示例#1
0
 public static void CalculateSHA256(Stream a_stream, out byte[] a_hash)
 {
     using (System.Security.Cryptography.SHA256Cng sha256 = new System.Security.Cryptography.SHA256Cng())
     {
         a_hash = sha256.ComputeHash(a_stream);
     }
 }
示例#2
0
 public static void CalculateSHA256(Stream a_stream, out byte[] a_hash)
 {
     using (System.Security.Cryptography.SHA256Cng sha256 = new System.Security.Cryptography.SHA256Cng())
     {
         a_hash = sha256.ComputeHash(a_stream);
     }
 }
示例#3
0
 public static string CalculateSHA256(Stream a_stream)
 {
     using (System.Security.Cryptography.SHA256Cng sha256 = new System.Security.Cryptography.SHA256Cng())
     {
         byte[] hash = sha256.ComputeHash(a_stream);
         return ConvertBytesToHexString(hash, true);
     }
 }
示例#4
0
 public static string CalculateSHA256(Stream a_stream)
 {
     using (System.Security.Cryptography.SHA256Cng sha256 = new System.Security.Cryptography.SHA256Cng())
     {
         byte[] hash = sha256.ComputeHash(a_stream);
         return(ConvertBytesToHexString(hash, true));
     }
 }
示例#5
0
        public static string generateHash(string salt, string password)
        {
            byte[] saltB = Convert.FromBase64String(salt);

            byte[] passwordB     = System.Text.Encoding.UTF8.GetBytes(password);
            var    hashAlgorithm = new System.Security.Cryptography.SHA256Cng();

            byte[] passwordHashB = hashAlgorithm.ComputeHash(passwordB.Concat(saltB).ToArray());
            return(Convert.ToBase64String(passwordHashB));
        }
示例#6
0
        public Claim Login(LoginRequest loginModel)
        {
            if (loginModel == null)
            {
                throw new SSOBaseException("Login Model required.", HttpStatusCode.BadRequest);
            }

            var user = _db.Users.SingleOrDefault(u => u.Username.Equals(loginModel.Username));

            if (user == null)
            {
                throw new WrongCredentialsException();
            }

            byte[] saltB = Convert.FromBase64String(user.Salt);

            byte[] passwordB     = System.Text.Encoding.UTF8.GetBytes(loginModel.Password);
            var    hashAlgorithm = new System.Security.Cryptography.SHA256Cng();

            byte[] passwordHashB = hashAlgorithm.ComputeHash(passwordB.Concat(saltB).ToArray());
            var    passwordHashS = Convert.ToBase64String(passwordHashB);

            // TODO change database password field to nvarchar
            // 44 is length of
            if (!passwordHashS.Equals(user.Password.Substring(0, 44)))
            {
                throw new WrongCredentialsException();
            }

            // Succeful login
            // Make token
            var rng = new System.Security.Cryptography.RNGCryptoServiceProvider();

            byte[] tokenB = new byte[40];
            rng.GetBytes(tokenB);

            //Convert to hex
            String tokenHex = BitConverter.ToString(tokenB).Replace("-", String.Empty);
            Claim  claim    = new Claim();

            claim.Token   = tokenHex;
            claim.Valid   = "1";
            claim.Created = DateTime.Now;
            claim.User    = user;

            _db.Claims.Add(claim);
            _db.SaveChanges();

            return(claim);
        }
示例#7
0
        public ActionResult Register(RegisterRequest registerModel)
        {
            if (registerModel == null)
            {
                throw new ArgumentNullException();
            }
            //TODO check model validation and throw ModelValidatoinException if neede
            if (!checkPassword(registerModel.Password))
            {
                throw new WeakPasswordException();
            }
            if (_db.Users.SingleOrDefault(u => u.Username.Equals(registerModel.Username)) != null)
            {
                // User with same username already exists
                throw new UsernameExistsException(registerModel.Username);
            }
            if (_db.UserInfoes.SingleOrDefault(u => u.Email.Equals(registerModel.Email)) != null)
            {
                // User with same email already exists
                throw new EmailExistsException(registerModel.Email);
            }

            // Make salt
            var rng = new System.Security.Cryptography.RNGCryptoServiceProvider();

            // Salt should be long at least as hash algorith output. Sha256 output iz 32 bytes long.
            byte[] saltB = new byte[32];
            rng.GetBytes(saltB);
            var saltS = Convert.ToBase64String(saltB);

            // Make hash with salt
            byte[] passwordB     = System.Text.Encoding.UTF8.GetBytes(registerModel.Password);
            var    hashAlgorithm = new System.Security.Cryptography.SHA256Cng();

            byte[] passwordHashB = hashAlgorithm.ComputeHash(passwordB.Concat(saltB).ToArray());
            var    passwordHashS = Convert.ToBase64String(passwordHashB);

            // Make new user
            User newUser = new User();

            newUser.Username = registerModel.Username;
            newUser.Salt     = saltS;
            newUser.Password = passwordHashS;

            UserInfo info = new UserInfo();

            info.Email     = registerModel.Email;
            info.FirstName = registerModel.FirstName;
            info.LastName  = registerModel.LastName;

            info.User = newUser;

            //Save user

            _db.UserInfoes.Add(info);
            _db.SaveChanges();

            return(new ActionResult {
                Message = "Successfully registered."
            });
        }