public async Task <Response> Login(string username, string password) { try { var account = await context.Account.Include(x => x.IdNavigation) .Where(x => x.Username.Equals(username) || x.Email.Equals(username)) .FirstOrDefaultAsync(); if (account != null) { var check = await Task.FromResult <bool>(CryptographyHelper.AreEqual(password, account.Password, account.Salt)); if (check) { return(new Response("Success", true, 1, account)); } } return(new Response("Username or Password was wrong!", false, 0, null)); } catch (Exception e) { return(Response.CatchError(e.Message)); } }
public static byte[] Decrypt(byte[] input) { if (_defaultKey == null || _defaultKey.Length == 0) { throw new Exception("Key can not be empty."); } if (input == null || input.Length == 0) { throw new ArgumentException("Input can not be empty."); } byte[] data = new byte[0]; try { using (var ms = new MemoryStream(input)) { using (var aesProvider = new AesCryptoServiceProvider()) { aesProvider.KeySize = 128; aesProvider.BlockSize = 128; aesProvider.Mode = CipherMode.CBC; aesProvider.Padding = PaddingMode.PKCS7; aesProvider.Key = _defaultKey; // read first 32 bytes for HMAC using (var hmac = new HMACSHA256(_defaultAuthKey)) { var hash = hmac.ComputeHash(ms.ToArray(), HmacSha256Length, ms.ToArray().Length - HmacSha256Length); byte[] receivedHash = new byte[HmacSha256Length]; ms.Read(receivedHash, 0, receivedHash.Length); if (!CryptographyHelper.AreEqual(hash, receivedHash)) { return(data); } } byte[] iv = new byte[IvLength]; ms.Read(iv, 0, IvLength); // read next 16 bytes for IV, followed by ciphertext aesProvider.IV = iv; using (var cs = new CryptoStream(ms, aesProvider.CreateDecryptor(), CryptoStreamMode.Read)) { byte[] temp = new byte[ms.Length - IvLength + 1]; data = new byte[cs.Read(temp, 0, temp.Length)]; Buffer.BlockCopy(temp, 0, data, 0, data.Length); } } } } catch { } return(data); }
public void AreEqual_IncorrectPassword_ReturnsTrue() { //Arrange CryptographyHelper cryptoHelper = new CryptographyHelper(); string salt = "/3Pfhl6cxR28WuOtn2IDrLi5F2eJwpLOfGTvG65wbUnbAHSBdPpIbV/CXu03KLfgQh8ruS30B+KUlhoLUOJhBQ=="; string password = "******"; string hash = "IBXJ6OEItl05rn1Fk2ex0frVEFO5udRPE/kZ5jPHGEw="; //Act var result = cryptoHelper.AreEqual(password, hash, salt); //Assert Assert.IsFalse(result); }
public static void HandleVerifyUnfinishedTransfers(Packets.ServerPackets.DoVerifyUnfinishedTransfers command, Client client) { var transferIDs = new List <int>(); var transferTypes = new List <bool>(); for (var i = 0; i < command.Files.Length; i++) { try { var path = command.Files[i]; bool isFile = false; if (!(isFile = File.Exists(path)) && !Directory.Exists(path)) { continue; } using (var fs = new FileStream(path, FileMode.Open)) { byte[] magicBuffer = new byte[sizeof(int)]; fs.Read(magicBuffer, 0, magicBuffer.Length); // If the file has magic it means it's a virtual directory AKA folder transferTypes.Add(BitConverter.ToInt32(magicBuffer, 0) != VirtualDirectory.Magic); } var localHash = new byte[FileSplit.MAX_BLOCK_SIZE]; var remoteHash = new byte[16]; Buffer.BlockCopy(command.SampleHashes, i * 16, remoteHash, 0, 16); using (var fs = new FileStream(path, FileMode.Open)) { fs.Seek(-FileSplit.MAX_BLOCK_SIZE, SeekOrigin.End); fs.Read(localHash, 0, localHash.Length); } using (var md5 = MD5.Create()) localHash = md5.ComputeHash(localHash); if (!CryptographyHelper.AreEqual(localHash, remoteHash)) { continue; } transferIDs.Add(command.TransferIDs[i]); } catch { } } new DoVerifyUnfinishedTransferResponse(transferIDs.ToArray(), transferTypes.ToArray()).Execute(client); }
public async Task <Response> CheckCurrentPassword(Account account, string password) { var check = await Task.FromResult <bool>(CryptographyHelper.AreEqual(password, account.Password, account.Salt)); if (check) { return(new Response("Success", true, 1, account.Password)); } else { return(new Response("This password was wrong!", false, 0, null)); } }