrDefault();
using (var aesAlg = Aes.Create())
{
using (var encryptor = aesAlg.CreateEncryptor(encryptionKey, aesAlg.IV))
{
using (var msEncrypt = new MemoryStream())
{
using (var csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
using (var swEncrypt = new StreamWriter(csEncrypt))
{
swEncrypt.Write(password);
}
var iv = aesAlg.IV;
var decryptedContent = msEncrypt.ToArray();
var result = new byte[iv.Length + decryptedContent.Length];
Buffer.BlockCopy(iv, 0, result, 0, iv.Length);
Buffer.BlockCopy(decryptedContent, 0, result, iv.Length, decryptedContent.Length);
string base64Password = Convert.ToBase64String(result);
db.Passwords.Add(new Password(){
SavedPassword = base64Password,
User = user,
UserId = user.UserID,
Tag = tag
});
if(db.SaveChanges() == 1){
System.Console.WriteLine("OK");
}else{
System.Console.WriteLine("Error id DB save");
}
}
}
}
}
}
public void TestPassword(string username, string tag){
using (var db = new TP1Context())
{
var data = db.Users.Include(u => u.SavedPassword).Where(u => u.Username == username);
User user = data.FirstOrDefault();
if(user == null || user.SavedPassword == null){
System.Console.WriteLine("Password does not exist");
return;
}
Password pwd = user.SavedPassword.Where(p => p.Tag == tag).FirstOrDefault();
if(pwd == null){
System.Console.WriteLine("Password does not exist");
return;
}
System.Console.WriteLine(pwd.SavedPassword);
}
}
public bool Register(string username, string masterPassword){
using (var db = new TP1Context())
{
var data = from u in db.Users where u.Username == username select u;
User user = data.FirstOrDefault();
if(user != null){
System.Console.WriteLine("User already exists");
return false;
}
byte[] salt = new byte[128 / 8];
using(var keyGenerator = RandomNumberGenerator.Create())
{
keyGenerator.GetBytes(salt);
string encodedSalt = Convert.ToBase64String(salt);
using(var sha256 = SHA256.Create())
{
// Send a sample text to hash.
byte[] passwordBytes = System.Text.Encoding.Unicode.GetBytes(masterPassword);
byte[] encodedBytes = new byte[passwordBytes.Length + salt.Length];
passwordBytes.CopyTo(encodedBytes, 0);
salt.CopyTo(encodedBytes,passwordBytes.Length);
var hashedBytes = sha256.ComputeHash(encodedBytes);
string encodedTxt = Convert.ToBase64String(encodedBytes);
user = new User(){
Username= username,
Password= encodedTxt,
Salt=encodedSalt,
};
db.Users.Add(user);
return db.SaveChanges() == 1;
}
}
}
}
public AlunoController()
{
context = new TP1Context();
}
public AccountController()
{
context = new TP1Context();
}
public PropostaController()
{
context = new TP1Context();
}
public AdminController()
{
docentes = new List <Docente>();
context = new TP1Context();
}
public DocenteController()
{
context = new TP1Context();
}
public EmpresaController()
{
context = new TP1Context();
}
