API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Dec 31st, 2016
107
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.91 KB | None | 0 0
raw download clone embed print report
  1. namespace WindowsFormsApplication2
  2. {
  3. public partial class loginpage : Form
  4. {
  5. public loginpage()
  6. {
  7. InitializeComponent();
  8. }
  9.  
  10. // Connection String
  11. string cs = @"Data Source=MS-LAPTOPSQLEXPRESS;Initial Catalog=break;Integrated Security=True;User Instance=False;Context Connection=False;MultiSubnetFailover=False;TransparentNetworkIPResolution=False";
  12. //btn_Submit Click event
  13.  
  14. public sealed class SecurePasswordHasher
  15. {
  16. /// <summary>
  17. /// Size of salt
  18. /// </summary>
  19. private const int SaltSize = 16;
  20.  
  21. /// <summary>
  22. /// Size of hash
  23. /// </summary>
  24. private const int HashSize = 20;
  25.  
  26. /// <summary>
  27. /// Creates a hash from a password
  28. /// </summary>
  29. /// <param name="password">the password</param>
  30. /// <param name="iterations">number of iterations</param>
  31. /// <returns>the hash</returns>
  32. public static string Hash(string password, int iterations)
  33. {
  34. //create salt
  35. byte[] salt;
  36. new RNGCryptoServiceProvider().GetBytes(salt = new byte[SaltSize]);
  37.  
  38. //create hash
  39. var pbkdf2 = new Rfc2898DeriveBytes(password, salt, iterations);
  40. var hash = pbkdf2.GetBytes(HashSize);
  41.  
  42. //combine salt and hash
  43. var hashBytes = new byte[SaltSize + HashSize];
  44. Array.Copy(salt, 0, hashBytes, 0, SaltSize);
  45. Array.Copy(hash, 0, hashBytes, SaltSize, HashSize);
  46.  
  47. //convert to base64
  48. var base64Hash = Convert.ToBase64String(hashBytes);
  49.  
  50. //format hash with extra information
  51. return string.Format("$MYHASH$V1${0}${1}", iterations, base64Hash);
  52. }
  53.  
  54. /// <summary>
  55. /// Creates a hash from a password with 10000 iterations
  56. /// </summary>
  57. /// <param name="password">the password</param>
  58. /// <returns>the hash</returns>
  59. public static string Hash(string password)
  60. {
  61. return Hash(password, 10000);
  62. }
  63.  
  64. /// <summary>
  65. /// Check if hash is supported
  66. /// </summary>
  67. /// <param name="hashString">the hash</param>
  68. /// <returns>is supported?</returns>
  69. public static bool IsHashSupported(string hashString)
  70. {
  71. return hashString.Contains("$MYHASH$V1$");
  72. }
  73.  
  74. /// <summary>
  75. /// verify a password against a hash
  76. /// </summary>
  77. /// <param name="password">the password</param>
  78. /// <param name="hashedPassword">the hash</param>
  79. /// <returns>could be verified?</returns>
  80. public static bool Verify(string password, string hashedPassword)
  81. {
  82. //check hash
  83. if (!IsHashSupported(hashedPassword))
  84. {
  85. throw new NotSupportedException("The hashtype is not supported");
  86. }
  87.  
  88. //extract iteration and Base64 string
  89. var splittedHashString = hashedPassword.Replace("$MYHASH$V1$", "").Split('$');
  90. var iterations = int.Parse(splittedHashString[0]);
  91. var base64Hash = splittedHashString[1];
  92.  
  93. //get hashbytes
  94. var hashBytes = Convert.FromBase64String(base64Hash);
  95.  
  96. //get salt
  97. var salt = new byte[SaltSize];
  98. Array.Copy(hashBytes, 0, salt, 0, SaltSize);
  99.  
  100. //create hash with given salt
  101. var pbkdf2 = new Rfc2898DeriveBytes(password, salt, iterations);
  102. byte[] hash = pbkdf2.GetBytes(HashSize);
  103.  
  104. //get result
  105. for (var i = 0; i < HashSize; i++)
  106. {
  107. if (hashBytes[i + SaltSize] != hash[i])
  108. {
  109. return false;
  110. }
  111. }
  112. return true;
  113. }
  114. }
  115.  
  116. private void button2_Click(object sender, EventArgs e)
  117. {
  118. //Hash
  119. var hash = SecurePasswordHasher.Hash("password");
  120.  
  121. //Verify
  122. var result = SecurePasswordHasher.Verify("password", hash);
  123.  
  124. if (txtUsername.Text == "" || txt_Password.Text == "")
  125. {
  126. MessageBox.Show("Please provide a Username and Password");
  127. return;
  128. }
  129.  
  130. try
  131. {
  132. //Create SqlConnection
  133. SqlConnection con = new SqlConnection(cs);
  134.  
  135. SqlCommand cmd = new SqlCommand("Select * from tabl_login where UserName = @username and Password = @password", con);
  136. cmd.Parameters.AddWithValue("@username", txtUsername.Text);
  137. cmd.Parameters.AddWithValue("@password", txt_Password.Text);
  138.  
  139. con.Open();
  140.  
  141. SqlDataAdapter adapt = new SqlDataAdapter(cmd);
  142. DataSet ds = new DataSet();
  143. adapt.Fill(ds);
  144.  
  145. con.Close();
  146.  
  147. int count = ds.Tables[0].Rows.Count;
  148.  
  149. //If count is equal to 1, than show frmMain form
  150. if (count == 1)
  151. {
  152. MessageBox.Show("Login Successful!");
  153.  
  154. Form1 objFrmMain = new Form1();
  155. this.Hide();
  156. objFrmMain.ShowDialog();
  157. this.Close();
  158. }
  159. else
  160. {
  161. MessageBox.Show("Login Failed!");
  162. }
  163. }
  164. catch (Exception ex)
  165. {
  166. MessageBox.Show(ex.Message);
  167. }
  168. }
  169.  
  170. private void button1_Click_1(object sender, EventArgs e)
  171. {
  172. Application.Exit();
  173. }
  174. }
  175. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!