/// <summary>
/// Decode the password.
/// </summary>
/// <param name="password">The password to decode.</param>
/// <param name="passwordFormat">The password format type to decode with.</param>
/// <param name="originalPassword">The original password (used when format is Hashed).</param>
/// <param name="hashcodeType">The the hash code type (used when format is Hashed).</param>
/// <returns>The decoded password (if format is Hashed and the hash has been verified to be
/// the same then the original password is returned; else the password is returned).</returns>
public string Decode(string password, Cryptography.PasswordFormat passwordFormat, string originalPassword = "",
Nequeo.Cryptography.HashcodeType hashcodeType = Cryptography.HashcodeType.SHA512)
{
// If authorised.
if (IsAuthorised())
{
// Select the format.
switch (passwordFormat)
{
case Cryptography.PasswordFormat.Encrypted:
// Convert the HEX string to bytes.
byte[] bytes = Nequeo.Conversion.Context.HexStringToByteArray(password);
// Decrypt the data
byte[] decryptedData = new Nequeo.Cryptography.AdvancedAES().DecryptFromMemory(bytes, KeyContainer._passwordKey);
return(Encoding.Default.GetString(decryptedData).Replace("\0", ""));
case Cryptography.PasswordFormat.Hashed:
// Get the salt.
string saltBase = password.Substring(0, KeyContainer._saltLength * 2);
byte[] saltBaseBytes = Nequeo.Conversion.Context.HexStringToByteArray(saltBase);
string salt = Encoding.Default.GetString(saltBaseBytes);
// Return the salt for the hash.
string hash = Nequeo.Cryptography.Hashcode.GetHashcode(originalPassword + _authorisationKey + salt, hashcodeType);
// Get the hex salt.
byte[] saltBase64 = Encoding.Default.GetBytes(salt);
string hashed = Nequeo.Conversion.Context.ByteArrayToHexString(saltBase64) + hash;
// If the hash is the password.
if (hashed.Equals(password))
{
return(originalPassword);
}
else
{
return(password);
}
case Cryptography.PasswordFormat.Clear:
default:
return(password);
}
}
else
{
if (passwordFormat == Cryptography.PasswordFormat.Clear)
{
return(password);
}
else
{
throw new Exception("Authorisation Failed.");
}
}
}
/// <summary>
/// Encode the password.
/// </summary>
/// <param name="password">The password to encode.</param>
/// <param name="passwordFormat">The password format type to encode with.</param>
/// <param name="hashcodeType">The hash code type (used when format is Hashed).</param>
/// <returns>The encode password (includes at the start of the password the encoded salt).</returns>
public string Encode(string password, Cryptography.PasswordFormat passwordFormat,
Nequeo.Cryptography.HashcodeType hashcodeType = Cryptography.HashcodeType.SHA512)
{
// If authorised.
if (IsAuthorised())
{
// Select the format.
switch (passwordFormat)
{
case Cryptography.PasswordFormat.Encrypted:
// Encrypt the data.
byte[] data = Encoding.Default.GetBytes(password);
byte[] encryptedData = new Nequeo.Cryptography.AdvancedAES().EncryptToMemory(data, KeyContainer._passwordKey);
return(Nequeo.Conversion.Context.ByteArrayToHexString(encryptedData));
case Cryptography.PasswordFormat.Hashed:
// Encode the password to a hash.
string salt = Nequeo.Cryptography.Hashcode.GenerateSalt(KeyContainer._saltLength, KeyContainer._saltLength);
byte[] saltBase = Encoding.Default.GetBytes(salt);
// Password - based Key Derivation Functions.
Rfc2898DeriveBytes rfcDerive = new Rfc2898DeriveBytes(password, saltBase, KeyContainer._numberOfIterations);
string derivedPassword = Encoding.Default.GetString(rfcDerive.GetBytes(KeyContainer._saltLength * 2));
// Get the hex salt.
string hash = Nequeo.Cryptography.Hashcode.GetHashcode(derivedPassword + _authorisationKey + salt, hashcodeType);
_encodedSalt = Nequeo.Conversion.Context.ByteArrayToHexString(saltBase);
return(_encodedSalt + hash);
case Cryptography.PasswordFormat.Clear:
default:
return(password);
}
}
else
{
if (passwordFormat == Cryptography.PasswordFormat.Clear)
{
return(password);
}
else
{
throw new Exception("Authorisation Failed.");
}
}
}
