Пример #1
0
        /// <summary>
        ///  Changes the password.
        /// </summary>
        /// <returns>
        ///  The new identity to be stored
        /// </returns>
        /// <param name='oldPassword'>
        ///  Old password.
        /// </param>
        /// <param name='oldSalt'>
        ///  Old salt.
        /// </param>
        /// <param name='newPassword'>
        ///  New password.
        /// </param>
        /// <param name='masterIdentityKey'>
        ///  Master identity key.
        /// </param>
        public SqrlIdentity ChangePassword(string oldPassword, byte[] oldSalt, string newPassword, byte[] masterIdentityKey)
        {
            var identity = new SqrlIdentity();
            var rngCsp   = new RNGCryptoServiceProvider();

            // calculate the master key
            var oldPasswordKey = _pbkdfHandler.GeneratePasswordKey(oldPassword, oldSalt);
            var masterKey      = Xor(oldPasswordKey, masterIdentityKey);

            // generate new salt
            identity.Salt = new byte[8];
            rngCsp.GetBytes(identity.Salt);

            // generate the new password key
            var newPasswordKey = _pbkdfHandler.GeneratePasswordKey(newPassword, identity.Salt);

            // get the partial hash for password verification
            identity.PartialPasswordHash = _pbkdfHandler.GetPartialHashFromPasswordKey(newPasswordKey);

            // XOR the master key and the new password key to get the master identity key
            identity.MasterIdentityKey = Xor(newPasswordKey, masterKey);

            Array.Clear(masterKey, 0, masterKey.Length);
            Array.Clear(oldPasswordKey, 0, oldPasswordKey.Length);
            Array.Clear(newPasswordKey, 0, newPasswordKey.Length);

            return(identity);
        }
Пример #2
0
        /// <summary>
        ///  Creates an identity for use with SQRL.
        /// </summary>
        /// <returns>
        ///  All the data needed to define an identity.
        /// </returns>
        /// <param name='password'>
        ///  The password.
        /// </param>
        /// <param name='entropy'>
        ///  Random data from some non-deterministic source that allows for more secure master key generation.
        /// </param>
        public SqrlIdentity CreateIdentity(string password, byte[] entropy)
        {
            var identity = new SqrlIdentity();

            identity.Salt = new byte[8];
            var masterKey = new byte[32];

            var rngCsp = new RNGCryptoServiceProvider();
            var sha256 = SHA256Managed.Create();

            rngCsp.GetBytes(identity.Salt);
            rngCsp.GetBytes(masterKey);

            // XOR the generated master key with the entropy (making any potential backdoors in the implementation of RNGCryptoServiceProvider irrelevent)
            masterKey = Xor(masterKey, sha256.ComputeHash(entropy));

            // call the SCrypt PBKDF to create the password key
            var passwordKey = _pbkdfHandler.GeneratePasswordKey(password, identity.Salt);

            // get the partial hash for password verification
            identity.PartialPasswordHash = _pbkdfHandler.GetPartialHashFromPasswordKey(passwordKey);

            // XOR the master key and the password key to get the master identity key
            identity.MasterIdentityKey = Xor(passwordKey, masterKey);

            Array.Clear(masterKey, 0, masterKey.Length);
            Array.Clear(passwordKey, 0, passwordKey.Length);

            return(identity);
        }
Пример #3
0
        public PasswordDialog(SqrlIdentity identity)
        {
            this.Build();

            Identity = identity;

            this.Title = string.Format("Enter Password for {0}", identity.Name);
        }
Пример #4
0
    private SqrlIdentity CreateNewIdentity()
    {
        SqrlIdentity identity = null;
        var          dlg      = new CreateIdentityDialog();

        var response = (ResponseType)dlg.Run();

        if (response == ResponseType.Ok)
        {
            identity      = _sqrlClient.CreateIdentity(dlg.Password, Encoding.UTF8.GetBytes(DateTime.Now.ToLongDateString()));
            identity.Name = dlg.IdentityName;
        }

        dlg.Destroy();

        return(identity);
    }
Пример #5
0
 /// <summary>
 ///  Verifies the password.
 /// </summary>
 /// <returns>
 ///  True if the password is correct.
 /// </returns>
 /// <param name='password'>
 ///  The password.
 /// </param>
 /// <param name='identity'>
 ///  The identity to verify against.
 /// </param>
 public bool VerifyPassword(string password, SqrlIdentity identity)
 {
     return(_pbkdfHandler.VerifyPassword(password, identity.Salt, identity.PartialPasswordHash));
 }
Пример #6
0
 /// <summary>
 ///  Gets the sqrl data for login.
 /// </summary>
 /// <returns>
 ///  The sqrl data for login.
 /// </returns>
 /// <param name='identity'>
 ///  The identity.
 /// </param>
 /// <param name='password'>
 ///  The password.
 /// </param>
 /// <param name='url'>
 ///  The URL.
 /// </param>
 public SqrlData GetSqrlDataForLogin(SqrlIdentity identity, string password, string url)
 {
     return(GetSqrlDataForLogin(identity.MasterIdentityKey, password, identity.Salt, url));
 }