diff --git a/App_Code/LinkFactory.vb b/App_Code/LinkFactory.vb
new file mode 100644
index 0000000..94211d1
--- /dev/null
+++ b/App_Code/LinkFactory.vb
@@ -0,0 +1,12 @@
+Imports System.Threading.Tasks
+Imports Microsoft.VisualBasic
+
+Public Class LinkFactory
+ Public Shared Async Function createLink(link As String, par1 As String, par2 As String, par3 As String) As Threading.Tasks.Task(Of String)
+ Dim factorymain As StringBuilder = New StringBuilder(link)
+ factorymain.AppendFormat("?P1={1}&P2={2}", par1, par2, par3)
+ Dim result As String = factorymain.ToString
+ Await Task.Delay(2)
+ Return result
+ End Function
+End Class
diff --git a/App_Code/TestPerformance.vb b/App_Code/TestPerformance.vb
index 75aa904..70ae32e 100644
--- a/App_Code/TestPerformance.vb
+++ b/App_Code/TestPerformance.vb
@@ -117,7 +117,6 @@ Public Class TestPerformance
Public Shared finalzeit As Long
Public Shared Function TestHashrateServer(zahlint As Integer) As Byte()
- Dim arrkeys As New List(Of Byte())
Dim arrzahl As New List(Of Integer)
Dim arrzahl_iterats As New List(Of Integer)
Dim hashbytes As New List(Of Byte())
@@ -125,12 +124,13 @@ Public Class TestPerformance
Dim arrzeitp2 As New List(Of Long)
Dim arrzeitp3 As New List(Of Long)
Dim finalarr As New List(Of Byte())
+ Dim hashsalts As New List(Of Byte())
Dim sw1 As Stopwatch = New Stopwatch
Dim sw2 As Stopwatch = New Stopwatch
Dim finalhash As Byte()
For zahl As Integer = 0 To zahlint
sw1.Start()
- arrkeys.Add(VERAG_VARIABLES.GenerateSalt(zahlint))
+ hashsalts.Add(VERAG_VARIABLES.GenerateSalt(arrzahl(zahl)))
arrzahl_iterats.Add(VERAG_VARIABLES.getiterationnumber)
arrzahl.Add(zahlint)
sw1.Stop()
@@ -140,7 +140,7 @@ Public Class TestPerformance
Dim pw As String = "qV64nS4"
For zahl As Integer = 0 To zahlint
sw2.Start()
- hashbytes.Add(VERAG_VARIABLES.HashPassword(pw, arrkeys(zahl), arrzahl_iterats(zahl), arrzahl(zahl)))
+ hashbytes.Add(VERAG_VARIABLES.HashPassword(pw, hashsalts(zahl), arrzahl_iterats(zahl), arrzahl(zahl)))
sw2.Stop()
arrzeitp2.Add(sw2.ElapsedMilliseconds)
sw2.Reset()
diff --git a/App_Code/VERAG_VARIABLES.vb b/App_Code/VERAG_VARIABLES.vb
index a18c1f7..1ff59a7 100644
--- a/App_Code/VERAG_VARIABLES.vb
+++ b/App_Code/VERAG_VARIABLES.vb
@@ -4,7 +4,7 @@ Imports Konscious.Security.Cryptography
Public Class VERAG_VARIABLES
Public Shared errornumb As Integer = 0
Shared Function getiterationnumber() As Integer
- Return RandomInteger(Math.Pow(2, 4), Math.Pow(2, 11))
+ Return RandomInteger(Math.Pow(2, 4), Math.Pow(2, 10))
End Function
Shared Sub initerrorcount()
@@ -31,25 +31,25 @@ Public Class VERAG_VARIABLES
'Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(password))
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
- Dim Argon As Argon2d = New Argon2d(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password)))
+ Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password)))
Argon.Salt = salt
Argon.DegreeOfParallelism = 24
- Argon.Iterations = nIterations
- Argon.MemorySize = (((nIterations * 1.18 - (nIterations * 1.23) / 4 * 2) / 1.05) + 1 * 270)
+ Argon.Iterations = nIterations * 2
+ Argon.MemorySize = (((nIterations * 2.98 - (nIterations * 1.23) / 4 * 1.5) / 1.05) + 1 * 290)
Return Argon.GetBytes(nHash)
Else
- Dim Argon As Argon2d = New Argon2d(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password)))
- Argon.Salt = salt
- Argon.DegreeOfParallelism = 36
+ Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password)))
+ Argon.Salt = GenerateSalt(nHash)
+ Argon.DegreeOfParallelism = 48
Argon.Iterations = nIterations * 3
- Argon.MemorySize = (((nIterations * 1.385 - (nIterations * 0.56) / 1.95 * 2.28) / 5.18) + 1.024 * 316)
+ Argon.MemorySize = (((nIterations * 2.485 - (nIterations * 0.56) / 1.85 * 2.28) / 5.18) + 1.024 * 416)
Return Argon.GetBytes(nHash)
End If
End Function
- Public Shared Function Verifyhash(ByVal passw As String, ByVal salt As Byte(), ByVal hash As Byte(), ByVal nIterations As Integer, ByVal nHash As Integer) As Boolean
+ Public Shared Function Verifyhash(ByVal passw As String, salt As Byte(), ByVal hash As Byte(), ByVal nIterations As Integer, ByVal nHash As Integer) As Boolean
Dim newHash As Byte() = HashPassword(passw, salt, nIterations, nHash)
Return hash.SequenceEqual(newHash)
End Function
diff --git a/Berechnung Memorysize argon2.xlsx b/Berechnung Memorysize argon2.xlsx
index 27fb04e..de2feac 100644
Binary files a/Berechnung Memorysize argon2.xlsx and b/Berechnung Memorysize argon2.xlsx differ
diff --git a/Customers/LKWs.aspx b/Customers/LKWs.aspx
index 907367a..c92cc82 100644
--- a/Customers/LKWs.aspx
+++ b/Customers/LKWs.aspx
@@ -167,9 +167,9 @@
GueltBs = arrtemp[j];
j++;
KartNr = arrtemp[j];
- Pagemethods.filltable2(SDLNr, Bez, GueltBs, KartNr, onerror);
+ Pagemethods.filltable2(table,SDLNr, Bez, GueltBs, KartNr);
}
- addNewRow()
+ addNewRow();
}
function onFailure(error) {
alert(error);
@@ -186,10 +186,18 @@
for (let i = rowCount - 1; i > 0; i--) {
table_M.deleteRow(i);
}
- let arrtemp = tempstrarr_M.split(",")
- for (let j = 0; j < arrtemp.length; j++) {
- alert(arrtemp[j])
- }
+ let arrtemp_M = tempstrarr_M.split(",");
+ for (let j = 0; j < arrtemp_M.length; j++) {
+ SDLNr = arrtemp_M[j];
+ j++;
+ Bez = arrtemp_M[j];
+ j++;
+ GueltBs = arrtemp_M[j];
+ j++;
+ KartNr = arrtemp_M[j];
+ Pagemethods.filltable_M(table_M,SDLNr, Bez, GueltBs, KartNr, onerror);
+ }
+ addNewRow_M();
}
function buildtable_M(n, SDL,Bez, Dtguelt, KartNr) {
@@ -300,12 +308,32 @@
CardNr: KartNr,
};
}
-
+ const obj = JSON.parse(strtemp);
+
+ for (let i = 0; i <= obj.length; i++) {
+ let SDL = obj[i].result;
+ let Bez = obj[i++].result;
+ let Datguenstig = obj[i++].result;
+ let KartNr = obj[i++].result;
+ Pagemethods.filltable2(<%=tbl_mainpage%>, SDL, Bez, Datguenstig, KartNr)
+ }
+ }
+ function doPostBack_M(id, strtemp) {
+ let obj = JSON.parse(strtemp)
+ alert(obj.result)
+ for (let i = 0; i <= obj.length; i++) {
+ let SDL = obj[i].result;
+ let Bez = obj[i++].result;
+ let Datguenstig = obj[i++].result;
+ let KartNr = obj[i++].result;
+
+ Pagemethods.filltable2_M(<%=tbl_mainpage_M%>, SDL, Bez, Datguenstig, KartNr)
+ }
+ }
+
\ No newline at end of file
diff --git a/Customers/LKWs.aspx.vb b/Customers/LKWs.aspx.vb
index a9d1250..3b7582b 100644
--- a/Customers/LKWs.aspx.vb
+++ b/Customers/LKWs.aspx.vb
@@ -198,11 +198,11 @@ Partial Class LKWS
Protected Sub btn_Suchen_Click(sender As Object, e As EventArgs)
Dim txt_LkwNr As TextBox = txt_lkw
- 'list = VERAG_PROG_ALLGEMEIN.cSDL.GET_LIST_WEB(401940, "COOPER8")
+
list = VERAG_PROG_ALLGEMEIN.cSDL_LKW.GET_LIST_WEB(401940)
Dim tblhrow As TableHeaderRow = New TableHeaderRow()
Dim cnt As Integer = 0
-
+ Dim list3 As List(Of String) = New List(Of String)
tblhrow.Cells.Add(tbhc_KFZKennz)
tblhrow.Cells.Add(tbhc_Nat)
tblhrow.Cells.Add(tblhc_Verk)
@@ -220,6 +220,7 @@ Partial Class LKWS
Dim tc_Vermerk As TableCell = New TableCell()
tc_KfzKennz.Text = l2.KfzKennzeichen.ToString
tr2.Cells.Add(tc_KfzKennz)
+ Dim list5 = VERAG_PROG_ALLGEMEIN.cSDL.GET_LIST_WEB_LKW(401940, l2.KfzKennzeichen)
tc_Nationalitaet.Text = String.Empty
tr2.Cells.Add(tc_Nationalitaet)
Dim cbVerk_Such As CheckBox = New CheckBox()
@@ -246,11 +247,21 @@ Partial Class LKWS
tc_Vermerk.Text = l2.Vermerk.ToString
End If
tr2.Cells.Add(tc_Vermerk)
- initcells(tblhrow, tbhc_KFZKennz, tbhc_Nat, tblhc_Verk, tblhc_Kz, tblhc_Verm, tr2, tc_KfzKennz, tc_Nationalitaet, tc_Verk, tc_KZ_An, tc_Vermerk, cnt)
- tbl_sidemenue.Rows.Add(tr2)
- cnt += 1
- Next
+ For Each l5 In list5
+ Dim strstrtemp As String = String.Empty
+ If IsNothing(l5.Schadstoffklasse.ToString) = True Then
+ strstrtemp = "Keine Angabe!"
+ Else
+ strstrtemp = l5.Schadstoffklasse.ToString
+ End If
+ list3.Add(l5.SDLNr.ToString + "," + strstrtemp + "," + l5.GültigBis.ToString + "," + l5.KartenNr)
+ Next
+ initcells(tblhrow, tbhc_KFZKennz, tbhc_Nat, tblhc_Verk, tblhc_Kz, tblhc_Verm, tr2, tc_KfzKennz, tc_Nationalitaet, tc_Verk, tc_KZ_An, tc_Vermerk, cnt)
+ tr2.Attributes.Add("onclick", "Javascript:doPostBack('""" & tr2.Cells.Item(0).Text & """,""" & ConvertToJSON(list3) & """')")
+ tbl_sidemenue.Rows.Add(tr2)
+ cnt += 1
+ Next
End Sub
Protected Sub btn_Suchen_M_Click(sender As Object, e As EventArgs)
@@ -412,14 +423,14 @@ Partial Class LKWS
End If
tbl_mainpage_M.Rows.Clear()
list3.Add(strstrtemp)
- tr1_M.Attributes.Add("OnClick", "Javascript:TableRow_Click_M(""" & strtemp2 & """,""" & l3.KfzKennzeichen & """,""" & ConvertToJSON(list3) & """);")
+ tr1_M.Attributes.Add("OnClick", "Javascript:doPostBack_M('""" & tr1_M.Cells.Item(0).Text & """,""" & ConvertToJSON(list3) & """')")
tbl_2.Rows.Add(tr1_M)
cnt += 1
Next
End Sub
- Public Sub filltable2(SDLNr As String, Bezeichnung As String, GueltigBis As String, KartNr As String)
+ Public Sub filltable2(Tbl As Table, SDLNr As String, Bezeichnung As String, GueltigBis As String, KartNr As String)
Dim tc_SDLNr As TableCell = New TableCell
Dim tc_Bezeichnung As TableCell = New TableCell
Dim tc_GueltigBis As TableCell = New TableCell
@@ -433,6 +444,23 @@ Partial Class LKWS
tr.Cells.Add(tc_Bezeichnung)
tr.Cells.Add(tc_GueltigBis)
tr.Cells.Add(tc_KartNr)
- tbl_2.Rows.Add(tr)
+ Tbl.Rows.Add(tr)
+ End Sub
+
+ Public Sub filltable_M(Tbl As Table, SDLNr As String, Bezeichnung As String, GueltigBis As String, KartNr As String)
+ Dim tc_SDLNr As TableCell = New TableCell
+ Dim tc_Bezeichnung As TableCell = New TableCell
+ Dim tc_GueltigBis As TableCell = New TableCell
+ Dim tc_KartNr As TableCell = New TableCell
+ Dim tr_M As TableRow = New TableRow
+ tc_SDLNr.Text = SDLNr
+ tc_Bezeichnung.Text = Bezeichnung
+ tc_GueltigBis.Text = GueltigBis
+ tc_KartNr.Text = KartNr
+ tr_M.Cells.Add(tc_SDLNr)
+ tr_M.Cells.Add(tc_Bezeichnung)
+ tr_M.Cells.Add(tc_GueltigBis)
+ tr_M.Cells.Add(tc_KartNr)
+ Tbl.Rows.Add(tr_M)
End Sub
End Class
diff --git a/VERAG_Homepage.sln b/VERAG_Homepage.sln
index 65e050a..62b2e5b 100644
--- a/VERAG_Homepage.sln
+++ b/VERAG_Homepage.sln
@@ -6,7 +6,7 @@ MinimumVisualStudioVersion = 10.0.40219.1
Project("{E24C65DC-7377-472B-9ABA-BC803B73C61A}") = "VERAG_Homepage", "http://localhost:56551", "{11EF0CDA-BC19-40FB-91C4-25C81F3A27AC}"
ProjectSection(WebsiteProperties) = preProject
UseIISExpress = "true"
- TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.7.1"
+ TargetFrameworkMoniker = ".NETFramework,Version%3Dv4.7.2"
ProjectReferences = "{a3b497bd-842c-4a2b-b398-ed1976849df1}|VERAG_PROG_ALLGEMEIN.dll;"
Debug.AspNetCompiler.VirtualPath = "/localhost_56551"
Debug.AspNetCompiler.PhysicalPath = "..\VERAG_Homepage\"
diff --git a/Web.config b/Web.config
index 5902e9f..4b51ede 100644
--- a/Web.config
+++ b/Web.config
@@ -43,7 +43,7 @@
-->
-
+
-
@@ -71,10 +70,11 @@
-
-
+
+
+
@@ -178,6 +178,10 @@
+
+
+
+
diff --git a/login/Change_PW.aspx.vb b/login/Change_PW.aspx.vb
index 4dd009e..287242c 100644
--- a/login/Change_PW.aspx.vb
+++ b/login/Change_PW.aspx.vb
@@ -240,10 +240,10 @@ Partial Class login_Change_PW
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
End If
- Dim isPasswhash As Byte() = gensaltPassw(usrname, tempstr, salt, intzahliterats, intzahl, Email, Session.IsNewSession)
- Dim isPasswDBhash As Byte() = gensaltPassw(UsernameDB, pwDB, salt, intzahliterats, intzahl, EmailDB, Session.IsNewSession)
+ Dim isPasswhash As Byte() = gensaltPassw(usrname, tempstr, intzahliterats, intzahl, Email, Session.IsNewSession)
+ Dim isPasswDBhash As Byte() = gensaltPassw(UsernameDB, pwDB, intzahliterats, intzahl, EmailDB, Session.IsNewSession)
If regexval_txt_Pw.IsValid = True Then
- If VERAG_VARIABLES.Verifyhash(txt_Pw.Text, salt, isPasswhash, intzahliterats, intzahl) = True And VERAG_VARIABLES.Verifyhash(txt_Pw_WH.Text, salt, VERAG_VARIABLES.HashPassword(txt_Pw.Text, salt, intzahliterats, intzahl), intzahliterats, intzahl) = True Then
+ If VERAG_VARIABLES.Verifyhash(txt_Pw.Text, salt, isPasswDBhash, intzahliterats, intzahl) = True And VERAG_VARIABLES.Verifyhash(txt_Pw_WH.Text, salt, VERAG_VARIABLES.HashPassword(txt_Pw.Text, salt, intzahliterats, intzahl), intzahliterats, intzahl) = True Then
Using con As New SqlConnection(ConnectionString)
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [UserId]=@UserId")
' cmd.CommandType = CommandType.StoredProcedure
@@ -459,8 +459,8 @@ Partial Class login_Change_PW
End If
Using con As New SqlConnection(ConnectionString)
- Dim isPasswhash As Byte() = gensaltPassw(usrname, tempstr, salt, intzahliterats, intzahl, Email, Session.IsNewSession)
- Dim isPasswDBhash As Byte() = gensaltPassw(usrnmDB, pwDB, salt, intzahliterats, intzahl, EmailDB, Session.IsNewSession)
+ Dim isPasswhash As Byte() = gensaltPassw(usrname, tempstr, intzahliterats, intzahl, Email, Session.IsNewSession)
+ Dim isPasswDBhash As Byte() = gensaltPassw(usrnmDB, pwDB, intzahliterats, intzahl, EmailDB, Session.IsNewSession)
If regexval_txt_Pw.IsValid = True Then
If VERAG_VARIABLES.Verifyhash(tempstr, salt, isPasswhash, intzahliterats, intzahl) = True AndAlso VERAG_VARIABLES.Verifyhash(pwDB, salt, isPasswDBhash, intzahliterats, intzahl) = True Then
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND UserId=@UserId")
@@ -528,7 +528,7 @@ Partial Class login_Change_PW
End If
End Sub
- Function gensaltPassw(username As String, password As String, salt As Byte(), intzahliterats As Integer, intzahl As Integer, email As String, isnewSession As Boolean) As Byte()
+ Function gensaltPassw(username As String, password As String, intzahliterats As Integer, intzahl As Integer, email As String, isnewSession As Boolean) As Byte()
If isnewSession = False Then
Dim token As Byte()
'Dim tok As Byte = Convert.ToBase64String(time.Concat(Key).ToArray())
@@ -538,7 +538,7 @@ Partial Class login_Change_PW
End If
End Function
- Function gennewsaltToken(username As String, password As String, email As String, salt As Byte(), CustomerID As String, intzahlits As Integer, intzahl As Integer, isnewSession As Boolean, theUserID As String) As String
+ Function gennewsaltToken(username As String, password As String, email As String, CustomerID As String, intzahlits As Integer, intzahl As Integer, isnewSession As Boolean, theUserID As String) As String
If isnewSession = False Then
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
diff --git a/login/ForgotPW.aspx.vb b/login/ForgotPW.aspx.vb
index 5d2535d..51ea7ae 100644
--- a/login/ForgotPW.aspx.vb
+++ b/login/ForgotPW.aspx.vb
@@ -7,16 +7,18 @@ Imports System.Data
Imports System.Threading
Imports System.Threading.Tasks
Imports System.Security.Cryptography
-
+Imports System.Numerics
Partial Class ForgotPW
Inherits System.Web.UI.Page
Dim ConnectionString As String = String.Empty
Dim salt As Byte()
+ Dim zahlrand As Integer
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
VERAG_VARIABLES.initerrorcount()
- salt = VERAG_VARIABLES.GenerateSalt(RandomInteger(Math.Pow(2, 3), Math.Pow(2, 10)))
+ zahlrand = RandomInteger(Math.Pow(2, 3), Math.Pow(2, 7))
+ salt = VERAG_VARIABLES.GenerateSalt(zahlrand)
Else
Page.MaintainScrollPositionOnPostBack = False
VERAG_VARIABLES.initerrorcount()
@@ -215,7 +217,7 @@ Partial Class ForgotPW
tokenname = Session.Item("TokenforEmail")
End If
Dim intzahl As Integer = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 4), Math.Pow(2, 10))
- Dim hashdata As Byte() = VERAG_VARIABLES.HashPassword(tokenname, salt, VERAG_VARIABLES.getiterationnumber, intzahl)
+ Dim hashdata As Byte() = VERAG_VARIABLES.HashPassword(tokenname, VERAG_VARIABLES.GenerateSalt(intzahl), VERAG_VARIABLES.getiterationnumber, intzahl)
Session.Add("TokenHashtokenized", VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(Convert.ToBase64String(hashdata)))
If SendEmail(username, password, email, tokenname, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession, UserID) = True Then
'password = RandomString(New Random, 10)
@@ -609,7 +611,7 @@ Partial Class ForgotPW
Async Function Findtokenhashsalt(username As String, password As String, email As String, customerID As String, isusernameright As Boolean, isuserIDright As Boolean, isuserEmailright As Boolean, isnewsess As Boolean, UserID As String) As Task(Of String)
Dim t As Task(Of String)
t = Task.Run(Async Function() As Task(Of String)
- Return gensaltToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, isnewsess, UserID)
+ Return gensaltToken(username, password, email, customerID, isusernameright, isuserIDright, isuserEmailright, isnewsess, UserID, VERAG_VARIABLES.RandomInteger(Math.Pow(2, 4), Math.Pow(2, 7)))
End Function)
Return Await t
End Function
@@ -758,22 +760,20 @@ Partial Class ForgotPW
Return min + (max - min) * (one_byte(0) / 255)
End Function
- Function gensaltToken(username As String, password As String, email As String, CustomerID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, isnewSession As Boolean, theUserID As String) As String
+ Function gensaltToken(username As String, password As String, email As String, CustomerID As String, isusrnmright As Boolean, iscstmIDright As Boolean, isemailright As Boolean, isnewSession As Boolean, theUserID As String, intz As Integer) As String
If isnewSession = False Then
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
Dim token As Byte()
-
- Dim intzahl = RandomInteger(Math.Pow(2, 7), Math.Pow(2, 14))
- Dim intzahl2 = RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10))
- Dim intzahliterats = RandomInteger(Math.Pow(2, 5), Math.Pow(2, 10))
+ Dim intzahl = RandomInteger(Math.Pow(2, 4), Math.Pow(2, 7))
+ Dim intzahl2 = RandomInteger(Math.Pow(2, 4), Math.Pow(2, 10))
+ Dim intzahliterats = RandomInteger(Math.Pow(2, 5), Math.Pow(2, 11))
Dim Rand As Random = New Random
If isusrnmright = True And iscstmIDright = True And isemailright = True AndAlso String.IsNullOrEmpty(theUserID) = False Then
- Dim salt As Byte() = VERAG_VARIABLES.GenerateSalt(intzahl)
'Dim tok As Byte = Convert.ToBase64String(time.Concat(Key).ToArray())
Dim tok As String = Convert.ToBase64String(time.Concat(Key).ToArray())
- token = VERAG_VARIABLES.HashPassword(tok, salt, intzahliterats, intzahl)
+ token = VERAG_VARIABLES.HashPassword(tok, VERAG_VARIABLES.GenerateSalt(intz), intzahliterats, intzahl)
Return Convert.ToBase64String(token)
Else
@@ -843,8 +843,7 @@ Partial Class ForgotPW
Dim tokentest As String = genToken(username, Passw, email, CustomerID, True, True, True, False, TheusrID)
Dim hashtoken As Byte()
Dim iterationnumb As Integer = VERAG_VARIABLES.getiterationnumber
- Dim nzahl As Integer = RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10))
- 'Dim salttoken As String = gensaltToken(username, Passw, email, CustomerID, True, True, True, False, TheusrID)
+ Dim intzahl1 As Integer = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 6), Math.Pow(2, 10))
'MsgBox(salttoken)
If Session.Item("TokenforEmail") = Nothing Then
tokentest = genToken(username, Passw, email, CustomerID, True, True, True, False, TheusrID)
@@ -853,8 +852,9 @@ Partial Class ForgotPW
Else
tokentest = Session.Item("TokenforEmail")
End If
- hashtoken = VERAG_VARIABLES.HashPassword(tokentest, salt, iterationnumb, nzahl)
- If VERAG_VARIABLES.Verifyhash(tokentest, salt, hashtoken, iterationnumb, nzahl) = True Then
+ salt = VERAG_VARIABLES.GenerateSalt(intzahl1)
+ hashtoken = VERAG_VARIABLES.HashPassword(tokentest, salt, iterationnumb, intzahl1)
+ If VERAG_VARIABLES.Verifyhash(tokentest, salt, hashtoken, iterationnumb, intzahl1) = True Then
If SendEmail(username, Passw, email, tokentest, CustomerID, True, True, True, False, TheusrID) = True Then
'password = RandomString(New Random, 10)
If getDateoftoken(tokentest) = True Then
diff --git a/login/login_FLEX.aspx.vb b/login/login_FLEX.aspx.vb
index 473628e..7685513 100644
--- a/login/login_FLEX.aspx.vb
+++ b/login/login_FLEX.aspx.vb
@@ -215,7 +215,7 @@ Partial Class login_FLEX
Session.Add("CustomerID", Customer_ID)
Session.Add("PW", passw)
End Sub
- Function gensaltToken(username As String, password As String, CustomerID As String, salt As Byte(), intzahliterats As Integer, intzahl As Integer, isnewSession As Boolean) As String
+ Function gensaltToken(username As String, password As String, CustomerID As String, intzahliterats As Integer, intzahl As Integer, isnewSession As Boolean) As String
If isnewSession = False Then
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
diff --git a/packages.config b/packages.config
index b22e426..e43c89c 100644
--- a/packages.config
+++ b/packages.config
@@ -2,7 +2,7 @@
-
+
@@ -18,7 +18,7 @@
-
+
@@ -55,7 +55,7 @@
-
+
diff --git a/vwd.webinfo b/vwd.webinfo
index 0f8c31b..b8c6e3c 100644
--- a/vwd.webinfo
+++ b/vwd.webinfo
@@ -7,6 +7,8 @@
-
+
+
+
\ No newline at end of file