private void AuthenticateUser(string login, string passwrd)
{
string dirpath = @"..\..\UsersFiles\";
dirpath += login;
string salttxt = "";
try
{
string saltpath = dirpath + "\\\\salt.txt";
using (StreamReader sr = File.OpenText(saltpath))
{
salttxt = sr.ReadLine();
}
byte[] saltBytes = Convert.FromBase64String(salttxt);
string passpath = dirpath + "\\\\paswd.txt";
string userpass;
using (StreamReader sr = File.OpenText(passpath))
{
userpass = sr.ReadLine();
}
string givenpass = SHA2salted.GenerateSHA512String(passwrd, saltBytes);
if (givenpass.Equals(userpass))
{
CurrentUser = login;
DialogResult = true;
}
else
{
MessageBox.Show("Invalid username or password", "Error", MessageBoxButton.OK, MessageBoxImage.Error);
}
}
catch (Exception)
{
throw;
}
}
private void CreateUser(string login, string password) ///////Creates a user by adding his name to userlist.txt and creating his user folder with hashed pass and salt
{ //////////also create RSA keys
string path = @"..\..\UsersFiles\UserList.txt";
string dirpath = @"..\..\UsersFiles\";
dirpath += login;
try
{
using (StreamWriter sw = File.AppendText(path)) ///////adding to userlist
{
sw.WriteLine(login);
}
byte[] salt1 = new byte[8];
using (RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider())
{
// Fill the array with a random value.
rngCsp.GetBytes(salt1);
}
System.IO.Directory.CreateDirectory(dirpath);
string passpath = dirpath + "\\\\paswd.txt";
using (StreamWriter sw = File.CreateText(passpath)) { //create the file for password
sw.WriteLine(SHA2salted.GenerateSHA512String(password, salt1));
}
string saltpath = dirpath + "\\\\salt.txt";
using (StreamWriter sw = File.CreateText(saltpath)) //create the file for salt
{
sw.WriteLine(SHA2salted.GetStringFromHash(salt1));
}
string who = "Hi " + login;
MessageBox.Show("User Created", who, MessageBoxButton.OK, MessageBoxImage.None);
//lets take a new CSP with a new 2048 bit rsa key pair
var csp = new RSACryptoServiceProvider(2048);
//how to get the private key
var privKey = csp.ExportParameters(true);
string privKeyString;
//we need some buffer
var sw1 = new System.IO.StringWriter();
//we need a serializer
var xs1 = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
//serialize the key into the stream
xs1.Serialize(sw1, privKey);
//get the string from the stream
privKeyString = sw1.ToString();
var sw2 = new System.IO.StringWriter();
//we need a serializer
var xs2 = new System.Xml.Serialization.XmlSerializer(typeof(RSAParameters));
//and the public key ...
var pubKey = csp.ExportParameters(false);
string pubKeyString;
//serialize the key into the stream
xs2.Serialize(sw2, pubKey);
//get the string from the stream
pubKeyString = sw2.ToString();
string dirpathPub = dirpath + @"\PUGB";
System.IO.Directory.CreateDirectory(dirpathPub);
dirpathPub += @"\PUGB.txt";
File.WriteAllText(dirpathPub, pubKeyString);
//using (StreamWriter sw = File.CreateText(dirpathPub))
//{ //create the file for publicKey
// sw.WriteLine(pubKeyString);
//}
string dirpathPriv = dirpath + @"\PRIV";
System.IO.Directory.CreateDirectory(dirpathPriv);
dirpathPriv += @"\PRIV.txt";
RSAHandle.EncryptPrivate(privKeyString, SHA2salted.GenerateSHA512String(password, salt1), dirpathPriv);
string resultPrivRSA = RSAHandle.DecryptPrivate(SHA2salted.GenerateSHA512String(password, salt1), dirpathPriv);
var key = RSAHandle.StringToKey(resultPrivRSA);
//we want to decrypt, therefore we need a csp and load our private key
var csp2 = new RSACryptoServiceProvider();
csp2.ImportParameters(key);
csp.PersistKeyInCsp = false;
this.Close();
}
catch (Exception)
{
throw;
}
}