edv/VERAG_Homepage
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Iterationen angepasst und Verhashungsalgortithmus entschlankt laut https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile muss es mind 95 bit langer salt sein.

Browse Source
This commit is contained in:
ja
2022-01-14 13:22:44 +01:00
parent 12141ac2f7
commit f136730f92
3 changed files with 1219 additions and 1207 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
App_Code/VERAG_VARIABLES.vb
View File

@@ -9,7 +9,7 @@ Public Class VERAG_VARIABLES
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
Return RandomInteger(Math.Pow(2, 4), Math.Pow(2, 6))
Else
Return RandomInteger(Math.Pow(2, 5), Math.Pow(2, 10))
Return RandomInteger(Math.Pow(2, 8), Math.Pow(2, 10))
End If
End Function
@@ -50,7 +50,7 @@ Public Class VERAG_VARIABLES
Argon.Salt = salt
Argon.DegreeOfParallelism = 8
Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 7)
Argon.MemorySize = (((nIterations * 24.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
Argon.MemorySize = (((nIterations * 8.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
Return Argon.GetBytes(nHash)
End If
@@ -69,7 +69,7 @@ Public Class VERAG_VARIABLES
Else
Dim Argon As Argon2id = New Argon2id(Encoding.UTF8.GetBytes(VERAG_PROG_ALLGEMEIN.cCryptography3.Encrypt(password)))
Argon.Salt = salt
Argon.DegreeOfParallelism = 8
Argon.DegreeOfParallelism = 18
Argon.Iterations = nIterations * VERAG_VARIABLES.RandomInteger(2, 7)
Argon.MemorySize = (((nIterations * 24.685 - (nIterations * 0.56) / 1.85 * 2.28) / 10.28) + 1.024 * 416)
Return Await Argon.GetBytesAsync(nHash)

2412
VERAG_Homepage/{11EF0CDA-BC19-40FB-91C4-25C81F3A27AC}/CodeAnalysisLog.xml
View File

File diff suppressed because it is too large Load Diff

8
login/login_FLEX.aspx.vb
View File

@@ -25,12 +25,12 @@ Partial Class login_FLEX
If HttpContext.Current.Request.ServerVariables("SERVER_NAME") = "localhost" Then
intzahliterats = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 11))
teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(2, Math.Pow(2, 10)))
teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10)))
Else
intzahliterats = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 10), Math.Pow(2, 17))
teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(Math.Pow(2, 5), Math.Pow(2, 10)))
teststr = Await TestPerformance.TestHashrateServerAsync(VERAG_VARIABLES.RandomInteger(Math.Pow(2, 7), Math.Pow(2, 10)))
End If
If String.Equals(teststr, String.Empty) = False Then
intzahliterats = VERAG_VARIABLES.getiterationnumber
@@ -201,7 +201,7 @@ Partial Class login_FLEX
reqfieldvalpassw_M.Enabled = False
reqfieldvalpassw.Validate()
If reqfieldvalpassw.IsValid = True Then
intzahl = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 6), Math.Pow(2, 10))
intzahl = VERAG_VARIABLES.RandomInteger(97, Math.Pow(2, 10))
Dim hashpw1 As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3.Text, salt, intzahliterats, intzahl)
passw = tb3.Text
End If
@@ -210,7 +210,7 @@ Partial Class login_FLEX
reqfieldvalpassw.Enabled = False
reqfieldvalpassw_M.Enabled = True
reqfieldvalpassw_M.Validate()
intzahl = VERAG_VARIABLES.RandomInteger(Math.Pow(2, 6), Math.Pow(2, 10))
intzahl = VERAG_VARIABLES.RandomInteger(97, Math.Pow(2, 10))
If reqfieldvalpassw_M.IsValid = True Then
Dim hashpw_M As Byte() = Await VERAG_VARIABLES.HashPasswordAsync(tb3_M.Text, salt, intzahliterats, intzahl)
passw = tb3_M.Text