Esempio n. 1
0
 private bool ValidatePasswordEncrypted(UserPartRecord partRecord, string password) {
     return String.Equals(password, Encoding.UTF8.GetString(_encryptionService.Decode(Convert.FromBase64String(partRecord.Password))), StringComparison.Ordinal);
 }
Esempio n. 2
0
        private static bool ValidatePasswordHashed(UserPartRecord partRecord, string password) {

            var saltBytes = Convert.FromBase64String(partRecord.PasswordSalt);

            var passwordBytes = Encoding.Unicode.GetBytes(password);

            var combinedBytes = saltBytes.Concat(passwordBytes).ToArray();

            byte[] hashBytes;
            using (var hashAlgorithm = HashAlgorithm.Create(partRecord.HashAlgorithm)) {
                hashBytes = hashAlgorithm.ComputeHash(combinedBytes);
            }
            
            return partRecord.Password == Convert.ToBase64String(hashBytes);
        }
Esempio n. 3
0
 private void SetPasswordEncrypted(UserPartRecord partRecord, string password) {
     partRecord.Password = Convert.ToBase64String(_encryptionService.Encode(Encoding.UTF8.GetBytes(password))); 
     partRecord.PasswordSalt = null; 
 }
Esempio n. 4
0
        private static void SetPasswordHashed(UserPartRecord partRecord, string password) {

            var saltBytes = new byte[0x10];
            using (var random = new RNGCryptoServiceProvider()) {
                random.GetBytes(saltBytes);
            }

            var passwordBytes = Encoding.Unicode.GetBytes(password);

            var combinedBytes = saltBytes.Concat(passwordBytes).ToArray();

            byte[] hashBytes;
            using (var hashAlgorithm = HashAlgorithm.Create(partRecord.HashAlgorithm)) {
                hashBytes = hashAlgorithm.ComputeHash(combinedBytes);
            }

            partRecord.PasswordFormat = MembershipPasswordFormat.Hashed;
            partRecord.Password = Convert.ToBase64String(hashBytes);
            partRecord.PasswordSalt = Convert.ToBase64String(saltBytes);
        }
Esempio n. 5
0
 private static bool ValidatePasswordClear(UserPartRecord partRecord, string password) {
     return partRecord.Password == password;
 }
Esempio n. 6
0
 private static void SetPasswordClear(UserPartRecord partRecord, string password) {
     partRecord.PasswordFormat = MembershipPasswordFormat.Clear;
     partRecord.Password = password;
     partRecord.PasswordSalt = null;
 }
Esempio n. 7
0
 private bool ValidatePassword(UserPartRecord partRecord, string password) {
     // Note - the password format stored with the record is used
     // otherwise changing the password format on the site would invalidate
     // all logins
     switch (partRecord.PasswordFormat) {
         case MembershipPasswordFormat.Clear:
             return ValidatePasswordClear(partRecord, password);
         case MembershipPasswordFormat.Hashed:
             return ValidatePasswordHashed(partRecord, password);
         case MembershipPasswordFormat.Encrypted:
             return ValidatePasswordEncrypted(partRecord, password);
         default:
             throw new ApplicationException("Unexpected password format value");
     }
 }
Esempio n. 8
0
 void SetPassword(UserPartRecord partRecord, string password) {
     switch (GetSettings().PasswordFormat) {
         case MembershipPasswordFormat.Clear:
             SetPasswordClear(partRecord, password);
             break;
         case MembershipPasswordFormat.Hashed:
             SetPasswordHashed(partRecord, password);
             break;
         case MembershipPasswordFormat.Encrypted:
             SetPasswordEncrypted(partRecord, password);
             break;
         default:
             throw new ApplicationException(T("Unexpected password format value").ToString());
     }
 }