Hashfunktion und Saltgenerierung funktionieren wieder wie angenommen.
This commit is contained in:
ja
@@ -240,10 +240,10 @@ Partial Class login_Change_PW
|
||||
ConnectionString = "Server=DEVELOPER.verag.ost.dmn\DEVSQL;Database=VERAG_HOMEPAGE;Uid=AppUser;Pwd=yp/THDd?xM+pZ$;"
|
||||
'ConnectionString = "Server=db593295684.db.1and1.com;Database=db593295684;Uid=dbo593295684;Pwd=atilla#2;"
|
||||
End If
|
||||
Dim isPasswhash As Byte() = gensaltPassw(usrname, tempstr, salt, intzahliterats, intzahl, Email, Session.IsNewSession)
|
||||
Dim isPasswDBhash As Byte() = gensaltPassw(UsernameDB, pwDB, salt, intzahliterats, intzahl, EmailDB, Session.IsNewSession)
|
||||
Dim isPasswhash As Byte() = gensaltPassw(usrname, tempstr, intzahliterats, intzahl, Email, Session.IsNewSession)
|
||||
Dim isPasswDBhash As Byte() = gensaltPassw(UsernameDB, pwDB, intzahliterats, intzahl, EmailDB, Session.IsNewSession)
|
||||
If regexval_txt_Pw.IsValid = True Then
|
||||
If VERAG_VARIABLES.Verifyhash(txt_Pw.Text, salt, isPasswhash, intzahliterats, intzahl) = True And VERAG_VARIABLES.Verifyhash(txt_Pw_WH.Text, salt, VERAG_VARIABLES.HashPassword(txt_Pw.Text, salt, intzahliterats, intzahl), intzahliterats, intzahl) = True Then
|
||||
If VERAG_VARIABLES.Verifyhash(txt_Pw.Text, salt, isPasswDBhash, intzahliterats, intzahl) = True And VERAG_VARIABLES.Verifyhash(txt_Pw_WH.Text, salt, VERAG_VARIABLES.HashPassword(txt_Pw.Text, salt, intzahliterats, intzahl), intzahliterats, intzahl) = True Then
|
||||
Using con As New SqlConnection(ConnectionString)
|
||||
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET [Password]=@Password WHERE [Username]=@Username AND [UserId]=@UserId")
|
||||
' cmd.CommandType = CommandType.StoredProcedure
|
||||
@@ -459,8 +459,8 @@ Partial Class login_Change_PW
|
||||
End If
|
||||
|
||||
Using con As New SqlConnection(ConnectionString)
|
||||
Dim isPasswhash As Byte() = gensaltPassw(usrname, tempstr, salt, intzahliterats, intzahl, Email, Session.IsNewSession)
|
||||
Dim isPasswDBhash As Byte() = gensaltPassw(usrnmDB, pwDB, salt, intzahliterats, intzahl, EmailDB, Session.IsNewSession)
|
||||
Dim isPasswhash As Byte() = gensaltPassw(usrname, tempstr, intzahliterats, intzahl, Email, Session.IsNewSession)
|
||||
Dim isPasswDBhash As Byte() = gensaltPassw(usrnmDB, pwDB, intzahliterats, intzahl, EmailDB, Session.IsNewSession)
|
||||
If regexval_txt_Pw.IsValid = True Then
|
||||
If VERAG_VARIABLES.Verifyhash(tempstr, salt, isPasswhash, intzahliterats, intzahl) = True AndAlso VERAG_VARIABLES.Verifyhash(pwDB, salt, isPasswDBhash, intzahliterats, intzahl) = True Then
|
||||
Using cmd As New SqlCommand("UPDATE [VERAG_HOMEPAGE].[dbo].[Users] SET Password=@Password WHERE Username=@Username AND UserId=@UserId")
|
||||
@@ -528,7 +528,7 @@ Partial Class login_Change_PW
|
||||
End If
|
||||
End Sub
|
||||
|
||||
Function gensaltPassw(username As String, password As String, salt As Byte(), intzahliterats As Integer, intzahl As Integer, email As String, isnewSession As Boolean) As Byte()
|
||||
Function gensaltPassw(username As String, password As String, intzahliterats As Integer, intzahl As Integer, email As String, isnewSession As Boolean) As Byte()
|
||||
If isnewSession = False Then
|
||||
Dim token As Byte()
|
||||
'Dim tok As Byte = Convert.ToBase64String(time.Concat(Key).ToArray())
|
||||
@@ -538,7 +538,7 @@ Partial Class login_Change_PW
|
||||
End If
|
||||
End Function
|
||||
|
||||
Function gennewsaltToken(username As String, password As String, email As String, salt As Byte(), CustomerID As String, intzahlits As Integer, intzahl As Integer, isnewSession As Boolean, theUserID As String) As String
|
||||
Function gennewsaltToken(username As String, password As String, email As String, CustomerID As String, intzahlits As Integer, intzahl As Integer, isnewSession As Boolean, theUserID As String) As String
|
||||
If isnewSession = False Then
|
||||
Dim time() As Byte = BitConverter.GetBytes(DateTime.UtcNow.ToBinary())
|
||||
Dim Key() As Byte = Guid.NewGuid().ToByteArray()
|
||||
|
||||
Reference in New Issue
Block a user