Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- UPDATE AspNetUsers SET NormalizedEmail = UPPER(Email), NormalizedUserName = UPPER(Email)
- WHERE NormalizedEmail IS NULL
- public class ApplicationUser : IdentityUser
- {
- public PasswordHashVersion HashVersion { get; set; }
- public ApplicationUser()
- {
- this.HashVersion = PasswordHashVersion.Core;
- }
- }
- public enum PasswordHashVersion
- {
- OldMvc,
- Core
- }
- public class OldMvcPasswordHasher : PasswordHasher<ApplicationUser>
- {
- public override PasswordVerificationResult VerifyHashedPassword(ApplicationUser user, string hashedPassword, string providedPassword)
- {
- // if it's new algorithm version, delegate the call to parent class
- if (user.HashVersion == PasswordHashVersion.Core)
- return base.VerifyHashedPassword(user, hashedPassword, providedPassword);
- byte[] buffer4;
- if (hashedPassword == null)
- {
- return PasswordVerificationResult.Failed;
- }
- if (providedPassword == null)
- {
- throw new ArgumentNullException("providedPassword");
- }
- byte[] src = Convert.FromBase64String(hashedPassword);
- if ((src.Length != 0x31) || (src[0] != 0))
- {
- return PasswordVerificationResult.Failed;
- }
- byte[] dst = new byte[0x10];
- Buffer.BlockCopy(src, 1, dst, 0, 0x10);
- byte[] buffer3 = new byte[0x20];
- Buffer.BlockCopy(src, 0x11, buffer3, 0, 0x20);
- using (Rfc2898DeriveBytes bytes = new Rfc2898DeriveBytes(providedPassword, dst, 0x3e8))
- {
- buffer4 = bytes.GetBytes(0x20);
- }
- if (AreHashesEqual(buffer3, buffer4))
- {
- user.HashVersion = PasswordHashVersion.Core;
- return PasswordVerificationResult.SuccessRehashNeeded;
- }
- return PasswordVerificationResult.Failed;
- }
- private bool AreHashesEqual(byte[] firstHash, byte[] secondHash)
- {
- int _minHashLength = firstHash.Length <= secondHash.Length ? firstHash.Length : secondHash.Length;
- var xor = firstHash.Length ^ secondHash.Length;
- for (int i = 0; i < _minHashLength; i++)
- xor |= firstHash[i] ^ secondHash[i];
- return 0 == xor;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement