public async Task <AccountDto> CreateAccountAsync(AccountDto acct) { var salt = PasswordProtector.GenerateSalt(); var randPassword = PasswordProtector.GenerateSalt(10); var newAcct = _mapper.Map <Account>(acct); newAcct.PasswordSalt = salt; newAcct.PasswordHash = PasswordProtector.SaltString(salt, randPassword); newAcct.CreatedAt = DateTime.Now; newAcct.UpdatedAt = DateTime.Now; _accountUnitOfWork.Repository.Add(newAcct); await _accountUnitOfWork.SaveChangesAsync().ConfigureAwait(false); Task.Run(async() => { try { await _emailSender .SendEmailAsync(acct.Email, "GradeBook account created", $"Account password: {randPassword}") .ConfigureAwait(false); } catch (Exception) { _logger.LogError($"Failed to send email with password to user {acct.Email}"); } }); return(await GetAccountAsync(newAcct.Login).ConfigureAwait(false)); }
public async Task ResetPasswordAsync(string login) { var acctToUpdate = await _accountUnitOfWork.Repository.GetByLoginAsync(login).ConfigureAwait(false); if (acctToUpdate == null) { throw new ResourceNotFoundException($"Аккаунт {login} не знайдено"); } var salt = PasswordProtector.GenerateSalt(); var newPassword = PasswordProtector.GenerateSalt(10); acctToUpdate.PasswordSalt = salt; acctToUpdate.PasswordHash = PasswordProtector.SaltString(salt, newPassword); acctToUpdate.UpdatedAt = DateTime.Now; await _accountUnitOfWork.SaveChangesAsync().ConfigureAwait(false); Task.Run(async() => { try { await _emailSender .SendEmailAsync(acctToUpdate.Login, "GradeBook password reset", $"New password: {newPassword}") .ConfigureAwait(false); } catch (Exception) { _logger.LogError($"Failed to send email with password to user {login}"); } }); }
public async Task <IActionResult> Register(UserAccount userAccount) { if (userAccount != null && !string.IsNullOrEmpty(userAccount.Email) && !string.IsNullOrEmpty(userAccount.Password)) { var passwordDetails = PasswordProtector.GetHashAndSalt(userAccount.Password); userAccount.Password = passwordDetails.HashText; userAccount.PasswordSalt = passwordDetails.SaltText; userAccount.HashIteration = passwordDetails.HashIteration; userAccount.HashLength = passwordDetails.HashLength; userAccount.CreatedDate = DateTime.Now; userAccount.UpdateDate = DateTime.Now; userAccount.Version = 1; userAccount.UserName = userAccount.Email; this.inventoryDbContext.UserAccounts.Add(userAccount); await inventoryDbContext.SaveChangesAsync(); } else { return(BadRequest("Required data for user registeration not found")); } return(Ok()); }
private bool Encrypt() { if (IsAutoMode) { if (ComputerName.IsNullOrEmpty()) { var protector = new PasswordProtector(); EncryptedValue = protector.Protect(OriginalValue, PasswordProtectionScope.LocalMachine); return(true); } else { //var factory = new ImpersonatorFactory() //{ // IsEnabled = true, // Username = "******", // Password = "******", // Domain = "LILI" //}; //using (factory.Create()) { var powershell = new PowerShellExecutor(ComputerName); if (powershell.Execute()) { EncryptedValue = powershell.Result; return(true); } } } return(false); } return(true); }
public void TestUnProtect() { var password = "******"; var protector = new PasswordProtector(); var protectedPassword = protector.Protect(password, PasswordProtectionScope.LocalMachine); var finalPass = protector.UnProtect(protectedPassword); Assert.IsTrue(password == finalPass); }
public void EncryptThenDecryptStringTest() { // Act string encrypted = PasswordProtector.GetEncryptedString(secureSample); var decrypted = PasswordProtector.DecryptString(encrypted); Debug.WriteLine(encrypted); // Assert Assert.AreEqual(secureSample.Length, decrypted.Length); Assert.AreEqual(secureSample.ToInsecureString(), decrypted.ToInsecureString()); }
/// <summary> /// Default constructor of the DI connection mockup. /// </summary> public DiConnectionMockup(DiConnectionModel connection, string passwordPath) { if (!File.Exists(passwordPath)) { throw new ArgumentException("The password file does not exist."); } // Unprotect the SAP DI user password given its encrypted binary file path. var passProtector = new PasswordProtector(); var password = passProtector.Unprotect(passwordPath); MessageBox.Show($"Server: {connection.Server}, Company: {connection.Company}, User: {connection.Username}, Password: {password}"); }
public async Task <bool> VerifyPasswordAsync(string login, string password) { var account = await _accountUnitOfWork.Repository.GetByLoginAsync(login); if (account == null) { return(false); } var saltedPassword = PasswordProtector.SaltString(account.PasswordSalt, password); return(saltedPassword.Equals(account.PasswordHash)); }
public static ISimpleEncryption Create(EncryptionAlgorithm algorithm) { SecureString key = PasswordProtector.DecryptString(Properties.Settings.Default.Key); var tripleDesKeySize = (TripleDesKeySize)Properties.Settings.Default.TripleDesKeySize; return(algorithm switch { EncryptionAlgorithm.None => throw new NotImplementedException(), EncryptionAlgorithm.AES => new SimpleAes(key), EncryptionAlgorithm.DES => new SimpleDes(key), EncryptionAlgorithm.TripleDES => new SimpleTripleDes(key, tripleDesKeySize), _ => throw new InvalidOperationException($"{algorithm} is not a valid algorithm"), });
/// <summary> /// Main function of a simple application developed to protect/unprotect /// Alala passwords used for SAP DI connection. /// </summary> /// <param name="args">An array of arguments including application options and /// the input data depending on the specific option.</param> static void Main(string[] args) { // Check whether there is 2 arguments... if (args.Length != 2) { // If not, print error/help messages to the console and return. Console.WriteLine("Wrong syntax... Please use one of the following calls:"); Console.WriteLine("SecureDiogenesPasswords.exe -p <original password>"); Console.WriteLine("SecureDiogenesPasswords.exe -u <encrypted password>"); return; } var option = args[0]; var input = args[1]; switch (option) { case "-p": { // Protect an input (plaintext) password. var protector = new PasswordProtector(); protector.Protect(input); break; } case "-u": { // Unprotect a password stored in an encrypted binary file. // The input of "unprotect" is the path of the binary file. var protector = new PasswordProtector(); var originalPassword = protector.Unprotect(input); // Print to the console the original password value. Console.WriteLine($"The original password is: {originalPassword}"); break; } default: { // In case of wrong option, print error/help messages to the console and return. Console.WriteLine("Wrong option... Please use one of the following calls:"); Console.WriteLine("SecureDiogenesPasswords.exe -p <original password>"); Console.WriteLine("SecureDiogenesPasswords.exe -u <encrypted password>"); break; } } }
public async Task ChangePasswordAsync(int accountId, string newPassword) { var acctToUpdate = await _accountUnitOfWork.Repository.GetByIdAsync(accountId).ConfigureAwait(false); if (acctToUpdate == null) { throw new ResourceNotFoundException($"Аккаунт {accountId} не знайдено"); } var salt = PasswordProtector.GenerateSalt(); acctToUpdate.PasswordSalt = salt; acctToUpdate.PasswordHash = PasswordProtector.SaltString(salt, newPassword); acctToUpdate.UpdatedAt = DateTime.Now; await _accountUnitOfWork.SaveChangesAsync().ConfigureAwait(false); }
public void RandomProtectAndCompareTest() { const string passwordToProtect = "MyC0013ncrypti0nP@$$w0rd!"; using (var protector = new PasswordProtector()) { ProtectedPassword protectedPassword = protector.Protect(passwordToProtect); Assert.NotNull(protectedPassword); Assert.NotNull(protectedPassword.Password); Assert.True(protectedPassword.Password.Length <= 64); // The Size of SHA-256 Assert.True(protectedPassword.Password.Length >= 32); // The Size of MD5 Assert.NotNull(protectedPassword.Salt); Assert.True(protectedPassword.IterationCount > 0); Assert.True(protector.CompareProtectedPassword(passwordToProtect, protectedPassword)); } }
/// <summary> /// Constructor of the DI connection controller; /// initializes the company object based on a given /// DI connection model. /// </summary> /// <param name="connection">The given model represents the DI connection details.</param> public DiConnectionController(DiConnectionModel connection, string passwordPath) { if (!File.Exists(passwordPath)) { throw new ArgumentException("The password file does not exist."); } // Unprotect the SAP DI user password given its encrypted binary file path. var passProtector = new PasswordProtector(); var password = passProtector.Unprotect(passwordPath); Company = new Company { Server = connection.Server, DbServerType = BoDataServerTypes.dst_MSSQL2014, CompanyDB = connection.Company, UserName = connection.Username, Password = password, language = BoSuppLangs.ln_English }; }
public async Task <IActionResult> Login(SignInModel signInModel) { if (signInModel != null && !string.IsNullOrEmpty(signInModel.UserName) && !string.IsNullOrEmpty(signInModel.Password)) { var user = await inventoryDbContext.UserAccounts.FirstOrDefaultAsync(x => x.Email.Equals(signInModel.UserName)); if (user != null && !string.IsNullOrEmpty(user.Password) && !string.IsNullOrEmpty(user.PasswordSalt)) { bool passwordVerification = PasswordProtector.VerifyPassword (signInModel.Password, user.Password, user.PasswordSalt, user.HashLength , user.HashIteration); if (passwordVerification) { string jwtToken = JwtTokenGenerator.GetJwtToken(user, this.configuration); return(Ok(jwtToken)); } else { return(Unauthorized("User authentication failed. Please enter valid user account details for sign in.")); } } else { return(NotFound("User not found. Please enter valid user name")); } } else { return(BadRequest("Required data for user sign in not found")); } }
protected override void Up(MigrationBuilder migrationBuilder) { migrationBuilder.InsertData("AssestmentTypes", "Description", "Екзамен"); migrationBuilder.InsertData("AssestmentTypes", "Description", "Залік"); migrationBuilder.InsertData("AssestmentTypes", "Description", "Диференційний залік"); var adminTmpPassword = "******"; var salt = PasswordProtector.GenerateSalt(); var saltedPassword = PasswordProtector.SaltString(salt, adminTmpPassword); migrationBuilder.InsertData("Accounts", new [] { "FirstName", "LastName", "MiddleName", "CreatedAt", "UpdatedAt", "Role", "PasswordHash", "PasswordSalt", "IsActive", "Login" }, new object[] { "Admin", "Gradebook", "Api", DateTime.Now, DateTime.Now, Roles.Admin, saltedPassword, salt, true, "*****@*****.**" }); }
public void TestUnProtectInvalidFormat() { var protector = new PasswordProtector(); protector.UnProtect(Convert.ToBase64String(Encoding.UTF8.GetBytes(new String('a', 1000)))); }
public void TestUnProtectInvalidBase64() { var protector = new PasswordProtector(); protector.UnProtect(new String('a', 1000)); }
public void TestProtect() { var password = "******"; var protector = new PasswordProtector(); protector.Protect(password, PasswordProtectionScope.LocalMachine); }