public void CanGetSalt()
{
var logon = new SecureLogon {
UserService = new SimpleHashLogonStorage()
};
var salt = logon.GetSalt("user");
Console.WriteLine(salt);
Assert.Less(100, salt.Length);
}
public void CanDealWithLogon()
{
var logon = new SecureLogon {
UserService = new SimpleHashLogonStorage()
};
var salt = logon.GetSalt("user");
var encryptor = new Encryptor();
var cert = typeof(HashSecureLogonTest).Assembly.ReadManifestResourceBytes("private.pfx");
var saltbytes = Convert.FromBase64String(salt);
var decrypted = encryptor.Decrypt(saltbytes, cert);
var decryptedstr = Encoding.UTF8.GetString(decrypted);
var hash = encryptor.SignData(decrypted, cert);
var hashstr = Convert.ToBase64String(hash);
var result = logon.Logon("user", new SecureLogonInfo {
Salt = decryptedstr, Sign = hashstr
});
Assert.True(result.IsAuthenticated);
}
