/// <summary>
/// Returns true if user is valid in the database
/// </summary>
/// <param name="userName"></param>
/// <param name="password"></param>
/// <returns></returns>
public bool AuthenticateUser(string userName, string password)
{
bool ValidUser = false;
DataSet ds = this.GetActiveUsersForUserName(userName);
if (ds.Tables[0].Rows.Count > 0)
{
// Instantiate the Decryptor object
KeyDecryptor Dec = new KeyDecryptor(this.Algorithm);
// Get the password key
string StoredKey = this.GetPasswordKey();
byte[] Key = Convert.FromBase64String(StoredKey);
// Decrypt the password stored in the database and compare it to the given password
string Base64IV = ds.Tables[0].Rows[0]["IV"].ToString();
string Base64Password = ds.Tables[0].Rows[0]["Password"].ToString();
Dec.IV = Convert.FromBase64String(Base64IV);
byte[] CipherText = Convert.FromBase64String(Base64Password);
byte[] PlainText = Dec.Decrypt(CipherText, Key);
if (Encoding.ASCII.GetString(PlainText) == password)
{
ValidUser = true;
}
}
return(ValidUser);
}
/// <summary>
/// Decrypt the given password with the given initialization vector
/// </summary>
/// <param name="password"></param>
/// <param name="iv"></param>
/// <returns></returns>
public string DecryptPassword(string password, string iv)
{
// Instantiate the Decryptor object
KeyDecryptor Dec = new KeyDecryptor(this.Algorithm);
// Get the password key
string StoredKey = this.GetPasswordKey();
byte[] Key = Convert.FromBase64String(StoredKey);
// Decrypt the password
Dec.IV = Convert.FromBase64String(iv);
byte[] CipherText = Convert.FromBase64String(password);
byte[] PlainText = Dec.Decrypt(CipherText, Key);
return(Encoding.ASCII.GetString(PlainText));
}
