/// <summary> /// Validates a password using two hash values /// </summary> public static bool ValidatePasswordHashV1(PasswordRequestv1 request) { Validation.IsNotNull(request, "request"); if (request.PlainPassword == request.PreHash || request.PlainPassword == request.PostHash) { return(false); } return(ValidatePasswordV2(request)); }
/// <summary> /// /// </summary> public static string ComputeHashV1(PasswordRequestv1 request) { Validation.IsNotNull(request, "request"); using (SHA1 sha = new SHA1CryptoServiceProvider()) { var p1 = Convert.FromBase64String(request.PreHash); var p2 = System.Text.Encoding.Unicode.GetBytes(request.PlainPassword); var p3 = Convert.FromBase64String(request.PostHash); var data = new byte[p1.Length + p2.Length + p3.Length]; p1.CopyTo(data, 0); p2.CopyTo(data, p1.Length); p3.CopyTo(data, p3.Length); return(Convert.ToBase64String(sha.ComputeHash(data))); } }
private static bool ValidatePasswordV2(PasswordRequestv1 request) { Validation.IsNotNull(request, "request"); return(request.HashedPassword.Equals(ComputeHashV1(request))); }
private static string GeneratePasswordHashV1(PasswordRequestv1 request) { Validation.IsNotNull(request, "request"); return(request.PlainPassword); }