public static string DecryptSensitiveData(string encryptedData, byte[] salt, byte[] keyBytesArray)
{
var dataBytesArray = HexToBytesConverter.HexStringToBytesArray(encryptedData);
var key = Key.Import(AeadAlgorithm.ChaCha20Poly1305, keyBytesArray, KeyBlobFormat.NSecSymmetricKey);
var nonce = new Nonce(salt, 0);
var decryptedData = AeadAlgorithm.ChaCha20Poly1305.Decrypt(key, nonce, null, dataBytesArray, out var plaintext);
if (decryptedData)
{
var hashedEncryptedData = HexToBytesConverter.BytesArrayToHexString(plaintext);
return(hashedEncryptedData);
}
throw new Exception("Decryption failed");
}
public async Task <string> Get(string email)
{
var user = await _userRepository.Get(email);
if (user != null)
{
var salt = HexToBytesConverter.HexStringToBytesArray(user.CreditCardSalt);
var key = _keyVault.Get();
var hashedCreditCard = PasswordEncryptor.DecryptSensitiveData(user.CreditCardHash, salt, key);
var creditCard = HexToBytesConverter.HexStringToBytesArray(hashedCreditCard);
return(Encoding.Default.GetString(creditCard));
}
throw new Exception("Decryption failed");
}
public async Task <UserModel> Login(UserModel userModel)
{
var userEntity = await _userRepository.Get(userModel.Username);
if (userEntity != null)
{
var salt = HexToBytesConverter.HexStringToBytesArray(userEntity.PasswordSalt);
var hashedPassword = PasswordEncryptor.HashPassword(userModel.Password, salt);
if (hashedPassword == userEntity.PasswordHash)
{
userModel.Token = "Fake-Token";
return(userModel);
}
}
throw new Exception("Login failed");
}
