diff --git a/App_Code/VERAG_VARIABLES.vb b/App_Code/VERAG_VARIABLES.vb index 420e385..500f089 100644 --- a/App_Code/VERAG_VARIABLES.vb +++ b/App_Code/VERAG_VARIABLES.vb @@ -34,7 +34,7 @@ Public Class VERAG_VARIABLES Argon.Salt = salt Argon.DegreeOfParallelism = 24 Argon.Iterations = nIterations - Argon.MemorySize = ((nIterations * 1 + nIterations / 2 * 2) / 1.05) + 1 * 150 + Argon.MemorySize = ((nIterations * 1 - nIterations / 2 * 2) / 1.05) + 1 * 150 Return Await Argon.GetBytesAsync(nHash) 'Return Convert.ToBase64String(Argon.GetBytes(nHash)) 'Return Argon.GetBytes(nHash) diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb index ee72d35..cfde3ea 100644 --- a/login/ForgotPW.aspx.vb +++ b/login/ForgotPW.aspx.vb @@ -834,43 +834,49 @@ Partial Class ForgotPW Return sb.ToString() End Function - Protected Sub btn_Testmail_Click(sender As Object, e As EventArgs) + Protected Async Sub btn_Testmail_Click(sender As Object, e As EventArgs) Dim username As String = "userwithlongername" Dim Passw As String = "Test1!W" Dim email As String = "ja@verag.ag" Dim CustomerID As String = "717585" Dim TheusrID As String = "3" Dim tokentest As String = genToken(username, Passw, email, CustomerID, True, True, True, False, TheusrID) + Dim hashtoken As Byte() + Dim iterationnumb As Integer = VERAG_VARIABLES.getiterationnumber + Dim nzahl As Integer = RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10)) 'Dim salttoken As String = gensaltToken(username, Passw, email, CustomerID, True, True, True, False, TheusrID) 'MsgBox(salttoken) If Session.Item("TokenforEmail") = Nothing Then tokentest = genToken(username, Passw, email, CustomerID, True, True, True, False, TheusrID) Session.Add("TokenforEmail", tokentest) Session.Add("SessID", VERAG_PROG_ALLGEMEIN.cCryptography.Encrypt(Session.SessionID)) + hashtoken = Await VERAG_VARIABLES.HashPassword(tokentest, salt, iterationnumb, nzahl) Else tokentest = Session.Item("TokenforEmail") End If - - If SendEmail(username, Passw, email, tokentest, CustomerID, True, True, True, False, TheusrID) = True Then - 'password = RandomString(New Random, 10) - If getDateoftoken(tokentest) = True Then - 'Dim msgboxstyle = vbDefaultButton1 + vbOK - 'MsgBox(tokenname, msgboxstyle) - lblMessage_M.ForeColor = Color.Green - lblMessage_M.Text = "Token generated successfully." - 'MsgBox("Token generated successfully.") - Else - lblMessage_M.ForeColor = Color.Red - VERAG_VARIABLES.seterrorcount(100) - lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Token is not valid anymore. Please generate a new one by sending a new e-mail!" - 'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!") - - If Session.Item("TokenforEmail") = Nothing Then - tokentest = genToken(username, Passw, email, CustomerID, True, True, True, False, TheusrID) - Session.Add("TokenforEmail", tokentest) + If Await VERAG_VARIABLES.Verifyhash(tokentest, salt, hashtoken, iterationnumb, nzahl) = True Then + If SendEmail(username, Passw, email, tokentest, CustomerID, True, True, True, False, TheusrID) = True Then + 'password = RandomString(New Random, 10) + If getDateoftoken(tokentest) = True Then + 'Dim msgboxstyle = vbDefaultButton1 + vbOK + 'MsgBox(tokenname, msgboxstyle) + lblMessage_M.ForeColor = Color.Green + lblMessage_M.Text = "Token generated successfully." + 'MsgBox("Token generated successfully.") Else - tokentest = Session.Item("TokenforEmail") + lblMessage_M.ForeColor = Color.Red + VERAG_VARIABLES.seterrorcount(100) + lblMessage_M.Text = VERAG_VARIABLES.geterrornumb + "Token is not valid anymore. Please generate a new one by sending a new e-mail!" + 'MsgBox("Token is not valid anymore. Please generate a new one by sending a new e-mail!") + + If Session.Item("TokenforEmail") = Nothing Then + tokentest = genToken(username, Passw, email, CustomerID, True, True, True, False, TheusrID) + Session.Add("TokenforEmail", tokentest) + Else + tokentest = Session.Item("TokenforEmail") + End If End If + Else End If 'SendEmail(username, password, email) 'MsgBox("Mail would be sent successfully!")