public bool SaveUser(User user)
{
string HashedPassword = HashGen.GetHashString(user.Password);
user.Password = HashedPassword;
return(_userBAL.SaveUser(user) != null ?true:false);
}
public int Save(User user)
{
if (GetUserByEmail(user.Email) != null)
{
return(0);
}
string hashedPassword = HashGen.GenerateSHA256String(user.Password);
string sql = "INSERT INTO [User] " +
"(Name,Email,AccountBalance,AccountType,Status,Password) " +
"VALUES(@name, @email, @accountBalance, @accountType, @status,@password)";
Command = new SqlCommand(sql, Connection);
Command.Parameters.AddWithValue("@name", user.Name);
Command.Parameters.AddWithValue("@email", user.Email);
Command.Parameters.AddWithValue("@accountBalance", user.AccountBalance);
Command.Parameters.AddWithValue("@accountType", user.AccountType);
Command.Parameters.AddWithValue("@status", user.Status);
Command.Parameters.AddWithValue("@password", hashedPassword);
Connection.Open();
int rowEffected = Command.ExecuteNonQuery();
Connection.Close();
return(rowEffected);
}
public int UpdateUser(User user)
{
string sql = "UPDATE [User] SET " +
"Name = @name, Status = @status, Password = @password " +
" WHERE Id = @id AND Email = @email";
string hashedPassword = HashGen.GenerateSHA256String(user.Password);
Command = new SqlCommand(sql, Connection);
Command.Parameters.AddWithValue("@name", user.Name);
Command.Parameters.AddWithValue("@status", user.Status);
Command.Parameters.AddWithValue("@password", hashedPassword);
Command.Parameters.AddWithValue("@id", user.Id);
Command.Parameters.AddWithValue("@email", user.Email);
Connection.Open();
int rowEffected = Command.ExecuteNonQuery();
Connection.Close();
return(rowEffected);
}
public void GetHash()
{
// Arrange
var hasher = new HashGen(HashAlgorithmType.Sha512, Encoding.UTF8);
// Act
var hash = hasher.GetHash(
"Lorem ipsum dolor sit sed a periculis cuntis. Liber e non sempre virgo gloriousa et benedicta.");
// Assert
Assert.IsType <string>(hash);
Assert.NotNull(hash);
}
public string LoginUser(LoginUser user)
{
string HashedPassword = HashGen.GetHashString(user.Password);
user.Password = HashedPassword;
if (_userBAL.ValidateUser(user))
{
string Token = new SecurityBAL().GenerateToken();
SaveToken(Token);
return(Token);
}
return(string.Empty);
}
private bool CheckPassword(string emial, string password)
{
User userToCheck = GetUserByEmail(emial);
if (userToCheck != null)
{
if (HashGen.TestSHA256String(password, userToCheck.Password))
{
return(true);
}
}
return(false);
}
/// <summary>
///
/// </summary>
private bool CheckCodeUpdate()
{
var dolPatchPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "lib/dol.patch");
Console.WriteLine(Core.Installer.MEXDolPatcher.CheckPatchApplied(Core.MEX.ImageResource.GetDOL(), dolPatchPath));
if (!Core.Installer.MEXDolPatcher.CheckPatchApplied(Core.MEX.ImageResource.GetDOL(), dolPatchPath))
{
// update dol
if (MessageBox.Show("Update DOL file?\nRecommended", "DOL update detected", MessageBoxButtons.YesNoCancel, MessageBoxIcon.Question) == DialogResult.Yes)
{
Core.MEX.ImageResource.SetDOL(Core.Installer.MEXDolPatcher.ApplyPatch(Core.MEX.ImageResource.GetDOL(), dolPatchPath));
}
}
var codesPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, @"lib\codes.gct");
if (!File.Exists(codesPath))
{
return(false);
}
var mx_codes = File.ReadAllBytes(codesPath);
var fs_codes = Core.MEX.ImageResource.GetFile("codes.gct");
if (fs_codes != null)
{
var mxhash = HashGen.ComputeSHA256Hash(mx_codes);
var hash = HashGen.ComputeSHA256Hash(fs_codes);
if (!mxhash.Equals(hash))
{
// update codes.gct
if (MessageBox.Show("Update codes file?", "Codes update detected", MessageBoxButtons.YesNoCancel, MessageBoxIcon.Question) == DialogResult.Yes)
{
Core.MEX.ImageResource.AddFile("codes.gct", mx_codes);
return(true);
}
}
}
return(false);
}
public void HashGenInitialisation()
{
// Arrange
var hashGenInstanceMd5 = new HashGen(HashAlgorithmType.Md5, Encoding.UTF8);
var hashGenInstanceSha1 = new HashGen(HashAlgorithmType.Sha1, Encoding.UTF8);
var hashGenInstanceSha256 = new HashGen(HashAlgorithmType.Sha256, Encoding.UTF8);
var hashGenInstanceSha384 = new HashGen(HashAlgorithmType.Sha384, Encoding.UTF8);
var hashGenInstanceSha512 = new HashGen(HashAlgorithmType.Sha512, Encoding.UTF8);
// Assert
// Check hash algos
Assert.NotStrictEqual(MD5.Create(), hashGenInstanceMd5.Hasher);
Assert.IsType <SHA1Managed>(hashGenInstanceSha1.Hasher);
Assert.IsType <SHA256Managed>(hashGenInstanceSha256.Hasher);
Assert.IsType <SHA384Managed>(hashGenInstanceSha384.Hasher);
Assert.IsType <SHA512Managed>(hashGenInstanceSha512.Hasher);
// Check encoding
Assert.Equal(Encoding.UTF8, hashGenInstanceSha512.InputEncoding);
}
public String CheckPass(String login, String password)
{ // Zwraca hash hasła, jeśli prawidłowe lub null, jeśli nieprawidłowe
LoginRes[] SQLResults = GetLoginsFromSQL("SELECT Login, PasswordSalt, PasswordHash FROM Users WHERE Login = '******'", SQLConnector.GetSQLConnection());
// zakładamy, że może być tylko jedna osoba z danym loginem
if ((SQLResults != null) && (SQLResults.Length == 1))
{
String PasswordSalt = SQLResults[0].PasswordSalt;
String PasswordHash = SQLResults[0].PasswordHash;
if (HashGen.CreateSHAHash(password, PasswordSalt).Equals(PasswordHash))
{
return(PasswordHash);
}
else
{
return(null);
}
}
else
{
return(null); // W zasadzie wyłapujemy tu przypadek braku loginu w bazie.
}
}
/// <summary>
///
/// </summary>
public static bool UpdateCodes()
{
// https://github.com/akaneia/m-ex/raw/master/asm/codes.gct
var codesPath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, @"\lib\codes.gct");
if (!File.Exists(codesPath))
{
return(false);
}
var mxhash = HashGen.ComputeSHA256Hash(File.ReadAllBytes(codesPath));
using (var client = new WebClient())
client.DownloadFile(@"https://github.com/akaneia/m-ex/raw/master/asm/codes.gct", codesPath);
var newhash = HashGen.ComputeSHA256Hash(File.ReadAllBytes(codesPath));
if (!mxhash.Equals(newhash))
{
return(true);
}
return(false);
}
public string GenerateHash(string Input)
{
return(HashGen.GetHashString(Input));
}
public PasswordSaltAndHash(String PasswordRaw)
{
this.PasswordSalt = HashGen.CreateSalt(16);
this.PasswordHash = HashGen.CreateSHAHash(PasswordRaw, this.PasswordSalt);
}
