public void ValidarNovaSenha() { string password = "******"; HashWithSaltResult hwsr = ControleSenha.Instance.GerarNovaSenha(password); Assert.IsTrue(ControleSenha.Instance.ValidarSenhaAtual(hwsr, password)); }
public static Korisnik LoginUser(LoginModel user) { ResultModel result = new ResultModel(); Korisnik kor = null; //login user using (var db = new ggwpDBEntities()) { string dbSalt = "ggwp"; PWSHasher pwHasher = new PWSHasher(); byte[] saltBytes = Encoding.ASCII.GetBytes(dbSalt); HashWithSaltResult hashResult = pwHasher.HashWithGivenSalt(user.password, 64, saltBytes); try { kor = db.Korisnik.Where(x => x.username.Equals(user.username)).SingleOrDefault(); } catch (InvalidOperationException ex) { return(null); } if (hashResult.Digest.Equals(kor.password) && user.username.Equals(kor.username)) { result.SetResults(KorisnikToModel(kor), true); } else { kor = null; } } return(kor); }
public static ResultModel CreateUser(UserModel user) { ResultModel result = new ResultModel(); //create new user PWSHasher pwHasher = new PWSHasher(); byte[] saltBytes = Encoding.ASCII.GetBytes("ggwp"); HashWithSaltResult hashResult = pwHasher.HashWithGivenSalt(user.password, 64, saltBytes); user.password = hashResult.Digest; using (var db = new ggwpDBEntities()) { Korisnik newKorisnik = new Korisnik(); newKorisnik.username = user.username; newKorisnik.password = user.password; newKorisnik.email = user.email; newKorisnik.ime = user.ime; newKorisnik.dob = user.dob; db.Korisnik.Add(newKorisnik); db.SaveChanges(); user.id = newKorisnik.id; result.SetResults(user, true); } return(result); }
public async Task <int> AddApplicationAsync(ApplicationCreateDto applicationCreateDto) { if (applicationCreateDto == null || string.IsNullOrWhiteSpace(applicationCreateDto.DisplayName) || string.IsNullOrWhiteSpace(applicationCreateDto.Password)) { throw new ArgumentException("Application name and password must be provided."); } if (await _applicationRepository.TryGetByDisplayNameAsync(applicationCreateDto.DisplayName) != null) { throw new ArgumentException($"Application with DisplayName {applicationCreateDto.DisplayName} already exists."); } ApplicationEntity application = applicationCreateDto.ToApplication(); HashWithSaltResult hashWithSaltResultDto = _passwordWithSaltHasher.HashPassword(applicationCreateDto.Password); application.PasswordHash = hashWithSaltResultDto.Hash; application.PasswordSalt = hashWithSaltResultDto.Salt; _applicationRepository.Add(application); await _unitOfWork.CommitAsync(); return(application.Id); }
private void BtnConfirmar_Click(object sender, EventArgs e) { if (string.IsNullOrWhiteSpace(SenNova.Text) || string.IsNullOrWhiteSpace(ConfSenha.Text) || string.IsNullOrWhiteSpace(SenAtual.Text)) { MessageBox.Show("Os campos senha, confirmar ou senha atual estão vazios"); return; } if (!ControleSenha.Instance.ValidarSenhas(SenNova.Text, ConfSenha.Text)) { MessageBox.Show("As senhas digitadas nos campos senha e confirmar senha devem ser iguais."); return; } if (!ControleSenha.Instance.ValidarSenhaAtual(HashWithSalt, SenAtual.Text)) { MessageBox.Show("A senha atual não está correta"); return; } HashWithSaltResult hashWithSalt = ControleSenha.Instance.GerarNovaSenha(SenNova.Text); HashWithSalt = hashWithSalt; LimparCampos(); Close(); }
public bool CheckPassword(string password, string hash, string salt) { byte[] passwordBytes = Encoding.Unicode.GetBytes(password); byte[] saltBytes = Convert.FromBase64String(salt); HashWithSaltResult result = HashPassword(passwordBytes, saltBytes); return(result.Hash == hash); }
public void HashWithSaltTest() { PasswordHashing ph = new PasswordHashing(); string password = "******"; HashWithSaltResult hashResult = ph.HashWithSalt(password, 64, SHA512.Create()); HashWithSaltResult hashResult2 = ph.HashWithSalt(password, hashResult.Salt, SHA512.Create()); Assert.AreEqual <string>(hashResult.CipherText, hashResult2.CipherText); }
public void ValidarNovaSenha() { PasswordWithSaltHasher pws = new PasswordWithSaltHasher(); string password = "******"; HashWithSaltResult hwsr = pws.HashWithSalt(password, 64, SHA512.Create()); HashWithSaltResult hwsr2 = pws.HashWithSalt(password, hwsr.Salt, SHA512.Create()); Assert.AreEqual(hwsr.Digest, hwsr2.Digest); }
public void WhenHashingPasswordThenValidPasswordIsMatched(string password) { // Arrange IPasswordWithSaltHasher passwordHasher = new PasswordWithSaltHasherSha512(); // Act HashWithSaltResult hashResult = passwordHasher.HashPassword(password); bool isMatched = passwordHasher.CheckPassword(password, hashResult.Hash, hashResult.Salt); // Assert Assert.AreEqual(true, isMatched); }
public void WhenHashingPasswordThenWrongPasswordIsUnmatched(string password) { // Arrange IPasswordWithSaltHasher passwordHasher = new PasswordWithSaltHasherSha512(); string wrongPassword = password + "wrong"; // Act HashWithSaltResult hashResult = passwordHasher.HashPassword(password); bool isMatched = passwordHasher.CheckPassword(wrongPassword, hashResult.Hash, hashResult.Salt); // Assert Assert.AreEqual(false, isMatched); }
private async void RegistrerNewUser(UserRegistrationData usRegData) { fbUserRegistration = new FbUserRegistration(); string macAddres = HelperUserData.GetMacAddress(); string localIP = HelperUserData.GetLocalIPAddress(); HashWithSaltResult hashSalt = HelperUserData.HashWithSalt(usRegData.Pass, 32, new SHA256Managed()); string pSalt = hashSalt.Salt; string hasPass = hashSalt.Digest; UserDB userDB = new UserDB(usRegData.UserName, macAddres, pSalt, hasPass); await fbUserRegistration.CreateNewUser(userDB, usRegData.Pass, usRegData.Email, OnUserRegistrationErrorMesage); GameSceneManager.Instance.SetActiveWaitForLoad(false); }
public void Consulta_ItemSelecionado(Usuario obj) { PasswordWithSaltHasher pwHasher = new PasswordWithSaltHasher(); HashWithSalt = pwHasher.HashWithSalt(obj.HashSenha, 64, SHA512.Create()); HashWithSaltResult hashWithSaltResult = new HashWithSaltResult(HashWithSalt.Salt, HashWithSalt.Digest); UsuarioAtual = obj; Codigo.Text = obj.Codigo.ToString(); hashWithSaltResult.Digest = obj.HashSenha; hashWithSaltResult.Salt = obj.HashSalt; HashWithSalt = hashWithSaltResult; Nome.Text = obj.Nome; Login.Text = obj.Login; Tipo.SelectedItem = obj.Tipo; }
public static HashWithSaltResult HashPassword(string password) { PasswordWithSaltHasher pwHasher = new PasswordWithSaltHasher(); HashWithSaltResult hashResultSha256 = new HashWithSaltResult(); try { hashResultSha256 = pwHasher.HashWithSalt(password, 64, SHA256.Create()); } catch (Exception ex) { Logger.Exception(ex, System.Reflection.MethodBase.GetCurrentMethod().Name); } return(hashResultSha256); }
public bool ResetPassword(string userAuth, string newPassword) { IEnumerable <Claim> claims = JwtManager.JwtTokenGetClaims(userAuth); string email = claims.FirstOrDefault(claim => claim.Type == "Email").Value; string Password = claims.FirstOrDefault(claim => claim.Type == "Password").Value; User user = GetUserByEmail(email); if (user.Password == Password) { HashWithSaltResult hashResultSha256 = pwHasher.HashWithSalt(newPassword, user.Email); string newHashPassword = hashResultSha256.Digest + hashResultSha256.Salt; userCRUD.ResetPassword(user, newHashPassword); return(true); } return(false); }
public ErrorMessage CreateInfluencerUser(InfluencerUser user) { //Unvalid - if(ValidationUtil.ValidateInfluenceUser(user)) if (true) { try { if (!userCRUD.IsEmailExist((user.Email))) { HashWithSaltResult hashResultSha256 = pwHasher.HashWithSalt(user.Password, user.Email); user.Password = hashResultSha256.Digest + hashResultSha256.Salt; userCRUD.AddUser(user); ErrorMessage message = new ErrorMessage { Code = HttpStatusCode.OK }; return message; } else { ErrorMessage message = new ErrorMessage { Message = "Mail already exists!", Code = HttpStatusCode.Unauthorized }; return message; } } catch (Exception e) { throw e; } } else { ErrorMessage message = new ErrorMessage { Message = "Validation Error", Code = HttpStatusCode.InternalServerError }; return message; } }
/// <summary> /// Tries to register user on db /// </summary> /// <param name="user"></param> /// <returns></returns> public static bool registerUser(UserData user) { bool result = false; string SQLRegisterUser = "******" + "(@userName, @cipherText, @salt, 0, 3)"; // Generate salt for user to use on password PasswordHashing ph = new PasswordHashing(); HashWithSaltResult hashResult = ph.HashWithSalt(user.password, 64, SHA512.Create()); using (Con = new SqlConnection(DBConnection.DbConnectionString)) { int insertedAfflicted = Con.Execute(SQLRegisterUser, new { userName = user.userName, cipherText = hashResult.CipherText, salt = hashResult.Salt }); if (insertedAfflicted > 0) { result = true; } } return(result); }
public ErrorMessage Login(LoginModal loginModal) { if (string.IsNullOrEmpty(loginModal.Email) || string.IsNullOrEmpty(loginModal.Password)) { ErrorMessage message = new ErrorMessage { Code = HttpStatusCode.NotModified, Message = "Validation Error" }; return(message); } else { try { HashWithSaltResult hashResultSha256 = pwHasher.HashWithSalt(loginModal.Password, loginModal.Email); loginModal.Password = hashResultSha256.Digest + hashResultSha256.Salt; User user = usersCRUD.Login(loginModal); if (user != null) { ErrorMessage message = new ErrorMessage { Code = HttpStatusCode.OK, }; return(message); } else { ErrorMessage message = new ErrorMessage { Code = HttpStatusCode.NotModified, Message = "Validation Error" }; return(message); } } catch (Exception e) { throw e; } } }
/// <summary> /// Verifies user password with salt on db /// </summary> /// <param name="user">The user to try to login with</param> /// <returns></returns> public static bool loginUser(UserData user) { bool result = false; string SQLLoginUser = "******"; PasswordHashing ph = new PasswordHashing(); // Get Salt and check agains server entry string salt = getUserSalt(user); if (salt != null) { HashWithSaltResult hashResult = ph.HashWithSalt(user.password, salt, SHA512.Create()); using (Con = new SqlConnection(DBConnection.DbConnectionString)) { int vertices = Con.Query <int>(SQLLoginUser, new { userName = user.userName, password = hashResult.CipherText }).FirstOrDefault(); if (vertices >= 3) { result = true; } ; } } ; return(result); }