Changeset 3965

Timestamp:

06/26/10 15:56:15 (14 years ago)

Author:

jhaider

Message:

added support for Cryptography (#1046)

Location:

branches/HeuristicLab.Services.Authentication Prototype

Files:

• Service/Provider/HeuristicLabMembershipProvider.cs (modified) (8 diffs)
• UnitTests/HeuristicLabMembershipProviderTest.cs (modified) (1 diff)

branches/HeuristicLab.Services.Authentication Prototype/Service/Provider/HeuristicLabMembershipProvider.cs

@@ -3 +3 @@
 using System.Configuration;
 using System.Configuration.Provider;
+using System.IO;
 using System.Linq;
 using System.Security.Cryptography;
@@ -22 +23 @@
     private int pMinRequiredPasswordLength;
     private MembershipPasswordFormat pPasswordFormat = MembershipPasswordFormat.Clear;
-    private MachineKeySection machineKey;
-
 
     public override void Initialize(string name, NameValueCollection config) {
@@ -71 +70 @@
           throw new ProviderException("Password format not supported.");
       }
-
-      // Get encryption and decryption key information from the configuration.
-      Configuration cfg =
-        WebConfigurationManager.OpenWebConfiguration(System.Web.Hosting.HostingEnvironment.ApplicationVirtualPath);
-      machineKey = (MachineKeySection)cfg.GetSection("system.web/machineKey");
-
-      if (machineKey.ValidationKey.Contains("AutoGenerate"))
-        if (PasswordFormat != MembershipPasswordFormat.Clear)
-          throw new ProviderException("Hashed or Encrypted passwords " +
-                                      "are not supported with auto-generated keys.");
     }
 
@@ -154 +143 @@
           // create new user
           HeuristicLabUser u = new HeuristicLabUser(username, email, passwordQuestion, "");
+          password = EncodePassword(password);
           u.ChangePassword("INIT", password);
           u.ChangePasswordQuestionAndAnswer(password, passwordQuestion, passwordAnswer);
@@ -346 +336 @@
           break;
         case MembershipPasswordFormat.Hashed:
-          HMACSHA1 hash = new HMACSHA1();
-          hash.Key = HexToByte(machineKey.ValidationKey);
-          encodedPassword =
-            Convert.ToBase64String(hash.ComputeHash(Encoding.Unicode.GetBytes(password)));
+          SHA512 sha512 = SHA512.Create();
+          ASCIIEncoding encoder = new ASCIIEncoding();
+          byte[] combined = encoder.GetBytes(password);
+          sha512.ComputeHash(combined);
+          encodedPassword = Convert.ToBase64String(sha512.Hash);
           break;
         default:
@@ -358 +349 @@
     }
 
+    private readonly byte[] _rgbKey = new byte[]
+                           {
+                             182, 140, 37, 101, 52, 157, 80, 17, 65, 35, 130, 208, 101, 68, 161, 45, 197, 102, 112, 190,
+                             187, 177, 37, 76, 63, 38, 190, 117, 247, 122, 94, 17
+                           };
+    private readonly byte[] _rgbIv = new byte[] { 60, 121, 178, 142, 50, 160, 226, 84, 41, 66, 158, 180, 26, 232, 42, 113 };
+
+    protected override byte[] EncryptPassword(byte[] password) {
+      SymmetricAlgorithm sa = Aes.Create();
+      MemoryStream msEncrypt = new MemoryStream();
+      CryptoStream csEncrypt = new CryptoStream(msEncrypt, sa.CreateEncryptor(_rgbKey, _rgbIv), CryptoStreamMode.Write);
+      csEncrypt.Write(password, 0, password.Length);
+      csEncrypt.Close();
+      byte[] encryptedTextBytes = msEncrypt.ToArray();
+      msEncrypt.Close();
+      return encryptedTextBytes;
+    }
+
+    protected override byte[] DecryptPassword(byte[] encodedPassword) {
+      SymmetricAlgorithm sa = Aes.Create();
+      MemoryStream msDecrypt = new MemoryStream(encodedPassword);
+      CryptoStream csDecrypt = new CryptoStream(msDecrypt, sa.CreateDecryptor(_rgbKey, _rgbIv), CryptoStreamMode.Read);
+      byte[] decryptedTextBytes = new Byte[encodedPassword.Length];
+      csDecrypt.Read(decryptedTextBytes, 0, encodedPassword.Length);
+      csDecrypt.Close();
+      msDecrypt.Close();
+      return decryptedTextBytes;
+    }
 
     /// <summary>
@@ -372 +391 @@
         case MembershipPasswordFormat.Encrypted:
           password =
-            Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password)));
+            Encoding.Unicode.GetString(DecryptPassword(Convert.FromBase64String(password))).TrimEnd('\0');
+
+
           break;
         case MembershipPasswordFormat.Hashed:
@@ -381 +402 @@
 
       return password;
-    }
-
-    /// <summary>
-    /// returns byte array  of an HexString
-    /// </summary>
-    /// <param name="hexString"></param>
-    /// <returns></returns>
-    private static byte[] HexToByte(string hexString) {
-      byte[] returnBytes = new byte[hexString.Length / 2];
-      for (int i = 0; i < returnBytes.Length; i++)
-        returnBytes[i] = Convert.ToByte(hexString.Substring(i * 2, 2), 16);
-      return returnBytes;
     }
 

branches/HeuristicLab.Services.Authentication Prototype/UnitTests/HeuristicLabMembershipProviderTest.cs

@@ -202 +202 @@
     public void ValidateUserTestEncrypted() {
       HeuristicLabMembershipProvider target = new HeuristicLabMembershipProvider();
+      NameValueCollection config = new NameValueCollection();
+      config.Add("passwordFormat", "Encrypted");
+      target.Initialize("", config);
+      MembershipCreateStatus status;
+      target.CreateUser("testname", "newPassword", "testemail", "testquestion", "testanswer", true, null, out status);
+      Assert.IsTrue(target.ValidateUser("testname", "newPassword"));
+    }
+
+    /// <summary>
+    ///A test for ValidateUser
+    ///</summary>
+    [TestMethod()]
+    public void ValidateUserTestHashed() {
+      HeuristicLabMembershipProvider target = new HeuristicLabMembershipProvider();
       NameValueCollection  config = new NameValueCollection();
-      config.Add("passwordFormat", "Encrypted");
+      config.Add("passwordFormat", "Hashed");
       target.Initialize("",config);
       MembershipCreateStatus status;