C# (CSharp) BodyMonitorApp HashSaltの例

コード例 #1

        public void UpdatePassword(object obj)
        {
            //gets password box values from command parameters on view
            var         pswBoxes       = obj as List <object>;
            PasswordBox pwdBox         = pswBoxes[0] as PasswordBox;
            PasswordBox pwdBoxRepeat   = pswBoxes[1] as PasswordBox;
            var         password       = pwdBox.Password;
            var         passwordRepeat = pwdBoxRepeat.Password;

            if (string.IsNullOrEmpty(password))
            {
                MessageBox.Show("Missing password!");
            }

            else if (password != passwordRepeat)
            {
                MessageBox.Show("Passwords don't match!");
            }

            else
            {
                //hashing data
                var hashSalt = HashSalt.GenerateSaltedHash(64, password);
                Queries.UpdatePassword(UserLogin, hashSalt);
            }
        }

コード例 #2

        public static void UpdatePassword(string userLogin, HashSalt hashSalt)
        {
            int userId = GetUserId(userLogin);

            try
            {
                // get connection string from Connections Helper Class
                SqlConnection conn = new SqlConnection(Connections.ConnectionString);

                string sql = "UPDATE dbo.Users " +
                             "SET UserPassword, Hash=@Hash, Salt=@Salt" +
                             " WHERE UserId=@UserId";

                conn.Open();

                SqlCommand cmd = new SqlCommand(sql, conn);
                cmd.Parameters.Add("@UserId", SqlDbType.Int).Value   = userId;
                cmd.Parameters.Add("@Hash", SqlDbType.VarChar).Value = hashSalt.Hash;
                cmd.Parameters.Add("@Salt", SqlDbType.VarChar).Value = hashSalt.Salt;

                int result = cmd.ExecuteNonQuery();

                if (result > 0)
                {
                    MessageBox.Show("Data Updated!");
                }
            }

            catch (SqlException ex)
            {
                string errorMessage = $"Error: {ex}";
                MessageBox.Show(errorMessage);
            }
        }

コード例 #3

ファイル: HashSalt.cs プロジェクト: matchodura/BodyMonitorApp

        public static HashSalt GenerateSaltedHash(int size, string password)
        {
            var saltBytes = new byte[size];
            var provider  = new RNGCryptoServiceProvider();

            provider.GetNonZeroBytes(saltBytes);
            var salt = Convert.ToBase64String(saltBytes);

            var rfc2898DeriveBytes = new Rfc2898DeriveBytes(password, saltBytes, 10000);
            var hashPassword       = Convert.ToBase64String(rfc2898DeriveBytes.GetBytes(256));

            HashSalt hashSalt = new HashSalt {
                Hash = hashPassword, Salt = salt
            };

            return(hashSalt);
        }

コード例 #4

        public LoginModel LoginUser(string password)
        {
            LoginModel login = new LoginModel
            {
                UserName     = UserLogin,
                UserPassword = password,
                IsValidated  = false
            };

            if (string.IsNullOrWhiteSpace(login.UserName))
            {
                MessageBox.Show("Missing Login!");
            }

            else if (string.IsNullOrEmpty(login.UserPassword))
            {
                MessageBox.Show("Missing Password!");
            }

            else
            {
                LoginModel user = Queries.GetUser(login.UserName);

                if (user.UserName != null)
                {
                    bool isValidated = HashSalt.VerifyPassword(password, user.Hash, user.Salt);

                    if (isValidated)
                    {
                        login.UserId        = user.UserId;
                        CurrentLogin.UserId = login.UserId;
                        login.IsValidated   = true;
                        MessageBox.Show("Login Sucessfull!");
                    }

                    else
                    {
                        login.IsValidated = false;
                        MessageBox.Show("Wrong Password!");
                    }
                }
            }

            return(login);
        }

コード例 #5

        /// <summary>
        /// creates user account bassed on credentials provided in create account view
        /// </summary>
        public bool CreateAccount(object obj)
        {
            //gets password box values from command parameters on view
            var         pswBoxes     = obj as List <object>;
            PasswordBox pwdBox       = pswBoxes[0] as PasswordBox;
            PasswordBox pwdBoxRepeat = pswBoxes[1] as PasswordBox;

            var password       = pwdBox.Password;
            var passwordRepeat = pwdBoxRepeat.Password;

            if (string.IsNullOrEmpty(password))
            {
                MessageBox.Show("Missing password!");
            }

            else if (password != passwordRepeat)
            {
                MessageBox.Show("Passwords don't match!");
            }

            else
            {
                //hashing data
                var hashSalt = HashSalt.GenerateSaltedHash(64, password);

                AccountModel account = new AccountModel
                {
                    UserLogin      = UserLogin.Trim(),
                    UserBirthday   = UserBirthday,
                    UserHeight     = UserHeight,
                    UserName       = UserName,
                    UserMail       = UserMail,
                    UserGender     = UserGender,
                    SecretQuestion = SelectedItem.Symbol,
                    SecretAnswer   = SecretAnswer,
                    HashSalt       = hashSalt
                };

                Queries.CreateUserAccount(account);
            }


            return(true);
        }