Exemplo n.º 1
0
        private void BtnUpdate_Click(object sender, EventArgs e)
        {
            var rsa = new cryptography.SystemSupportRSA();

            //Validamos que la contraseña actual coincida(OK)

            //validamos que escriba las dos contraseñas
            if (!txtpass1.Text.Equals("") && !txtpass2.Text.Equals(""))
            {
                //Validamos que coincidan las dos contraseñas
                if (txtpass1.Text.Equals(txtpass2.Text))
                {
                    MessageBox.Show("Coinciden");
                    User user = new User()
                    {
                        User_definition = txtusername.Text,
                        User_email      = txtemail.Text,
                        User_password   = rsa.GetMd5Hash(txtpass1.Text),
                        User_code       = UserCache.UserCode
                    };
                    userLog.UserUpdate(user);
                    FrmUserEdit_Load(sender, e);
                }
                else
                {
                    MessageBox.Show("No coinciden las contraseñas");
                }
            }
            else
            {
                MessageBox.Show("Escriba ambas contraseñas");
            }
        }
Exemplo n.º 2
0
        public string UserRecoveryAccount(byte[] ciphertoken, byte[] cipheraccuont,
                                          byte[] Key, byte[] IV)
        {
            var    rsa = new cryptography.SystemSupportRSA();
            string userName;
            string userMail;
            string user;
            string alias;
            string pass;
            string current_token;

            //string request = "";

            Database.Connect();
            command = new OdbcCommand
            {
                Connection  = Database.GetConn(),
                CommandType = CommandType.StoredProcedure,
                CommandText = "{call csg.User_RecoveryAccount(?)}"
            };
            command.Parameters.Add("Account", OdbcType.VarChar, 50).Value = rsa.DecryptStringFromBytes_Aes(cipheraccuont, Key, IV);


            dataReader = command.ExecuteReader();
            //Console.WriteLine("Read(): " + dataReader.Read() + " | HasRows: " + dataReader.HasRows);
            if (dataReader.Read())
            {
                //Validamos que el token vigente coincida
                if (rsa.DecryptStringFromBytes_Aes(ciphertoken, Key, IV).Equals(dataReader.GetString(3)))
                {
                    userName = dataReader.GetString(0);
                    user     = dataReader.GetString(1);
                    userMail = dataReader.GetString(2);
                    string code = dataReader.GetString(4);
                    Database.Disconnect();
                    //Creamos el nuevo token
                    string new_token = rsa.GetMd5Hash(user + DateTime.Now.Ticks.ToString());
                    //Actualizamos el token y pasamos el usetoken a SI
                    UpdateUserToken(new_token, code);
                    var mailservice = new mailservices.SystemSupportMail();
                    mailservice.SendRecoveryMail(username: userName, user: user, token: new_token,
                                                 subject: "Recuperación de cuenta Control de Servicios y Garantías", to: userMail);

                    return("s,Por favor revisa tu cuenta de correo " + userMail);
                }
                else
                {
                    Database.Disconnect();
                    return("f,No coincide el token");
                }
            }
            else
            {
                Database.Disconnect();
                return("f,Lo sentimos, no existe una cuenta con ese nombre de usuario o" +
                       " correo electrónico");
            }
        }
Exemplo n.º 3
0
        private void BtnOk_Click(object sender, EventArgs e)
        {
            DialogResult = DialogResult.OK;

            var rsa = new cryptography.SystemSupportRSA();

            Console.WriteLine(rsa.GetMd5Hash(txtPassValidate.Text) + "=" + UserCache.UserPass);
            if (rsa.GetMd5Hash(txtPassValidate.Text).Equals(UserCache.UserPass))
            {
                //Permitimos editar contraseña
                msg.txtpassActivator();
            }
        }
Exemplo n.º 4
0
 private void BtnChangePassword_Click(object sender, EventArgs e)
 {
     if (!txtpass.Text.Equals("CONTRASEÑA"))
     {
         if (!txtpassconf.Text.Equals("CONFIRME LA CONTRASEÑA"))
         {
             //Comparamos que coincidan
             Console.WriteLine("CHANGEPASSWORD/Contraseña: '" + txtpass.Text + "' | Length: " + txtpass.TextLength);
             Console.WriteLine("CHANGEPASSWORD/CContraseña: '" + txtpassconf.Text + "' | Length: " + txtpassconf.TextLength);
             if (IsEqualsPass())
             {
                 // Create a new instance of the AesManaged
                 // class.  This generates a new key and initialization
                 // vector (IV).
                 using (AesManaged myAes = new AesManaged())
                 {
                     var rsa = new cryptography.SystemSupportRSA();
                     // Encrypt the string to an array of bytes.
                     byte[] cipherpass = rsa.EncryptStringToBytes_Aes(txtpass.Text, myAes.Key, myAes.IV);
                     byte[] ciphercode = rsa.EncryptStringToBytes_Aes(UserCache.UserCode, myAes.Key, myAes.IV);
                     userLog.UserUpdatePass(cipherpass, ciphercode, myAes.Key, myAes.IV);
                     UserCache.UserPass = rsa.GetMd5Hash(txtpass.Text);
                     Console.WriteLine("CHANGEPASSWORD/Actualizar a " + txtpass + "=" + UserCache.UserPass);
                     this.Close();
                 }
             }
             else
             {
                 MsgError("No coinciden las contraseñas");
             }
         }
         else
         {
             MsgError("Ingrese la confirmación de la nueva contraseña");
         }
     }
     else
     {
         MsgError("Ingrese la nueva contraseña");
     }
 }
Exemplo n.º 5
0
 private void BtnRecoveryAccount_Click(object sender, EventArgs e)
 {
     if (!txtAccount.Text.Equals("USUARIO O CORREO ELECTRÓNICO"))
     {
         if (!txtToken.Text.Equals("TOKEN"))
         {
             byte[] cipheraccount;
             byte[] ciphertoken;
             using (AesManaged myAes = new AesManaged())
             {
                 var rsa = new cryptography.SystemSupportRSA();
                 // Encrypt the string to an array of bytes.
                 cipheraccount = rsa.EncryptStringToBytes_Aes(txtAccount.Text, myAes.Key, myAes.IV);
                 ciphertoken   = rsa.EncryptStringToBytes_Aes(txtToken.Text, myAes.Key, myAes.IV);
                 var      request = userLog.UserRecoveryAccount(ciphertoken, cipheraccount, myAes.Key, myAes.IV);
                 string[] result  = request.Split(',');
                 if (result[0].Equals("s"))
                 {
                     MsgOk(result[1]);
                 }
                 else
                 {
                     MsgError(result[1]);
                 }
             }
         }
         else
         {
             MsgError("Ingrese el token de seguridad");
         }
     }
     else
     {
         MsgError("Ingrese usuario o cuenta de correo electrónico");
     }
 }
Exemplo n.º 6
0
        public void UserUpdatePass(byte[] cipherpass, byte[] ciphercode, byte[] Key, byte[] IV)
        {
            var rsa = new cryptography.SystemSupportRSA();

            try
            {
                Database.Connect();
                command = new OdbcCommand()
                {
                    Connection  = Database.GetConn(),
                    CommandType = CommandType.StoredProcedure,
                    CommandText = "{call csg.User_UpdatePass(?,?)}"
                };
                command.Parameters.Add("Pass", OdbcType.VarChar, 200).Value = rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV));
                command.Parameters.Add("Code", OdbcType.VarChar, 20).Value  = rsa.DecryptStringFromBytes_Aes(ciphercode, Key, IV);
                if (command.ExecuteNonQuery() > 0)
                {
                    //return true;
                    UserCache.UserPass = rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV));
                    //Console.WriteLine("Actualizó password a " + UserCache.UserPass);
                }
                else
                {
                    //return false;
                    //Console.WriteLine("NO actualizó password");
                }
            }
            catch (Exception)
            {
                throw;
            }
            finally
            {
                Database.Disconnect();
            }
        }
Exemplo n.º 7
0
        public bool UserLogin(byte[] cipheruser, byte[] cipherpass,
                              byte[] Key, byte[] IV)
        {
            var rsa = new cryptography.SystemSupportRSA();

            try
            {
                Database.Connect();
                command = new OdbcCommand
                {
                    Connection  = Database.GetConn(),
                    CommandType = CommandType.StoredProcedure,
                    CommandText = "{call csg.User_Login(?)}"
                };
                command.Parameters.Add("Account", OdbcType.VarChar, 50).Value = rsa.DecryptStringFromBytes_Aes(cipheruser, Key, IV);
                dataReader = command.ExecuteReader();
                if (dataReader.Read())
                {
                    UserCache.UserUseToken = dataReader.GetChar(11);
                    //Console.WriteLine("Usa token: " + UserCache.UserUseToken);
                    if (rsa.GetMd5Hash(rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV)).Equals(dataReader.GetString(4)) &&
                        UserCache.UserUseToken.Equals('N'))
                    {
                        //Console.WriteLine("Entra con password");
                        //Almacenar la variables de sesión
                        UserCache.UserCode          = dataReader.GetString(0);
                        UserCache.UserDefinition    = dataReader.GetString(1);
                        UserCache.UserAccount       = dataReader.GetString(2);
                        UserCache.UserEmail         = dataReader.GetString(3);
                        UserCache.UserPass          = dataReader.GetString(4);
                        UserCache.UserRol           = dataReader.GetString(6);
                        UserCache.UserRolDefinition = dataReader.GetString(13);
                        return(true);
                    }
                    //SI utiliza token esta en 'S'
                    else if (rsa.DecryptStringFromBytes_Aes(cipherpass, Key, IV).Equals(dataReader.GetString(5)) &&
                             UserCache.UserUseToken.Equals('S'))
                    {
                        //Console.WriteLine("Entra con token");
                        //Almacenar la variables de sesión
                        UserCache.UserCode          = dataReader.GetString(0);
                        UserCache.UserDefinition    = dataReader.GetString(1);
                        UserCache.UserAccount       = dataReader.GetString(2);
                        UserCache.UserEmail         = dataReader.GetString(3);
                        UserCache.UserPass          = dataReader.GetString(4);
                        UserCache.UserRol           = dataReader.GetString(6);
                        UserCache.UserRolDefinition = dataReader.GetString(13);
                        return(true);
                    }
                }
            }
            catch (Exception ex)
            {
                MessageBox.Show("Excepción controlada en UserDAO->UserLogin: "******"Excepción", MessageBoxButtons.OK, MessageBoxIcon.Error);
            }
            finally
            {
                Database.Disconnect();
            }
            return(false);
        }