private static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt) { if (password == null) { throw new ArgumentNullException("password"); } if (string.IsNullOrWhiteSpace(password)) { throw new ArgumentException("Value cannot be empty or whitespace only string.", "password"); } if (storedHash.Length != 64) { throw new ArgumentException("Invalid length of password hash (64 bytes expected)."); } if (storedSalt.Length != 128) { throw new ArgumentException("Invalid length of password salt (128 bytes expected)."); } using var hmac = new System.Security.Cryptography.HMACSHA512(storedSalt); var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password)); for (int i = 0; i < computedHash.Length; i++) { if (computedHash[i] != storedHash[i]) { return(false); } } hmac.Dispose(); return(true); }
public static void Initialize(PleyContext context) { context.Database.EnsureCreated(); if (!context.Users.Any()) { var hmac = new System.Security.Cryptography.HMACSHA512(); context.Users.Add(new User { FirstName = "Olivier", LastName = "Example", Email = "*****@*****.**", CreatedOn = DateTime.Now, ModifiedOn = DateTime.Now, Type = UserType.ADMIN, PasswordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes("password")), PasswordSalt = hmac.Key }); hmac.Dispose(); context.SaveChanges(); } }
public void TaskReturnAUserWhenPasswordCorrect() { //Given var hmac = new System.Security.Cryptography.HMACSHA512(); var password = "******"; var email = "*****@*****.**"; var user = new User { FirstName = "Alice", LastName = "Apple", Email = email, PasswordSalt = hmac.Key, PasswordHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password)) }; var data = new List <User> { user }.AsQueryable(); hmac.Dispose(); var mockSet = new Mock <DbSet <User> >(); mockSet.As <IQueryable <User> >().Setup(m => m.Provider).Returns(data.Provider); mockSet.As <IQueryable <User> >().Setup(m => m.Expression).Returns(data.Expression); mockSet.As <IQueryable <User> >().Setup(m => m.ElementType).Returns(data.ElementType); mockSet.As <IQueryable <User> >().Setup(m => m.GetEnumerator()).Returns(data.GetEnumerator()); var mockContext = new Mock <PleyContext>(); this.mockContext.Setup(m => m.Users).Returns(mockSet.Object); //When var correctPassword = svc.Authenticate(email, password); var incorrectPassword = svc.Authenticate(email, "wrong password"); //Then Assert.NotNull(correctPassword); Assert.Null(incorrectPassword); }
public static void SeedData(DataContext context) { var hmac = new System.Security.Cryptography.HMACSHA512(); var hashKey = hmac.Key; var hashPass = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes("Password")); if (!context.Weapon_Tbl.Any()) { var weapons = new List <Weapon> { new Weapon { Name = "Longsword", Gold = 100, MinDamage = 3, MaxDamage = 5, MaxDurability = 5 }, new Weapon { Name = "Dagger", Gold = 10, MinDamage = 1, MaxDamage = 3, MaxDurability = 5 } }; context.Weapon_Tbl.AddRange(weapons); } if (!context.Shield_Tbl.Any()) { var shields = new List <Shield> { new Shield { Name = "Buckler", Gold = 100, ArmorRating = 1, MaxDurability = 3 }, new Shield { Name = "Tower Shield", Gold = 200, ArmorRating = 5, MaxDurability = 5 } }; context.Shield_Tbl.AddRange(shields); } if (!context.Potion_Tbl.Any()) { var potions = new List <Potion> { new Potion { Name = "Lesser Healing Potion", Gold = 10, Heal = 4 }, new Potion { Name = "Healing Potion", Gold = 20, Heal = 8 }, new Potion { Name = "Greater Healing Potion", Gold = 35, Heal = 15 } }; context.Potion_Tbl.AddRange(potions); } if (!context.ItemType_Tbl.Any()) { var itemTypes = new List <ItemType> { new ItemType { TypeName = "Weapon" }, new ItemType { TypeName = "Shield" }, new ItemType { TypeName = "Potion" } }; context.ItemType_Tbl.AddRange(itemTypes); } if (!context.Users_Tbl.Any()) { var dummyUsers = new List <User> { new User { Id = Guid.NewGuid(), Username = "******", PasswordHash = hashPass, PasswordSalt = hashKey, Player = new Player { Max_HP = 1, HP = 1, XP = 1, Gold = 1, Level = 1, Strength = 1, Dexterity = 1, Intelligence = 1, Items = new List <ItemData> { new ItemData { TypeReferenceId = 1, SubTypeReferenceId = 1, Container = ItemData.ContainerType.Equipment }, new ItemData { TypeReferenceId = 1, SubTypeReferenceId = 2, Container = ItemData.ContainerType.Equipment }, new ItemData { TypeReferenceId = 1, SubTypeReferenceId = 2, Container = ItemData.ContainerType.Inventory }, new ItemData { TypeReferenceId = 2, SubTypeReferenceId = 1, Container = ItemData.ContainerType.Inventory }, new ItemData { TypeReferenceId = 2, SubTypeReferenceId = 2, Container = ItemData.ContainerType.Inventory }, new ItemData { TypeReferenceId = 3, SubTypeReferenceId = 1, Container = ItemData.ContainerType.Inventory }, new ItemData { TypeReferenceId = 3, SubTypeReferenceId = 2, Container = ItemData.ContainerType.Inventory }, new ItemData { TypeReferenceId = 3, SubTypeReferenceId = 3, Container = ItemData.ContainerType.Inventory } } } } }; context.Users_Tbl.AddRange(dummyUsers); } context.SaveChanges(); hmac.Dispose(); // Free up HMAC object }