/// <summary>
/// validate the password
/// </summary>
/// <param name="password"></param>
/// <param name="dbHash"></param>
/// <returns>bool slow hash</returns>
public bool ValidatePassword(string password, string dbHash)
{
char[] delimiter = { ':' };
string[] split = dbHash.Split(delimiter);
byte[] salt = Convert.FromBase64String(split[0]);
byte[] hash = Convert.FromBase64String(split[1]);
string sha256 = split[2];
/* byte[] byteArray = Encoding.ASCII.GetBytes(password);
* MemoryStream stream = new MemoryStream(byteArray);
* List<byte> temp = SHA256Imp.Hash(stream);
*
* string newHash = ArrayToString(temp);*/
SHA256Imp s = new SHA256Imp();
//s.ValidatePassword(password, salt2);
byte[] hashToValidate = PBKDF2(password, salt, PBKDF2_ITT, hash.Length);
if (SlowEquals(hash, hashToValidate) == true && s.ValidatePassword(password, sha256) == true)
{
return(true);
}
else
{
return(false);
}
}
// main function
public List <byte> Hash(string password)
{
SHA256Imp sha256 = new SHA256Imp();
byte[] buf = new byte[8196];
uint bytes_read;
do
{
//bytes_read = (uint)stream.Read(buf, 0, buf.Length);
bytes_read = (uint)password.Length;
if (bytes_read == 0)
{
break;
}
else
{
byte[] ba = Encoding.Default.GetBytes(password);
for (int i = 0; i < ba.Length; i++)
{
buf[i] = ba[i];
}
/* buf[0] = 12;
* buf[1] = 0x5;*/
}
sha256.ProcessBytes(buf, 0, bytes_read);
}while (bytes_read == 8196);
return(sha256.GetHash());
}
/// <summary>
/// get password as an input , building a random salt, using the password and the salt creates a hash .
/// </summary>
/// <param name="password"></param>
/// <returns>string converted</returns>
public string CreateHash(string password)
{
string newHash;
string newHash2;
RNGCryptoServiceProvider csprng = new RNGCryptoServiceProvider();
byte[] salt = new byte[SALT_SIZE]; // random salt
csprng.GetBytes(salt);
// byte[] byteArray = Encoding.ASCII.GetBytes(password);
// MemoryStream stream = new MemoryStream(byteArray);
// MemoryStream s1 = GenerateStreamFromString(password);
/* using (var stream = GenerateStreamFromString(password))
* {
*
* List<byte> temp = SHA256Imp.Hash(stream);
*
* newHash = ArrayToString(temp);
*
*
* Clear(stream);
* }*/
//s1.Close();
//s1.Dispose();
//byte[] salt = Convert.(newHash);
SHA256Imp hasher1 = new SHA256Imp();
List <byte> temp = hasher1.Hash(password);
newHash = ArrayToString(temp);
/* SHA256Imp hasher2 = new SHA256Imp();
* List<byte> temp2 = hasher2.Hash(password);
*
* newHash2 = ArrayToString(temp2);*/
byte[] hash = PBKDF2(password, salt, PBKDF2_ITT, HASH_SIZE);
return(Convert.ToBase64String(salt) + ":" + Convert.ToBase64String(hash) + ":" + newHash);
}
