/// <summary> /// Checks whether a given string matches a hash. /// </summary> /// <param name="inputSecureString">The SecureString of the text to check.</param> /// <param name="hashSecureString">The SecureString of the hash to validate against.</param> /// <returns>Returns whether the string is valid.</returns> public static bool Validate(SecureString inputSecureString, SecureString hashSecureString) { string input = CredentialSet.ConvertToString(inputSecureString); string hash = CredentialSet.ConvertToString(hashSecureString); string[] splitHash = hash.Split(PBKDF2Delimiter); int iterations = int.Parse(Encoding.UTF8.GetString(Convert.FromBase64String(splitHash[PBKDF2IterationIndex]))); byte[] saltBytes = Convert.FromBase64String(splitHash[PBKDF2SaltIndex]); byte[] hashBytes = Convert.FromBase64String(splitHash[PBKDF2HashIndex]); byte[] testHash = GetPBKDF2Bytes(input, saltBytes, iterations, hashBytes.Length); return(Check(hashBytes, testHash)); }
public Session(SecureString mainKeyInput) { MainKeyInput = mainKeyInput; // Check to see if the password file exists. if (!File.Exists(Program.GetPasswordFilepath())) { throw new FileNotFoundException("The password file was not found! It was expected to be found at " + Program.GetPasswordFilepath() + ". Restarting the program would most likely help."); } // Retrieve the text in the password file. string[] passwordFileText = File.ReadAllLines(Program.GetPasswordFilepath()); CredentialFile = new SecureString[passwordFileText.Length]; for (int i = 0; i < passwordFileText.Length; i++) { CredentialFile[i] = CredentialSet.ConvertToSecureString(passwordFileText[i]); } MainKeyStored = CredentialFile[0]; // Compare the given hash with the stored hash. MainKeyInput = mainKeyInput; KeysMatch = SecurityHelper.Validate(CredentialSet.ConvertToString(MainKeyInput), CredentialSet.ConvertToString(MainKeyStored)); }
