Änderungen Algorithmus Serverlast senken und Produktivität steigern. Und GUI Anpassungen Mobil.
This commit is contained in:
ja
@@ -4,7 +4,7 @@ Imports Konscious.Security.Cryptography
|
||||
Public Class VERAG_VARIABLES
|
||||
Public Shared errornumb As Integer = 0
|
||||
Shared Function getiterationnumber() As Integer
|
||||
Return RandomInteger(Math.Pow(2, 2), Math.Pow(2, 8))
|
||||
Return RandomInteger(Math.Pow(2, 4), Math.Pow(2, 11))
|
||||
End Function
|
||||
|
||||
Shared Sub initerrorcount()
|
||||
@@ -28,17 +28,27 @@ Public Class VERAG_VARIABLES
|
||||
'Convert.ToBase64String(saltBytes)
|
||||
End Function
|
||||
Public Shared Async Function HashPassword(ByVal password As String, ByVal salt As Byte(), ByVal nIterations As Integer, ByVal nHash As Integer) As Threading.Tasks.Task(Of Byte())
|
||||
Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(password))
|
||||
Argon.Salt = salt
|
||||
Argon.DegreeOfParallelism = 4
|
||||
Argon.Iterations = nIterations
|
||||
Argon.MemorySize = 4096
|
||||
Return Await Argon.GetBytesAsync(nHash)
|
||||
'Return Convert.ToBase64String(Argon.GetBytes(nHash))
|
||||
Return Argon.GetBytes(nHash)
|
||||
'Dim saltBytes = Convert.FromBase64String(salt)
|
||||
'Using rfc2898DeriveBytes = New Rfc2898DeriveBytes(password, saltBytes, nIterations)
|
||||
'End Using
|
||||
'Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(password))
|
||||
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
|
||||
Dim Argon As Argon2d = New Argon2d(Encoding.UTF8.GetBytes(password))
|
||||
Argon.Salt = salt
|
||||
Argon.DegreeOfParallelism = 24
|
||||
Argon.Iterations = nIterations
|
||||
Argon.MemorySize = (nIterations / 1.05) + 1 * 150
|
||||
Return Await Argon.GetBytesAsync(nHash)
|
||||
'Return Convert.ToBase64String(Argon.GetBytes(nHash))
|
||||
'Return Argon.GetBytes(nHash)
|
||||
'Dim saltBytes = Convert.FromBase64String(salt)
|
||||
'Using rfc2898DeriveBytes = New Rfc2898DeriveBytes(password, saltBytes, nIterations)
|
||||
'End Using
|
||||
Else
|
||||
Dim Argon As Argon2d = New Argon2d(Encoding.UTF8.GetBytes(password))
|
||||
Argon.Salt = salt
|
||||
Argon.DegreeOfParallelism = 36
|
||||
Argon.Iterations = nIterations
|
||||
Argon.MemorySize = (nIterations / 0.385) + 1 * 250
|
||||
Return Await Argon.GetBytesAsync(nHash)
|
||||
End If
|
||||
End Function
|
||||
|
||||
Public Shared Async Function Verifyhash(ByVal passw As String, ByVal salt As Byte(), ByVal hash As Byte(), ByVal nIterations As Integer, ByVal nHash As Integer) As Threading.Tasks.Task(Of Boolean)
|
||||
|
||||
@@ -272,22 +272,22 @@
|
||||
<div id="rowcol3" class="col-10 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
|
||||
<div class="row">
|
||||
<asp:Label ID="lbl_LKWNr_M" runat="server" Text="LKW Nr"></asp:Label>
|
||||
<asp:TextBox ID="txt_LKWNr_M" AutoCompleteType="Search" AutoPostBack="false" runat="server" style="width:117px; margin-left:25px;" OnTextChanged="txt_LKWNr_M_TextChanged"></asp:TextBox>
|
||||
<asp:TextBox ID="txt_LKWNr_M" AutoCompleteType="Search" AutoPostBack="false" runat="server" style="width:185px; margin-left:10px;" OnTextChanged="txt_LKWNr_M_TextChanged"></asp:TextBox>
|
||||
<asp:RegularExpressionValidator ControlToValidate="txt_LKWNr" runat="server" ID="regexval_txt_LKWNr_M" ValidationGroup="additional_TXTs" ForeColor="Red" ValidationExpression="^([A-Z0-9]{30})\d$" Display="Dynamic" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
|
||||
</div>
|
||||
<div id="rowcol4" class="col-10 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
|
||||
<asp:Label ID="lbl_KdNrAuftrag_M" runat="server" Text="Kunden Auftrags Nr" style="margin-left:45px"></asp:Label>
|
||||
<asp:TextBox ID="txt_KdNrAuftrag_M" runat="server" AutoPostBack="false" AutoCompleteType="Search" style="width:117px; margin-left:6px;" OnTextChanged="txt_KdNrAuftrag_M_TextChanged"></asp:TextBox>
|
||||
<div id="rowcol4" class="col-11 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
|
||||
<asp:Label ID="lbl_KdNrAuftrag_M" runat="server" Text="Kunden Auftrags Nr" style="width:155px;"></asp:Label>
|
||||
<asp:TextBox ID="txt_KdNrAuftrag_M" runat="server" AutoPostBack="false" AutoCompleteType="Search" style="width:185px; margin-left:10px;" OnTextChanged="txt_KdNrAuftrag_M_TextChanged"></asp:TextBox>
|
||||
<asp:RegularExpressionValidator ControlToValidate="txt_KdNrAuftrag_M" runat="server" ID="regval_txt_KdNrAuftrag_M" ValidationGroup="additional_TXTs" ValidationExpression="^[0-9]{7}$" Display="Dynamic" ForeColor="Red" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
|
||||
</div>
|
||||
<div id="rowcol5" class="col-10 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
|
||||
<asp:Label ID="lbl_Absender_M" runat="server" Text="Absender"></asp:Label>
|
||||
<asp:TextBox ID="txt_Absender_M" runat="server" AutoPostBack="false" AutoCompleteType="DisplayName" style="width:155px; margin-left:8px;" OnTextChanged="txt_Absender_M_TextChanged"></asp:TextBox>
|
||||
<asp:TextBox ID="txt_Absender_M" runat="server" AutoPostBack="false" AutoCompleteType="DisplayName" style="width:185px; margin-left:10px;" OnTextChanged="txt_Absender_M_TextChanged"></asp:TextBox>
|
||||
<asp:RegularExpressionValidator ControlToValidate="txt_Absender_M" runat="server" ID="regval_txt_Absender_M" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{90})\d$" Display="Dynamic" ForeColor="Red" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
|
||||
</div>
|
||||
<div id="rowcol6" class="col-10 row" style="margin-right:/*1.52px;*/0.33480176211453744vw;">
|
||||
<asp:Label ID="lbl_Empfaenger_M" runat="server" Text="Empfänger" style="margin-left:9px"></asp:Label>
|
||||
<asp:TextBox ID="txt_Empfaenger_M" runat="server" AutoPostBack="false" AutoCompleteType="DisplayName" style="width:155px; margin-left:52px;" OnTextChanged="txt_Empfaenger_M_TextChanged"></asp:TextBox>
|
||||
<asp:Label ID="lbl_Empfaenger_M" runat="server" Text="Empfänger" style=""></asp:Label>
|
||||
<asp:TextBox ID="txt_Empfaenger_M" runat="server" AutoPostBack="false" AutoCompleteType="DisplayName" style="width:185px; margin-left:10px;" OnTextChanged="txt_Empfaenger_M_TextChanged"></asp:TextBox>
|
||||
<asp:RegularExpressionValidator ControlToValidate="txt_Empfaenger_M" runat="server" ID="regval_txt_Empfaenger_M" ValidationGroup="additional_TXTs" ValidationExpression="^([A-Z0-9]{90})\d$" ForeColor="Red" Display="Dynamic" ErrorMessage="Falsche Eingabe!" SetFocusOnError="true"></asp:RegularExpressionValidator>
|
||||
</div>
|
||||
</div>
|
||||
@@ -299,7 +299,7 @@
|
||||
<div id="Abstand_laenger" style="height: /*24px*/ 1.873536299765808vh;"></div>
|
||||
</div></div>
|
||||
</div>
|
||||
<asp:Button ID="btn_Auftraege" class="btn btn-primary" runat="server" Text="Erhalte Aufträge" style="background-color:#fff;color:#043381;height:30px;width:221px;font-size:1.33em;" />
|
||||
<asp:Button ID="btn_Auftraege" class="btn btn-primary" runat="server" Text="Erhalte Aufträge" style="background-color:#fff;color:#043381;height:39px;width:221px;font-size:1.33em;" />
|
||||
<div id="Abstand_lang" style="height: /*32px*/ 2.498048399687744vh;"></div>
|
||||
<div class="g-3">
|
||||
<div id="conovertab" style="overflow-x:auto;margin-left:-7px">
|
||||
|
||||
@@ -1,4 +1,4 @@
|
||||
<%@ Page Language="VB" AutoEventWireup="false" Debug="True" CodeFile="ForgotPW.aspx.vb" Inherits="ForgotPW" Async="false" %>
|
||||
<%@ Page Language="VB" AutoEventWireup="false" Debug="True" CodeFile="ForgotPW.aspx.vb" Inherits="ForgotPW" Async="true" %>
|
||||
<%@ Reference VirtualPath="~/login/Change_PW.aspx" %>
|
||||
<!DOCTYPE html>
|
||||
|
||||
|
||||
@@ -11,11 +11,12 @@ Imports System.Security.Cryptography
|
||||
Partial Class ForgotPW
|
||||
Inherits System.Web.UI.Page
|
||||
Dim ConnectionString As String = String.Empty
|
||||
Dim salt As String = String.Empty
|
||||
Dim salt As Byte()
|
||||
Protected Sub Page_Load(ByVal sender As Object, ByVal e As EventArgs) Handles Me.Load
|
||||
If Page.IsPostBack = True Then
|
||||
Page.MaintainScrollPositionOnPostBack = True
|
||||
VERAG_VARIABLES.initerrorcount()
|
||||
salt = VERAG_VARIABLES.GenerateSalt(RandomInteger(Math.Pow(2, 3), Math.Pow(2, 10)))
|
||||
Else
|
||||
Page.MaintainScrollPositionOnPostBack = False
|
||||
VERAG_VARIABLES.initerrorcount()
|
||||
@@ -26,7 +27,7 @@ Partial Class ForgotPW
|
||||
End Sub
|
||||
|
||||
|
||||
Protected Sub btn_Send_Click(sender As Object, e As EventArgs)
|
||||
Protected Async Sub btn_Send_Click(sender As Object, e As EventArgs)
|
||||
Try
|
||||
Dim username As String = String.Empty
|
||||
Dim password As String = String.Empty
|
||||
@@ -213,7 +214,9 @@ Partial Class ForgotPW
|
||||
Else
|
||||
tokenname = Session.Item("TokenforEmail")
|
||||
End If
|
||||
|
||||
Dim intzahl As Integer = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 4), Math.Pow(2, 10))
|
||||
Dim hashdata As Byte() = Await VERAG_VARIABLES.HashPassword(tokenname, salt, VERAG_VARIABLES.getiterationnumber, intzahl)
|
||||
Session.Add("TokenHashtokenized", VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(Convert.ToBase64String(hashdata)))
|
||||
If SendEmail(username, password, email, tokenname, customerID, isusrnmright, isCustomeridright, isemailright, Session.IsNewSession, UserID) = True Then
|
||||
'password = RandomString(New Random, 10)
|
||||
If (getDateoftoken(tokenname) = True) Then
|
||||
|
||||
@@ -14,12 +14,13 @@ Partial Class login_FLEX
|
||||
VERAG_VARIABLES.initerrorcount()
|
||||
If Page.IsPostBack = True Then
|
||||
Page.MaintainScrollPositionOnPostBack = True
|
||||
intzahl = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10))
|
||||
intzahliterats = VERAG_VARIABLES.getiterationnumber
|
||||
salt = VERAG_VARIABLES.GenerateSalt(intzahl)
|
||||
Else
|
||||
Page.MaintainScrollPositionOnPostBack = False
|
||||
End If
|
||||
intzahl = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10))
|
||||
intzahliterats = VERAG_VARIABLES.getiterationnumber
|
||||
salt = VERAG_VARIABLES.GenerateSalt(intzahl)
|
||||
|
||||
End Sub
|
||||
Protected Async Sub ValidateUser(sender As Object, e As EventArgs)
|
||||
|
||||
@@ -171,9 +172,14 @@ Partial Class login_FLEX
|
||||
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Username is not in the database!"
|
||||
End If
|
||||
If tb3.Text = dr("Password") Then
|
||||
passw = dr("Password").ToString
|
||||
Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPassword(passw, salt, intzahliterats, intzahl)
|
||||
If Await VERAG_VARIABLES.Verifyhash(dr("Password").ToString, salt, hashpw, intzahliterats, intzahl) = True Then
|
||||
passw = dr("Password").ToString
|
||||
Else
|
||||
passw = String.Empty
|
||||
End If
|
||||
Else
|
||||
VERAG_VARIABLES.seterrorcount(9)
|
||||
VERAG_VARIABLES.seterrorcount(9)
|
||||
Login1.FailureText = VERAG_VARIABLES.geterrornumb + "Password is not in the database!"
|
||||
End If
|
||||
|
||||
@@ -198,10 +204,9 @@ Partial Class login_FLEX
|
||||
'Dim str = gensaltToken(UserNaMe, passw, Customer_ID, Session.IsNewSession)
|
||||
'MsgBox(str)
|
||||
'End If
|
||||
Dim hashpw As Byte() = Await VERAG_VARIABLES.HashPassword(passw, salt, intzahliterats, intzahl)
|
||||
If Await VERAG_VARIABLES.Verifyhash(passw, salt, hashpw, intzahliterats, intzahl) = True Then
|
||||
FormsAuthentication.RedirectFromLoginPage(UserNaMe, True)
|
||||
End If
|
||||
|
||||
FormsAuthentication.RedirectFromLoginPage(UserNaMe, True)
|
||||
|
||||
|
||||
End Sub
|
||||
|
||||
|
||||
Reference in New Issue
Block a user