/// <summary> /// Get the hash for the SHA-384 algorithim. /// </summary> /// <param name="data"> /// </param> /// <returns> /// </returns> public byte[] GetHash(byte[] data) { byte[] hash = null; using (System.Security.Cryptography.SHA384 crypto = System.Security.Cryptography.SHA384.Create()) { hash = crypto.ComputeHash(data); } return(hash); }
public override string ComputeHashFromFile(string filePath) { try { System.Security.Cryptography.SHA384 sha384 = System.Security.Cryptography.SHA384.Create(); FileStream fs = File.OpenRead(filePath); byte[] outputBytes = sha384.ComputeHash(fs); return(BitConverter.ToString(outputBytes).Replace("-", "").ToLower()); } catch (Exception e) { return("\nERROR: " + e.Message); } }
public override string ComputeHashFromText(string text) { try { System.Security.Cryptography.SHA384 sha384 = System.Security.Cryptography.SHA384.Create(); byte[] inputBytes = Encoding.UTF8.GetBytes(text); byte[] outputBytes = sha384.ComputeHash(inputBytes); return(BitConverter.ToString(outputBytes).Replace("-", "").ToLower()); } catch (Exception e) { return("\nERROR: " + e.Message); } }
public string Generate(string text) { using (System.Security.Cryptography.SHA384 sha384 = System.Security.Cryptography.SHA384.Create()) { byte[] hashBytes = sha384.ComputeHash(Encoding.ASCII.GetBytes(text)); StringBuilder sb = new StringBuilder(); for (int i = 0; i < hashBytes.Length; i++) { sb.Append(hashBytes[i].ToString("X2")); } return(sb.ToString()); } }
/// <summary> /// Register an account. Returns true if succeed, otherwise return false and write logs. /// </summary> /// <param name="username"></param> /// <param name="rawPassword"></param> /// <param name="hashType"></param> /// <returns></returns> public static bool RegisterUser(string username, string rawPassword, int hashType) { try { string hashSaltBase64 = null; string passwordHashBase64 = null; byte[] saltBytes; System.Security.Cryptography.HMAC hmac; switch (hashType) { case (int)Enums.HMAC.MD5: hashSaltBase64 = null; using (System.Security.Cryptography.MD5 hasher = System.Security.Cryptography.MD5.Create()) { passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); } break; case (int)Enums.HMAC.RIPEMD160: hashSaltBase64 = null; using (System.Security.Cryptography.RIPEMD160 hasher = System.Security.Cryptography.RIPEMD160.Create()) { passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); } break; case (int)Enums.HMAC.SHA1: hashSaltBase64 = null; using (System.Security.Cryptography.SHA1 hasher = System.Security.Cryptography.SHA1.Create()) { passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); } break; case (int)Enums.HMAC.SHA256: hashSaltBase64 = null; using (System.Security.Cryptography.SHA256 hasher = System.Security.Cryptography.SHA256.Create()) { passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); } break; case (int)Enums.HMAC.SHA384: hashSaltBase64 = null; using (System.Security.Cryptography.SHA384 hasher = System.Security.Cryptography.SHA384.Create()) { passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); } break; case (int)Enums.HMAC.SHA512: hashSaltBase64 = null; using (System.Security.Cryptography.SHA512 hasher = System.Security.Cryptography.SHA512.Create()) { passwordHashBase64 = Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); } break; case (int)Enums.HMAC.HMACMD5: saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt]; new Random().NextBytes(saltBytes); hashSaltBase64 = Convert.ToBase64String(saltBytes); hmac = new System.Security.Cryptography.HMACMD5(saltBytes); passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); break; case (int)Enums.HMAC.HMACRIPEMD160: saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt]; new Random().NextBytes(saltBytes); hashSaltBase64 = Convert.ToBase64String(saltBytes); hmac = new System.Security.Cryptography.HMACRIPEMD160(saltBytes); passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); break; case (int)Enums.HMAC.HMACSHA1: saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt]; new Random().NextBytes(saltBytes); hashSaltBase64 = Convert.ToBase64String(saltBytes); hmac = new System.Security.Cryptography.HMACSHA1(saltBytes); passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); break; case (int)Enums.HMAC.HMACSHA256: saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt]; new Random().NextBytes(saltBytes); hashSaltBase64 = Convert.ToBase64String(saltBytes); hmac = new System.Security.Cryptography.HMACSHA256(saltBytes); passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); break; case (int)Enums.HMAC.HMACSHA384: saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt]; new Random().NextBytes(saltBytes); hashSaltBase64 = Convert.ToBase64String(saltBytes); hmac = new System.Security.Cryptography.HMACSHA384(saltBytes); passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); break; case (int)Enums.HMAC.HMACSHA512: saltBytes = new byte[Settings.InitSetting.Instance.MaxNumberOfBytesInSalt]; new Random().NextBytes(saltBytes); hashSaltBase64 = Convert.ToBase64String(saltBytes); hmac = new System.Security.Cryptography.HMACSHA512(saltBytes); passwordHashBase64 = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(rawPassword))); break; default: throw new NotImplementedException("Unspecified hash type."); } var acc = new Account() { Uname = username, HashSaltBase64 = hashSaltBase64, HashTypeId = hashType, PasswordHashBase64 = passwordHashBase64, IsTwoFactor = false, TwoFactorSecretBase32 = null }; using (AuthorizeEntities ctx = new AuthorizeEntities()) { ctx.Accounts.Add(acc); ctx.SaveChanges(); } } catch (Exception ex) { Log4netLogger.Error(MethodBase.GetCurrentMethod().DeclaringType, "Cannot register user", ex); return(false); } return(true); }
public static bool Login(string username, string password) { bool isOk = false; byte[] saltBytes; System.Security.Cryptography.HMAC hmac; try { using (AuthorizeEntities ctx = new AuthorizeEntities()) { var acc = ctx.Accounts.Where(x => x.Uname == username).FirstOrDefault(); if (acc != null) { switch (acc.HashTypeId) { case (int)Enums.HMAC.MD5: using (System.Security.Cryptography.MD5 hasher = System.Security.Cryptography.MD5.Create()) { isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password)))); } break; case (int)Enums.HMAC.RIPEMD160: using (System.Security.Cryptography.RIPEMD160 hasher = System.Security.Cryptography.RIPEMD160.Create()) { isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password)))); } break; case (int)Enums.HMAC.SHA1: using (System.Security.Cryptography.SHA1 hasher = System.Security.Cryptography.SHA1.Create()) { isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password)))); } break; case (int)Enums.HMAC.SHA256: using (System.Security.Cryptography.SHA256 hasher = System.Security.Cryptography.SHA256.Create()) { isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password)))); } break; case (int)Enums.HMAC.SHA384: using (System.Security.Cryptography.SHA384 hasher = System.Security.Cryptography.SHA384.Create()) { isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password)))); } break; case (int)Enums.HMAC.SHA512: using (System.Security.Cryptography.SHA512 hasher = System.Security.Cryptography.SHA512.Create()) { isOk = acc.PasswordHashBase64.Equals(Convert.ToBase64String(hasher.ComputeHash(Encoding.UTF8.GetBytes(password)))); } break; case (int)Enums.HMAC.HMACMD5: saltBytes = Convert.FromBase64String(acc.HashSaltBase64); hmac = new System.Security.Cryptography.HMACMD5(saltBytes); isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64); break; case (int)Enums.HMAC.HMACRIPEMD160: saltBytes = Convert.FromBase64String(acc.HashSaltBase64); hmac = new System.Security.Cryptography.HMACRIPEMD160(saltBytes); isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64); break; case (int)Enums.HMAC.HMACSHA1: saltBytes = Convert.FromBase64String(acc.HashSaltBase64); hmac = new System.Security.Cryptography.HMACSHA1(saltBytes); isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64); break; case (int)Enums.HMAC.HMACSHA256: saltBytes = Convert.FromBase64String(acc.HashSaltBase64); hmac = new System.Security.Cryptography.HMACSHA256(saltBytes); isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64); break; case (int)Enums.HMAC.HMACSHA384: saltBytes = Convert.FromBase64String(acc.HashSaltBase64); hmac = new System.Security.Cryptography.HMACSHA384(saltBytes); isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64); break; case (int)Enums.HMAC.HMACSHA512: saltBytes = Convert.FromBase64String(acc.HashSaltBase64); hmac = new System.Security.Cryptography.HMACSHA512(saltBytes); isOk = Convert.ToBase64String(hmac.ComputeHash(Encoding.UTF8.GetBytes(password))).Equals(acc.PasswordHashBase64); break; default: throw new NotImplementedException("Unspecified hash type."); } } } } catch (Exception ex) { Log4netLogger.Error(MethodBase.GetCurrentMethod().DeclaringType, "Cannot login", ex); isOk = false; } return(isOk); }