public PasswordMatcher(PBKDF2Password password, SecureString matchPattern, bool leaveOpen)
{
_hash = password.Hash;
_salt = password.Salt;
_iterations = password.Iterations;
int length = matchPattern.Length;
char[] chars = new char[length];
IntPtr pointer = IntPtr.Zero;
try
{
pointer = Marshal.SecureStringToBSTR(matchPattern);
Marshal.Copy(pointer, chars, 0, length);
}
finally
{
if (pointer != IntPtr.Zero)
{
Marshal.ZeroFreeBSTR(pointer);
}
if (!leaveOpen)
{
matchPattern.Dispose();
}
}
Buffer.BlockCopy(chars, 0, _matchPattern, 0, chars.Length);
for (int i = 0; i < chars.Length; i++)
{
chars[i] = '0';
}
LeaveOpen = leaveOpen;
}
public PasswordMatcher(PBKDF2Password password, string matchPattern, bool leaveOpen)
{
_hash = password.Hash;
_salt = password.Salt;
_iterations = password.Iterations;
byte[] bytes = new byte[matchPattern.Length * sizeof(char)];
Buffer.BlockCopy(matchPattern.ToCharArray(), 0, bytes, 0, bytes.Length);
_matchPattern = bytes;
LeaveOpen = leaveOpen;
}
public PasswordMatcher(PBKDF2Password password, byte[] matchPattern, bool leaveOpen)
{
_hash = password.Hash;
_salt = password.Salt;
_iterations = password.Iterations;
_matchPattern = matchPattern;
LeaveOpen = leaveOpen;
}
internal bool CreateUser(User user)
{
//create Query voor de users
using (NpgsqlCommand cmd = new NpgsqlCommand())
{
PBKDF2Password password = new PBKDF2Password(user.Password);
//Maak een speciaal geEncrypt Password aan.
cmd.Connection = _connection;
_transaction = cmd.Connection.BeginTransaction();
cmd.CommandText = "INSERT INTO \"user\" (id, first_name, last_name, username, password_hash, password_salt, password_iterations, email_address, date_of_birth, role)"
+ "VALUES(((SELECT COUNT(id) FROM \"user\")+1), @first_name, @last_name, @username, @password_hash, @password_salt, @password_iterations, @email_address, @date_of_birth, @role)";
cmd.Parameters.AddWithValue("first_name", user.FirstName);
cmd.Parameters.AddWithValue("last_name", user.LastName);
cmd.Parameters.AddWithValue("username", user.Username);
cmd.Parameters.AddWithValue("password_hash", password.Hash);
cmd.Parameters.AddWithValue("password_salt", password.Salt);
cmd.Parameters.AddWithValue("password_iterations", password.Iterations);
cmd.Parameters.AddWithValue("email_address", user.Email);
cmd.Parameters.AddWithValue("date_of_birth", user.DateOfBirth);
cmd.Parameters.AddWithValue("role", (int)user.Role);
//Parameters
bool success = parseNonqueryResult(cmd.ExecuteNonQuery());
if (success)
{
_transaction.Commit();
_transaction.Dispose();
setAddress(user);
return success; //Commit als het sucessvol is
}
_transaction.Rollback();
_transaction.Dispose();
return success; //Rollback en dispose als het niet lukt
}
}
