edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Änderungen Algorithmus Serverlast senken und Produktivität steigern. Und GUI Anpassungen Mobil.

Browse Source
This commit is contained in:
ja
2021-12-03 15:34:56 +01:00
parent 39e94f95b7
commit d833a5dcff
5 changed files with 51 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
App_Code/VERAG_VARIABLES.vb
View File

@@ -4,7 +4,7 @@ Imports Konscious.Security.Cryptography
Public Class VERAG_VARIABLES
Public Shared errornumb As Integer = 0
Shared Function getiterationnumber() As Integer
Return RandomInteger(Math.Pow(2, 2), Math.Pow(2, 8))
Return RandomInteger(Math.Pow(2, 4), Math.Pow(2, 11))
End Function
Shared Sub initerrorcount()
@@ -28,17 +28,27 @@ Public Class VERAG_VARIABLES
'Convert.ToBase64String(saltBytes)
End Function
Public Shared Async Function HashPassword(ByVal password As String, ByVal salt As Byte(), ByVal nIterations As Integer, ByVal nHash As Integer) As Threading.Tasks.Task(Of Byte())
Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(password))
'Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(password))
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
Dim Argon As Argon2d = New Argon2d(Encoding.UTF8.GetBytes(password))
Argon.Salt = salt
Argon.DegreeOfParallelism = 4
Argon.DegreeOfParallelism = 24
Argon.Iterations = nIterations
Argon.MemorySize = 4096
Argon.MemorySize = (nIterations / 1.05) + 1 * 150
Return Await Argon.GetBytesAsync(nHash)
'Return Convert.ToBase64String(Argon.GetBytes(nHash))
Return Argon.GetBytes(nHash)
'Return Argon.GetBytes(nHash)
'Dim saltBytes = Convert.FromBase64String(salt)
'Using rfc2898DeriveBytes = New Rfc2898DeriveBytes(password, saltBytes, nIterations)
'End Using
Else
Dim Argon As Argon2d = New Argon2d(Encoding.UTF8.GetBytes(password))
Argon.Salt = salt
Argon.DegreeOfParallelism = 36
Argon.Iterations = nIterations
Argon.MemorySize = (nIterations / 0.385) + 1 * 250
Return Await Argon.GetBytesAsync(nHash)
End If
End Function
Public Shared Async Function Verifyhash(ByVal passw As String, ByVal salt As Byte(), ByVal hash As Byte(), ByVal nIterations As Integer, ByVal nHash As Integer) As Threading.Tasks.Task(Of Boolean)

16
Customers/CustomsAviso.aspx
View File

@@ -272,22 +272,22 @@
<div id="rowcol3" class="col-10 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
<div class="row">
<asp:Label ID="lbl_LKWNr_M" runat="server" Text="LKW Nr"></asp:Label>
<asp:TextBox ID="txt_LKWNr_M" AutoCompleteType="Search" AutoPostBack="false" runat="server" style="width:117px; margin-left:25px;" OnTextChanged="txt_LKWNr_M_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_LKWNr_M" AutoCompleteType="Search" AutoPostBack="false" runat="server" style="width:185px; margin-left:10px;" OnTextChanged="txt_LKWNr_M_TextChanged"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_LKWNr" runat="server" ID="regexval_txt_LKWNr_M" ValidationGroup="additional_TXTs" ForeColor="Red" ValidationExpression="^([A-Z0-9]{30})\d$" Display="Dynamic" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
</div>
<div id="rowcol4" class="col-10 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
<asp:Label ID="lbl_KdNrAuftrag_M" runat="server" Text="Kunden Auftrags Nr" style="margin-left:45px"></asp:Label>
<asp:TextBox ID="txt_KdNrAuftrag_M" runat="server" AutoPostBack="false" AutoCompleteType="Search" style="width:117px; margin-left:6px;" OnTextChanged="txt_KdNrAuftrag_M_TextChanged"></asp:TextBox>
<div id="rowcol4" class="col-11 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
<asp:Label ID="lbl_KdNrAuftrag_M" runat="server" Text="Kunden Auftrags Nr" style="width:155px;"></asp:Label>
<asp:TextBox ID="txt_KdNrAuftrag_M" runat="server" AutoPostBack="false" AutoCompleteType="Search" style="width:185px; margin-left:10px;" OnTextChanged="txt_KdNrAuftrag_M_TextChanged"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_KdNrAuftrag_M" runat="server" ID="regval_txt_KdNrAuftrag_M" ValidationGroup="additional_TXTs" ValidationExpression="^[0-9]{7}$" Display="Dynamic" ForeColor="Red" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
</div>
<div id="rowcol5" class="col-10 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
<asp:Label ID="lbl_Absender_M" runat="server" Text="Absender"></asp:Label>
<asp:TextBox ID="txt_Absender_M" runat="server" AutoPostBack="false" AutoCompleteType="DisplayName" style="width:155px; margin-left:8px;" OnTextChanged="txt_Absender_M_TextChanged"></asp:TextBox>
<asp:TextBox ID="txt_Absender_M" runat="server" AutoPostBack="false" AutoCompleteType="DisplayName" style="width:185px; margin-left:10px;" OnTextChanged="txt_Absender_M_TextChanged"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_Absender_M" runat="server" ID="regval_txt_Absender_M" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{90})\d$" Display="Dynamic" ForeColor="Red" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
</div>
<div id="rowcol6" class="col-10 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
<asp:Label ID="lbl_Empfaenger_M" runat="server" Text="Empfänger" style="margin-left:9px"></asp:Label>
<asp:TextBox ID="txt_Empfaenger_M" runat="server" AutoPostBack="false" AutoCompleteType="DisplayName" style="width:155px; margin-left:52px;" OnTextChanged="txt_Empfaenger_M_TextChanged"></asp:TextBox>
<asp:Label ID="lbl_Empfaenger_M" runat="server" Text="Empfänger" style=""></asp:Label>
<asp:TextBox ID="txt_Empfaenger_M" runat="server" AutoPostBack="false" AutoCompleteType="DisplayName" style="width:185px; margin-left:10px;" OnTextChanged="txt_Empfaenger_M_TextChanged"></asp:TextBox>
<asp:RegularExpressionValidator ControlToValidate="txt_Empfaenger_M" runat="server" ID="regval_txt_Empfaenger_M" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{90})\d$" ForeColor="Red" Display="Dynamic" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
</div>
</div>
@@ -299,7 +299,7 @@
<div id="Abstand_laenger" style="height: /*24px*/ 1.873536299765808vh;"></div>
</div></div>
</div>
<asp:Button ID="btn_Auftraege" class="btn btn-primary" runat="server" Text="Erhalte Aufträge" style="background-color:#fff;color:#043381;height:30px;width:221px;font-size:1.33em;" />
<asp:Button ID="btn_Auftraege" class="btn btn-primary" runat="server" Text="Erhalte Aufträge" style="background-color:#fff;color:#043381;height:39px;width:221px;font-size:1.33em;" />
<div id="Abstand_lang" style="height: /*32px*/ 2.498048399687744vh;"></div>
<div class="g-3">
<div id="conovertab" style="overflow-x:auto;margin-left:-7px">

2
login/ForgotPW.aspx
View File

@@ -1,4 +1,4 @@
<%@ Page Language="VB" AutoEventWireup="false" Debug="True" CodeFile="ForgotPW.aspx.vb" Inherits="ForgotPW" Async="false" %>
<%@ Page Language="VB" AutoEventWireup="false" Debug="True" CodeFile="ForgotPW.aspx.vb" Inherits="ForgotPW" Async="true" %>
<%@ Reference VirtualPath="~/login/Change_PW.aspx" %>
<!DOCTYPE html>

9
login/ForgotPW.aspx.vb
View File

@@ -11,11 +11,12 @@ Imports System.Security.Cryptography
Partial Class ForgotPW
Inherits System.Web.UI.Page
Dim ConnectionString As String = String.Empty
Dim salt As String = String.Empty
Dim salt As Byte()
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
VERAG_VARIABLES.initerrorcount()
salt = VERAG_VARIABLES.GenerateSalt(RandomInteger(Math.Pow(2, 3), Math.Pow(2, 10)))
Else
Page.MaintainScrollPositionOnPostBack = False
VERAG_VARIABLES.initerrorcount()
@@ -26,7 +27,7 @@ Partial Class ForgotPW
End Sub
Protected Sub btn_Send_Click(sender As Object, e As EventArgs)
Protected Async Sub btn_Send_Click(sender As Object, e As EventArgs)
Try
Dim username As String = String.Empty
Dim password As String = String.Empty
@@ -213,7 +214,9 @@ Partial Class ForgotPW
Else
tokenname = Session.Item("TokenforEmail")
End If
Dim intzahl As Integer = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 4), Math.Pow(2, 10))
Dim hashdata As Byte() = Await VERAG_VARIABLES.HashPassword(tokenname, salt, VERAG_VARIABLES.getiterationnumber, intzahl)
Session.Add("TokenHashtokenized", VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(Convert.ToBase64String(hashdata)))
If SendEmail(username, password, email, tokenname, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession, UserID) = True Then
'password = RandomString(New Random, 10)
If (getDateoftoken(tokenname) = True) Then

17
login/login_FLEX.aspx.vb
View File

@@ -14,12 +14,13 @@ Partial Class login_FLEX
VERAG_VARIABLES.initerrorcount()
If Page.IsPostBack = True Then
Page.MaintainScrollPositionOnPostBack = True
Else
Page.MaintainScrollPositionOnPostBack = False
End If
intzahl = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10))
intzahliterats = VERAG_VARIABLES.getiterationnumber
salt = VERAG_VARIABLES.GenerateSalt(intzahl)
Else
Page.MaintainScrollPositionOnPostBack = False
End If
End Sub
Protected Async Sub ValidateUser(sender As Object, e As EventArgs)
@@ -171,7 +172,12 @@ Partial Class login_FLEX
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Username is not in the database!"
End If
If tb3.Text = dr("Password") Then
Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPassword(passw, salt, intzahliterats, intzahl)
If Await VERAG_VARIABLES.Verifyhash(dr("Password").ToString, salt, hashpw, intzahliterats, intzahl) = True Then
passw = dr("Password").ToString
Else
passw = String.Empty
End If
Else
VERAG_VARIABLES.seterrorcount(9)
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Password is not in the database!"
@@ -198,10 +204,9 @@ Partial Class login_FLEX
'Dim str = gensaltToken(UserNaMe, passw, Customer_ID, Session.IsNewSession)
'MsgBox(str)
'End If
Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPassword(passw, salt, intzahliterats, intzahl)
If Await VERAG_VARIABLES.Verifyhash(passw, salt, hashpw, intzahliterats, intzahl) = True Then
FormsAuthentication.RedirectFromLoginPage(UserNaMe, True)
End If
End Sub