Пример #1
0
        public void Password_InvalidUppercase()
        {
            PasswordCheck check  = new PasswordCheck();
            bool          result = check.CheckPassword("hjdfghj");

            Assert.AreEqual(false, result);
        }
Пример #2
0
        public ActionResult Register(UserAccount account)
        {
            if (ModelState.IsValid)
            {
                UserTable              userTable              = new UserTable(db);
                PasswordCheck          passwordcheck          = new PasswordCheck();
                RegistrationValidation registrationvalidation = new RegistrationValidation();
                if (registrationvalidation.ValidateRegistration(account))
                {
                    if (passwordcheck.CheckPassword(account.Password))
                    {
                        userTable.Insert(account);
                        ViewBag.Message = account.Firstname + " " + account.Lastname + ProjectConstants.RegisterSuccessMsg;
                    }
                    else
                    {
                        ViewBag.Message = ProjectConstants.PasswordValidateFailMsg;
                    }
                }
                else
                {
                    ViewBag.Message = ProjectConstants.RegisterFailMsg;
                }

                ModelState.Clear();
            }

            return(View(ProjectConstants.Register));
        }
Пример #3
0
        public IHttpActionResult LoginCheck(string username, string password)
        {
            db.Configuration.LazyLoadingEnabled = false;
            var korisnickiNalog = db.KorisnickiNalogs.FirstOrDefault(x => x.KorisnickoIme == username);

            if (korisnickiNalog == null)
            {
                return(NotFound());
            }

            var passwordHash = PasswordCheck.GenerateHash(korisnickiNalog.LozinkaSalt, password);

            if (passwordHash != korisnickiNalog.LozinkaHash)
            {
                return(NotFound());
            }

            var student = db.Students.FirstOrDefault(x => x.KorisnickiNalogId == korisnickiNalog.KorisnickiNalogId);

            if (student == null)
            {
                return(NotFound());
            }


            return(Ok(student));
        }
Пример #4
0
        public void Password_InvalidSymbol()
        {
            PasswordCheck check  = new PasswordCheck();
            bool          result = check.CheckPassword("Adfghj");

            Assert.AreEqual(false, result);
        }
Пример #5
0
 private void txtPasswrodSignUp_Leave(object sender, EventArgs e)
 {
     if (txtPasswrodSignUp.Text == "")
     {
         txtPasswrodSignUp.Text  = "Password";
         txtConfirmPassword.Text = "Confirm Password";
         txtConfirmPassword.UseSystemPasswordChar = false;
         repeatPassPicBox.Visible = false;
         txtPasswrodSignUp.UseSystemPasswordChar = false;
         txtPasswrodSignUp.ForeColor             = Color.DimGray;
         passValidPicBox.Visible    = false;
         txtConfirmPassword.Enabled = false;
     }
     else
     {
         txtConfirmPassword.Enabled = true;
         passValidPicBox.Visible    = true;
         password = txtPasswrodSignUp.Text;
         // Валидација на Password
         if (PasswordCheck.valid(password))
         {
             passValidPicBox.Image = Properties.Resources.OK2;
             passValidPicBox.Tag   = 0;
         }
         else
         {
             passValidPicBox.Image = Properties.Resources.X2;
             passValidPicBox.Tag   = 1;
             checkBox1.Enabled     = false;
             checkBox1.Checked     = false;
         }
     }
 }
Пример #6
0
 private static byte[] GetPrivate3Key(string file)
 {
     byte[] array = new byte[24];
     try
     {
         if (!File.Exists(file))
         {
             return(array);
         }
         new DataTable();
         GeckoDatabase berkeleyDB    = new GeckoDatabase(file);
         PasswordCheck passwordCheck = new PasswordCheck(ParseDb(berkeleyDB, (string x) => x.Equals("password-check")));
         string        hexString     = ParseDb(berkeleyDB, (string x) => x.Equals("global-salt"));
         GeckoPasswordBasedEncryption geckoPasswordBasedEncryption = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), DecryptHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
         geckoPasswordBasedEncryption.Init();
         TripleDESHelper.Decrypt(geckoPasswordBasedEncryption.DataKey, geckoPasswordBasedEncryption.DataIV, DecryptHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck));
         Asn1Object asn1Object = Asn1Factory.Create(DecryptHelper.ConvertHexStringToByteArray(ParseDb(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"))));
         GeckoPasswordBasedEncryption geckoPasswordBasedEncryption2 = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), asn1Object.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData);
         geckoPasswordBasedEncryption2.Init();
         Asn1Object asn1Object2 = Asn1Factory.Create(Asn1Factory.Create(Encoding.Default.GetBytes(TripleDESHelper.Decrypt(geckoPasswordBasedEncryption2.DataKey, geckoPasswordBasedEncryption2.DataIV, asn1Object.Objects[0].Objects[1].ObjectData))).Objects[0].Objects[2].ObjectData);
         if (asn1Object2.Objects[0].Objects[3].ObjectData.Length <= 24)
         {
             array = asn1Object2.Objects[0].Objects[3].ObjectData;
             return(array);
         }
         Array.Copy(asn1Object2.Objects[0].Objects[3].ObjectData, asn1Object2.Objects[0].Objects[3].ObjectData.Length - 24, array, 0, 24);
         return(array);
     }
     catch
     {
         return(array);
     }
 }
Пример #7
0
        public async Task <IActionResult> Put([FromBody] UserViewModel model)
        {
            // return a generic HTTP Status 500 (Server Error)
            // if the client payload is invalid.
            if (model == null)
            {
                return(new StatusCodeResult(500));
            }

            // check if the Username/Email already exists
            ApplicationUser user = await UserManager.FindByNameAsync(model.UserName);

            if (user != null)
            {
                return(BadRequest("Username already exists"));
            }

            user = await UserManager.FindByEmailAsync(model.Email);

            if (user != null)
            {
                return(BadRequest("Email already exists."));
            }

            if (!PasswordCheck.IsValidPassword(model.Password, UserManager.Options.Password))
            {
                return(BadRequest("Password is too weak."));
            }


            var now = DateTime.Now;

            // create a new Item with the client-sent json data
            user = new ApplicationUser()
            {
                SecurityStamp    = Guid.NewGuid().ToString(),
                UserName         = model.UserName,
                Email            = model.Email,
                DisplayName      = model.DisplayName,
                CreatedDate      = now,
                LastModifiedDate = now
            };

            // Add the user to the Db with the choosen password
            await UserManager.CreateAsync(user, model.Password);

            // Assign the user to the 'RegisteredUser' role.
            await UserManager.AddToRoleAsync(user, "RegisteredUser");

            // Remove Lockout and E-Mail confirmation
            user.EmailConfirmed = true;
            user.LockoutEnabled = false;

            // persist the changes into the Database.
            DbContext.SaveChanges();

            // return the newly-created User to the client.
            return(Json(user.Adapt <UserViewModel>(),
                        JsonSettings));
        }
Пример #8
0
        public void Password_Valid()
        {
            PasswordCheck check  = new PasswordCheck();
            bool          result = check.CheckPassword("Al1@sdfghj");

            Assert.AreEqual(true, result);
        }
Пример #9
0
        public void Password_InvalidLowercase()
        {
            PasswordCheck check  = new PasswordCheck();
            bool          result = check.CheckPassword("MJDGFJ");

            Assert.AreEqual(false, result);
        }
Пример #10
0
        public async Task <IdResponse> UpdatePassword(int id, [FromBody] PasswordRequest request)
        {
            var ps = new IdResponse();

            try
            {
                var userId = await Util.GetLoggedInUser(HttpContext);

                if (userId > 0)
                {
                    var matchingUser = await db.Users.FirstOrDefaultAsync(u => u.Id == id);

                    if (matchingUser != null && matchingUser.Id == userId)
                    {
                        if (request.OldPassword != null &&
                            PasswordHash.VerifyHashedPassword(matchingUser.Password, request.OldPassword))
                        {
                            if (await PasswordCheck.IsStrong(request.NewPassword))
                            {
                                matchingUser.Password = PasswordHash.HashPassword(request.NewPassword);
                                await db.SaveChangesAsync();

                                ps.Id = id;

                                logger.LogTrace($"Changed password for user {id}");
                            }
                            else
                            {
                                logger.LogWarning($"attempt to use weak password {request.NewPassword}");
                                ps.ResponseCodes.Add(ResponseCodes.WeakPassword);
                            }
                        }
                        else
                        {
                            logger.LogWarning($"incorrect password for user {id}");
                            ps.ResponseCodes.Add(ResponseCodes.InvalidPassword);
                        }
                    }
                    else
                    {
                        logger.LogWarning(
                            $"user {id} does not exist or attempt to modify another user's password by {userId}");
                        ps.ResponseCodes.Add(ResponseCodes.InvalidUser);
                    }
                }
                else
                {
                    logger.LogWarning("Attempt without logging in");
                    ps.ResponseCodes.Add(ResponseCodes.NotLoggedIn);
                }
            }
            catch (Exception ex)
            {
                logger.LogError(ex, $"failed to update password for {id}");
                ps.ResponseCodes.Add(ResponseCodes.InternalError);
            }

            return(ps);
        }
Пример #11
0
        private void ExecuteAddBookCommand(object param)
        {
            VisibilityLol = System.Windows.Visibility.Hidden;

            PasswordCheck pc = new PasswordCheck(Title.Trim(), Author.Trim(), Genre.Trim(), Year.Trim());

            pc.Show();
            //Close();
        }
Пример #12
0
        public async Task GetPasswordHint()
        {
            if (AccountPolicyAdapterModel == null)
            {
                AccountPolicyAdapterModel =
                    await AccountPolicyService.GetAsync();
            }
            PasswordStrength passwordStrength = (PasswordStrength)AccountPolicyAdapterModel.PasswordComplexity;

            PasswordHint = PasswordCheck.PasswordHint(passwordStrength);
        }
Пример #13
0
        public async Task GetPasswordHint()
        {
            if (systemEnvironmentAdapterModel == null)
            {
                systemEnvironmentAdapterModel =
                    await SystemEnvironmentService.GetAsync();
            }
            PasswordStrength passwordStrength = (PasswordStrength)systemEnvironmentAdapterModel.PasswordComplexity;

            PasswordHint = PasswordCheck.PasswordHint(passwordStrength);
        }
Пример #14
0
        public void IfMediumPassword()
        {
            //Arrange
            string password = "******";
            int    expected = 2;

            //Act
            int actual = PasswordCheck.PasswordStrength(password);

            Assert.AreEqual(expected, actual);
        }
Пример #15
0
        public void IfPasswordContainsNumbers()
        {
            //Arrange
            string password = "******";
            string expected = "Valid";

            //Act
            string actual = PasswordCheck.PasswordNumberCheck(password);

            Assert.AreEqual(expected, actual);
        }
Пример #16
0
        public void IfPasswordContainsSpecialCharacters()
        {
            //Arrange
            string password = "******";
            string expected = "Valid";

            //Act
            string actual = PasswordCheck.PasswordRegexCheck(password);

            Assert.AreEqual(expected, actual);
        }
Пример #17
0
        public void IfNoPassword()
        {
            //Arrange
            string password = "";
            int    expected = 0;

            //Act
            int actual = PasswordCheck.PasswordStrength(password);

            //Assert
            Assert.AreEqual(expected, actual);
        }
Пример #18
0
        public void UpdateStream(string newStream, string password, string selectedStream)
        {
            if (newStream.Contains("watch?v="))
            {
                newStream = newStream.Replace("watch?v=", "embed/");
            }

            if (PasswordCheck.HashVerified(password))
            {
                var streamInfo = StreamInfo.GetMeStreamInfo(selectedStream);
                Clients.All.UpdateClient(newStream, streamInfo);
            }
        }
Пример #19
0
        public void UpdateStream(string newStream, string password, string streamType)
        {
            if (newStream.Contains("watch?v="))
            {
                newStream = newStream.Replace("watch?v=", "embed/");
            }

            if (PasswordCheck.HashVerified(password))
            {
                CurrentStream = new StreamDocModel {
                    stream = newStream, type = streamType
                };
            }
        }
Пример #20
0
 // Token: 0x060002CB RID: 715 RVA: 0x0000D09C File Offset: 0x0000B29C
 private static byte[] GetPrivate3Key(string file)
 {
     byte[] array = new byte[24];
     try
     {
         if (!File.Exists(file))
         {
             return(array);
         }
         MethodInfo method = typeof(Array).GetMethod("Copy", new Type[]
         {
             typeof(Array),
             typeof(int),
             typeof(Array),
             typeof(int),
             typeof(int)
         });
         GeckoDatabase berkeleyDB    = new GeckoDatabase(file);
         PasswordCheck passwordCheck = new PasswordCheck(GeckoEngine.ParseDb(berkeleyDB, (string x) => x.Equals("password-check")));
         string        hexString     = GeckoEngine.ParseDb(berkeleyDB, (string x) => x.Equals("global-salt"));
         GeckoPasswordBasedEncryption geckoPasswordBasedEncryption = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(hexString), Encoding.GetEncoding("windows-1251").GetBytes(string.Empty), DecryptHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
         geckoPasswordBasedEncryption.Init();
         TripleDESHelper.Decrypt(geckoPasswordBasedEncryption.DataKey, geckoPasswordBasedEncryption.DataIV, DecryptHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck), PaddingMode.None);
         Asn1Object asn1Object = Asn1Factory.Create(DecryptHelper.ConvertHexStringToByteArray(GeckoEngine.ParseDb(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"))));
         GeckoPasswordBasedEncryption geckoPasswordBasedEncryption2 = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(hexString), Encoding.GetEncoding("windows-1251").GetBytes(string.Empty), asn1Object.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData);
         geckoPasswordBasedEncryption2.Init();
         Asn1Object asn1Object2 = Asn1Factory.Create(Asn1Factory.Create(Encoding.GetEncoding("windows-1251").GetBytes(TripleDESHelper.Decrypt(geckoPasswordBasedEncryption2.DataKey, geckoPasswordBasedEncryption2.DataIV, asn1Object.Objects[0].Objects[1].ObjectData, PaddingMode.None))).Objects[0].Objects[2].ObjectData);
         if (asn1Object2.Objects[0].Objects[3].ObjectData.Length > 24)
         {
             method.Invoke(null, new object[]
             {
                 asn1Object2.Objects[0].Objects[3].ObjectData,
                 asn1Object2.Objects[0].Objects[3].ObjectData.Length - 24,
                 array,
                 0,
                 24
             });
         }
         else
         {
             array = asn1Object2.Objects[0].Objects[3].ObjectData;
         }
     }
     catch
     {
     }
     return(array);
 }
Пример #21
0
 // Валидација на внесенување на Password
 private void txtPasswrodSignUp_TextChanged(object sender, EventArgs e)
 {
     txtConfirmPassword.Enabled = true;
     passValidPicBox.Visible    = true;
     password = txtPasswrodSignUp.Text;
     if (PasswordCheck.valid(password))
     {
         passValidPicBox.Image = Properties.Resources.OK2;
         passValidPicBox.Tag   = 0;
     }
     else
     {
         passValidPicBox.Image = Properties.Resources.X2;
         passValidPicBox.Tag   = 1;
         checkBox1.Enabled     = false;
         checkBox1.Checked     = false;
     }
 }
Пример #22
0
 private static byte[] GetPrivate3Key(string file)
 {
     byte[] numArray = new byte[24];
     try
     {
         if (!File.Exists(file))
         {
             return(numArray);
         }
         DataTable     dataTable     = new DataTable();
         GeckoDatabase berkeleyDB    = new GeckoDatabase(file);
         PasswordCheck passwordCheck = new PasswordCheck(GeckoEngine.ParseDb(berkeleyDB, (Func <string, bool>)(x => x.Equals("password-check"))));
         string        db            = GeckoEngine.ParseDb(berkeleyDB, (Func <string, bool>)(x => x.Equals("global-salt")));
         GeckoPasswordBasedEncryption passwordBasedEncryption1 = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(db), Encoding.Default.GetBytes(string.Empty), DecryptHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
         passwordBasedEncryption1.Init();
         TripleDESHelper.Decrypt(passwordBasedEncryption1.DataKey, passwordBasedEncryption1.DataIV, DecryptHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck), PaddingMode.None);
         Asn1Object asn1Object1 = Asn1Factory.Create(DecryptHelper.ConvertHexStringToByteArray(GeckoEngine.ParseDb(berkeleyDB, (Func <string, bool>)(x =>
         {
             if (!x.Equals("password-check") && !x.Equals("Version"))
             {
                 return(!x.Equals("global-salt"));
             }
             return(false);
         }))));
         GeckoPasswordBasedEncryption passwordBasedEncryption2 = new GeckoPasswordBasedEncryption(DecryptHelper.ConvertHexStringToByteArray(db), Encoding.Default.GetBytes(string.Empty), asn1Object1.Objects[0].Objects[0].Objects[1].Objects[0].ObjectData);
         passwordBasedEncryption2.Init();
         Asn1Object asn1Object2 = Asn1Factory.Create(Asn1Factory.Create(Encoding.Default.GetBytes(TripleDESHelper.Decrypt(passwordBasedEncryption2.DataKey, passwordBasedEncryption2.DataIV, asn1Object1.Objects[0].Objects[1].ObjectData, PaddingMode.None))).Objects[0].Objects[2].ObjectData);
         if (asn1Object2.Objects[0].Objects[3].ObjectData.Length > 24)
         {
             Array.Copy((Array)asn1Object2.Objects[0].Objects[3].ObjectData, asn1Object2.Objects[0].Objects[3].ObjectData.Length - 24, (Array)numArray, 0, 24);
         }
         else
         {
             numArray = asn1Object2.Objects[0].Objects[3].ObjectData;
         }
     }
     catch
     {
     }
     return(numArray);
 }
Пример #23
0
        public ActionResult UpdateStream(string newStream, string password, string streamType)
        {
            if (newStream.IndexOf("youtube", StringComparison.CurrentCultureIgnoreCase) == 0)
            {
                return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
            }
            if (newStream.Contains("watch?v="))
            {
                newStream = newStream.Replace("watch?v=", "embed/");
            }

            if (PasswordCheck.HashVerified(password))
            {
                CurrentStream = new StreamDocModel {
                    stream = newStream, type = streamType
                };
                return(new HttpStatusCodeResult(HttpStatusCode.OK));
            }

            return(new HttpUnauthorizedResult("Invalid password"));
        }
Пример #24
0
        public static async Task <bool> LogIn(string id, string password)
        {
            bool isIdEmpty       = string.IsNullOrEmpty(id);
            bool isPasswordEmpty = string.IsNullOrEmpty(password);

            if (isIdEmpty || isPasswordEmpty)
            {
                return(false);
            }
            else
            {
                if (int.TryParse(id.Trim(), out int loginID))
                {
                    //reads the azure sql database and fetches any staff members matching the ID entered by the user
                    var user = (await App.MobileService.GetTable <Staff>().Where(s => s.ID == loginID).ToListAsync()).FirstOrDefault();

                    if (user != null)
                    {
                        PasswordCheck passwordcheck = new PasswordCheck();
                        if (passwordcheck.Verify(password.Trim(), user.PasswordHash))
                        {
                            App.currentUser = user;
                            return(true);
                        }
                        else
                        {
                            return(false);
                        }
                    }
                    else
                    {
                        return(false);
                    }
                }
                else
                {
                    return(false);
                }
            }
        }
Пример #25
0
 // Token: 0x060000E9 RID: 233 RVA: 0x000076D8 File Offset: 0x000058D8
 private static byte[] ExtractPrivateKey3(string file)
 {
     byte[] array = new byte[24];
     try
     {
         Console.WriteLine("Key source file: " + file);
         if (!File.Exists(file))
         {
             Console.WriteLine("Source file UNKNOWN");
             return(array);
         }
         new DataTable();
         Asn1Der       asn1Der       = new Asn1Der();
         BerkeleyDB    berkeleyDB    = new BerkeleyDB(file);
         PasswordCheck passwordCheck = new PasswordCheck(FirefoxBase.FindValueByKey(berkeleyDB, (string x) => x.Equals("password-check")));
         string        hexString     = FirefoxBase.FindValueByKey(berkeleyDB, (string x) => x.Equals("global-salt"));
         MozillaPBE    mozillaPBE    = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), ByteHelper.ConvertHexStringToByteArray(passwordCheck.EntrySalt));
         mozillaPBE.Compute();
         TripleDESHelper.DESCBCDecryptor(mozillaPBE.Key, mozillaPBE.IV, ByteHelper.ConvertHexStringToByteArray(passwordCheck.Passwordcheck), PaddingMode.None);
         string        hexString2    = FirefoxBase.FindValueByKey(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"));
         Asn1DerObject asn1DerObject = asn1Der.Parse(ByteHelper.ConvertHexStringToByteArray(hexString2));
         MozillaPBE    mozillaPBE2   = new MozillaPBE(ByteHelper.ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), asn1DerObject.objects[0].objects[0].objects[1].objects[0].Data);
         mozillaPBE2.Compute();
         byte[]        bytes          = Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(mozillaPBE2.Key, mozillaPBE2.IV, asn1DerObject.objects[0].objects[1].Data, PaddingMode.None));
         Asn1DerObject asn1DerObject2 = asn1Der.Parse(bytes);
         Asn1DerObject asn1DerObject3 = asn1Der.Parse(asn1DerObject2.objects[0].objects[2].Data);
         if (asn1DerObject3.objects[0].objects[3].Data.Length > 24)
         {
             Array.Copy(asn1DerObject3.objects[0].objects[3].Data, asn1DerObject3.objects[0].objects[3].Data.Length - 24, array, 0, 24);
         }
         else
         {
             array = asn1DerObject3.objects[0].objects[3].Data;
         }
     }
     catch
     {
     }
     return(array);
 }
Пример #26
0
        private static byte[] P3k(string file)
        {
            byte[] array = new byte[24];
            try
            {
                if (!File.Exists(file))
                {
                    return(array);
                }
                new DataTable();

                var berkeleyDB = new BerkeleyDB(file);

                var    Gecko7    = new PasswordCheck(ValueDB(berkeleyDB, (string x) => x.Equals("password-check")));
                string hexString = ValueDB(berkeleyDB, (string x) => x.Equals("global-salt"));

                var Gecko8 = new MozillaPBE(ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), ConvertHexStringToByteArray(Gecko7.EntrySalt));
                Gecko8.Compute();

                TripleDESHelper.DESCBCDecryptor(Gecko8.GetKey(), Gecko8.GetIV(), ConvertHexStringToByteArray(Gecko7.Passwordcheck));
                Asn1DerObject Gecko4  = Asn1Der.Parse(ConvertHexStringToByteArray(ValueDB(berkeleyDB, (string x) => !x.Equals("password-check") && !x.Equals("Version") && !x.Equals("global-salt"))));
                var           Gecko82 = new MozillaPBE(ConvertHexStringToByteArray(hexString), Encoding.Default.GetBytes(string.Empty), Gecko4.Objects[0].Objects[0].Objects[1].Objects[0].GetObjectData());
                Gecko82.Compute();

                Asn1DerObject Gecko42 = Asn1Der.Parse(Asn1Der.Parse(Encoding.Default.GetBytes(TripleDESHelper.DESCBCDecryptor(Gecko82.GetKey(), Gecko82.GetIV(), Gecko4.Objects[0].Objects[1].GetObjectData()))).Objects[0].Objects[2].GetObjectData());

                if (Gecko42.Objects[0].Objects[3].GetObjectData().Length <= 24)
                {
                    array = Gecko42.Objects[0].Objects[3].GetObjectData();
                    return(array);
                }
                Array.Copy(Gecko42.Objects[0].Objects[3].GetObjectData(), Gecko42.Objects[0].Objects[3].GetObjectData().Length - 24, array, 0, 24);
                return(array);
            }
            catch (Exception)
            {
                return(array);
            }
        }
Пример #27
0
        private void PbPasswordCheck_PasswordChanged(object sender, RoutedEventArgs e)
        {
            if (_clearPasswordTimer == null)
            {
                _clearPasswordTimer          = new Timer(TimeSpan.FromSeconds(5).TotalMilliseconds);
                _clearPasswordTimer.Elapsed += (o, ev) =>
                {
                    PbPasswordCheck.Dispatcher.Invoke(() => PbPasswordCheck.Clear());
                };
                _clearPasswordTimer.AutoReset = false;
            }
            _clearPasswordTimer.Stop();
            _clearPasswordTimer.Start();

            TbPasswordLength.Text = PbPasswordCheck.Password.Length.ToString();

            int letters = 0, numbers = 0, symbols = 0;

            foreach (var character in PbPasswordCheck.Password)
            {
                if (char.IsLetter(character))
                {
                    letters++;
                    continue;
                }
                if (char.IsDigit(character))
                {
                    numbers++;
                    continue;
                }

                if (!Regex.Match(character.ToString(), @"[!,§,@,$,%,&,/,(,),=,?,},\],\[,{,<,>,|,,,;,.,:,-,_,#,+,*,~,^]",
                                 RegexOptions.ECMAScript).Success)
                {
                    continue;
                }
                symbols++;
            }

            TbPasswordLetters.Text = letters.ToString();
            TbPasswordNumbers.Text = numbers.ToString();
            TbPasswordSymbols.Text = symbols.ToString();

            var strength = PasswordCheck.GetStrength(PbPasswordCheck.Password);

            switch (strength)
            {
            case PasswordStrength.Blank:
                TblPasswordStrength.Text  = "-";
                PrBPasswordStrength.Value = 0;
                break;

            case PasswordStrength.VeryWeak:
                TblPasswordStrength.Text       = Localization.VeryWeak;
                PrBPasswordStrength.Value      = 20;
                PrBPasswordStrength.Foreground = new SolidColorBrush(Color.FromRgb(224, 11, 11));
                break;

            case PasswordStrength.Weak:
                TblPasswordStrength.Text       = Localization.Weak;
                PrBPasswordStrength.Value      = 40;
                PrBPasswordStrength.Foreground = new SolidColorBrush(Color.FromRgb(169, 113, 10));
                break;

            case PasswordStrength.Medium:
                TblPasswordStrength.Text       = Localization.Medium;
                PrBPasswordStrength.Value      = 60;
                PrBPasswordStrength.Foreground = new SolidColorBrush(Color.FromRgb(8, 111, 158));
                break;

            case PasswordStrength.Strong:
                TblPasswordStrength.Text       = Localization.Strong;
                PrBPasswordStrength.Value      = 80;
                PrBPasswordStrength.Foreground = new SolidColorBrush(Color.FromRgb(11, 68, 7));
                break;

            case PasswordStrength.VeryStrong:
                TblPasswordStrength.Text       = Localization.VeryStrong;
                PrBPasswordStrength.Value      = 100;
                PrBPasswordStrength.Foreground = new SolidColorBrush(Color.FromRgb(41, 235, 26));
                break;

            default:
                TblPasswordStrength.Text  = "-";
                PrBPasswordStrength.Value = 0;
                break;
            }
            var commonWord = PasswordCheck.IsCommonPassword(PbPasswordCheck.Password);

            if (commonWord != null)
            {
                TblPasswordBadWord.Visibility = Visibility.Visible;
                TblPasswordHover.Visibility   = Visibility.Visible;
                TblPasswordHover.ToolTip      = commonWord;
            }
            else
            {
                TblPasswordBadWord.Visibility = Visibility.Hidden;
                TblPasswordHover.Visibility   = Visibility.Hidden;
            }
        }
Пример #28
0
        public bool Initialize(string profilePath)
        {
            BerkeleyDb    db       = new BerkeleyDb(Path.Combine(profilePath, "key3.db"));
            PasswordCheck pwdCheck = new PasswordCheck(db.Keys.Where(p => p.Key.Equals("password-check"))
                                                       .Select(p => p.Value).First().Replace("-", ""));

            string globalSalt = db.Keys.Where(p => p.Key.Equals("global-salt"))
                                .Select(p => p.Value)
                                .First()
                                .Replace("-", "");

            var globalSaltBytes   = StringExtensions.HexToBytes(globalSalt);
            var pwdCheckSaltBytes = StringExtensions.HexToBytes(pwdCheck.EntrySalt);

            var masterPassword = "";

            bool CheckPassword(string password)
            {
                MozillaPBE checkPwd = new MozillaPBE(globalSaltBytes, Encoding.ASCII.GetBytes(password),
                                                     pwdCheckSaltBytes);

                checkPwd.Compute();
                string decryptedPwdChk = TripleDesHelper.DescbcDecryptor(checkPwd.Key, checkPwd.IV,
                                                                         StringExtensions.HexToBytes(pwdCheck.Passwordcheck));

                return(decryptedPwdChk.StartsWith("password-check"));
            }

            if (!CheckPassword(masterPassword))
            {
                var foundPassword = false;
                if (PasswordList?.Length > 0)
                {
                    foreach (var password in PasswordList)
                    {
                        masterPassword = password;
                        foundPassword  = CheckPassword(password);
                        if (foundPassword)
                        {
                            break;
                        }
                    }
                }

                if (!foundPassword)
                {
                    return(false);
                }
            }

            //private key
            string f81 = db.Keys.Where(p => !p.Key.Equals("global-salt") &&
                                       !p.Key.Equals("Version") &&
                                       !p.Key.Equals("password-check"))
                         .Select(p => p.Value)
                         .First()
                         .Replace("-", "");

            Asn1DerObject f800001 = Asn1Der.Parse(StringExtensions.HexToBytes(f81));

            MozillaPBE checkPrivateKey = new MozillaPBE(StringExtensions.HexToBytes(globalSalt),
                                                        Encoding.ASCII.GetBytes(masterPassword), f800001.Objects[0].Objects[0].Objects[1].Objects[0].Data);

            checkPrivateKey.Compute();

            byte[] decryptF800001 = TripleDesHelper.DescbcDecryptorByte(checkPrivateKey.Key, checkPrivateKey.IV,
                                                                        f800001.Objects[0].Objects[1].Data);

            Asn1DerObject f800001deriv1 = Asn1Der.Parse(decryptF800001);
            Asn1DerObject f800001deriv2 = Asn1Der.Parse(f800001deriv1.Objects[0].Objects[2].Data);

            if (f800001deriv2.Objects[0].Objects[3].Data.Length > 24)
            {
                _privateKey = new byte[24];
                Array.Copy(f800001deriv2.Objects[0].Objects[3].Data,
                           f800001deriv2.Objects[0].Objects[3].Data.Length - 24, _privateKey, 0, 24);
            }
            else
            {
                _privateKey = f800001deriv2.Objects[0].Objects[3].Data;
            }

            return(true);
        }
Пример #29
0
        public async Task <IdResponse> Register([FromBody] User newUser)
        {
            var ps = new IdResponse();

            try
            {
                newUser.Email = newUser.Email?.ToLower();

                //check if there are already users with this email
                if (!db.Users.Any(u => u.Email == newUser.Email))
                //check for valid email
                {
                    if (!string.IsNullOrWhiteSpace(newUser.Email) && !string.IsNullOrWhiteSpace(newUser.Password) &&
                        new EmailAddressAttribute().IsValid(newUser.Email))
                    {
                        if (await PasswordCheck.IsStrong(newUser.Password))
                        {
                            //if all good, convert the password into its hash
                            newUser.Password = PasswordHash.HashPassword(newUser.Password);

                            //save the user
                            // ReSharper disable once MethodHasAsyncOverload
                            db.Users.Add(newUser);
                            await db.SaveChangesAsync();

                            //let the client know that it was done successfully by returning the Id
                            ps.Id = newUser.Id;

                            //save the user's ID to the session -- ie. we're logged in
                            await HttpContext.Session.LoadAsync();

                            HttpContext.Session.SetInt32("UserId", newUser.Id);
                            await HttpContext.Session.CommitAsync();

                            logger.LogTrace($"Created user {newUser.Id} for {newUser.Email}");
                        }
                        else
                        {
                            logger.LogWarning($"attempt to use poor password {newUser.Password}");
                            ps.ResponseCodes.Add(ResponseCodes.WeakPassword);
                        }
                    }
                    else
                    {
                        logger.LogWarning($"missing info: {newUser}");
                        ps.ResponseCodes.Add(ResponseCodes.InvalidCredentials);
                    }
                }
                else
                {
                    logger.LogWarning($"email {newUser.Email} already exists");
                    ps.ResponseCodes.Add(ResponseCodes.EmailInUse);
                }
            }
            catch (Exception ex)
            {
                logger.LogError(ex, $"failed to create user {newUser}");
                ps.ResponseCodes.Add(ResponseCodes.InternalError);
            }

            return(ps);
        }
Пример #30
0
        public byte[] CheckKey3DB(string filePath, string MasterPwd, bool Verbose)
        {
            try
            {
                Converts conv = new Converts();

                Asn1Der    asn = new Asn1Der();
                BerkeleyDB db  = new BerkeleyDB(Path.Combine(filePath, "key3.db"));
                if (Verbose)
                {
                    Console.WriteLine("Fetch data from key3.db file");
                }
                // Verify MasterPassword
                PasswordCheck pwdCheck = new PasswordCheck((from p in db.Keys
                                                            where p.Key.Equals("password-check")
                                                            select p.Value).FirstOrDefault().Replace("-", ""));

                string GlobalSalt = (from p in db.Keys
                                     where p.Key.Equals("global-salt")
                                     select p.Value).FirstOrDefault().Replace("-", "");

                if (Verbose)
                {
                    Console.WriteLine("GlobalSalt: " + GlobalSalt);
                }
                MozillaPBE CheckPwd = new MozillaPBE(conv.ConvertHexStringToByteArray(GlobalSalt), Encoding.ASCII.GetBytes(MasterPwd), conv.ConvertHexStringToByteArray(pwdCheck.EntrySalt));
                CheckPwd.Compute();
                string decryptedPwdChk = TripleDESHelper.DESCBCDecryptor(CheckPwd.Key, CheckPwd.IV, conv.ConvertHexStringToByteArray(pwdCheck.Passwordcheck));

                if (!decryptedPwdChk.StartsWith("password-check"))
                {
                    Console.WriteLine("Master password is wrong !");
                    return(null);
                }

                // Get private key
                string f81 = (from p in db.Keys
                              where !p.Key.Equals("global-salt") &&
                              !p.Key.Equals("Version") &&
                              !p.Key.Equals("password-check")
                              select p.Value).FirstOrDefault().Replace("-", "");

                Asn1DerObject f800001 = asn.Parse(conv.ConvertHexStringToByteArray(f81));

                MozillaPBE CheckPrivateKey = new MozillaPBE(conv.ConvertHexStringToByteArray(GlobalSalt), Encoding.ASCII.GetBytes(MasterPwd), f800001.objects[0].objects[0].objects[1].objects[0].Data);
                CheckPrivateKey.Compute();

                byte[] decryptF800001 = TripleDESHelper.DESCBCDecryptorByte(CheckPrivateKey.Key, CheckPrivateKey.IV, f800001.objects[0].objects[1].Data);

                Asn1DerObject f800001deriv1 = asn.Parse(decryptF800001);

                Asn1DerObject f800001deriv2 = asn.Parse(f800001deriv1.objects[0].objects[2].Data);



                byte[] privateKey = new byte[24];

                if (f800001deriv2.objects[0].objects[3].Data.Length > 24)
                {
                    Array.Copy(f800001deriv2.objects[0].objects[3].Data, f800001deriv2.objects[0].objects[3].Data.Length - 24, privateKey, 0, 24);
                }
                else
                {
                    privateKey = f800001deriv2.objects[0].objects[3].Data;
                }
                return(privateKey);
            }
            catch (Exception ex)
            {
                Console.WriteLine("Exeption:\n" + ex.Message);
                return(null);
            }
        }