Removed the password hint (for security reasons), added the functiona…

…lity to create an account/vault and login, validation not yet included, but AES is implemented and BCrypt is replaced with PBKDF2 instead.
000xE · Jan 7, 2021 · 61c2737 · 61c2737
1 parent 3f2a1bf
commit 61c2737
Show file tree

Hide file tree

Showing 14 changed files with 364 additions and 48 deletions.
diff --git a/vIDsafe/Credential.cs b/vIDsafe/Credential.cs
@@ -0,0 +1,17 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace vIDsafe
+{
+    [Serializable]
+    class Credential
+    {
+        public Credential()
+        {
+
+        }
+    }
+}
diff --git a/vIDsafe/Encryption.cs b/vIDsafe/Encryption.cs
@@ -0,0 +1,93 @@
+using SimpleCrypto;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+using System.Security.Cryptography;
+
+namespace vIDsafe
+{
+    class Encryption
+    {
+
+        public static ICryptoService cryptoService = new PBKDF2();
+        private const int HASH_ITERATIONS = 100000; //Work factor, higher = longer
+
+        private static string IV = "fu1$c!j2d8limk6x";
+
+        private const int HASH_SIZE = 32;
+
+        //https://shawnmclean.com/simplecrypto-net-a-pbkdf2-hashing-wrapper-for-net-framework/
+        public static byte[] hashPassword(string newPassword, string salt)
+        {
+            //a new password hash is generated from a generated salt with the passed settings
+            //return cryptoService.Compute(newPassword, HASH_ITERATIONS + "." + salt);
+
+            byte[] convertedSalt = ASCIIEncoding.ASCII.GetBytes(salt);
+
+            // Generate the hash
+            Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(newPassword, convertedSalt, HASH_ITERATIONS);
+            return pbkdf2.GetBytes(HASH_SIZE);
+        }
+
+        //https://shawnmclean.com/simplecrypto-net-a-pbkdf2-hashing-wrapper-for-net-framework/
+        public static bool validatePassword(string password, string hashedPassword, string salt)
+        {
+            //hash the password with the saved salt for that user
+            string hashed = cryptoService.Compute(password, salt);
+            //return true if both hashes are the same
+            return hashed == hashedPassword;
+        }
+
+        public static string aesEncrypt(string plainText, byte[] key)
+        {
+            byte[] textBytes = ASCIIEncoding.ASCII.GetBytes(plainText);
+
+            AesCryptoServiceProvider AES = new AesCryptoServiceProvider
+            {
+                BlockSize = 128,
+                KeySize = 256,
+                Key = key,
+                IV = ASCIIEncoding.ASCII.GetBytes(IV),
+                Padding = PaddingMode.PKCS7,
+                Mode = CipherMode.CBC
+            };
+
+            ICryptoTransform Encryptor = AES.CreateEncryptor(AES.Key, AES.IV);
+
+            byte[] encryptedText = Encryptor.TransformFinalBlock(textBytes, 0, textBytes.Length);
+            Encryptor.Dispose();
+
+            return Convert.ToBase64String(encryptedText);
+        }
+
+
+        public static string aesDecrypt(string encryptedText, byte[] key)
+        {
+            byte[] textBytes = Convert.FromBase64String(encryptedText);
+            AesCryptoServiceProvider AES = new AesCryptoServiceProvider
+            {
+                BlockSize = 128,
+                KeySize = 256,
+                Key = key,
+                IV = ASCIIEncoding.ASCII.GetBytes(IV),
+                Padding = PaddingMode.PKCS7,
+                Mode = CipherMode.CBC
+            };
+
+            ICryptoTransform Encryptor = AES.CreateDecryptor(AES.Key, AES.IV);
+            try
+            {
+                byte[] decryptedText = Encryptor.TransformFinalBlock(textBytes, 0, textBytes.Length);
+                Encryptor.Dispose();
+
+                return ASCIIEncoding.ASCII.GetString(decryptedText);
+            }
+            catch (CryptographicException)
+            {
+                return null;
+            }
+        }
+    }
+}
diff --git a/vIDsafe/Form1.cs b/vIDsafe/Form1.cs
@@ -33,6 +33,7 @@ private void getFormComponents()
         private void loadFormComponents()
         {
             openChildForm(new Overview());
+            lblMAName.Text = vIDsafe.main.user.getName();
         }
 
         public static void openChildForm(Form childForm)
@@ -130,9 +131,8 @@ private void btnData_Click(object sender, EventArgs e)
 
         private void btnLogOut_Click(object sender, EventArgs e)
         {
-            vIDsafe loginForm = new vIDsafe();
+            vIDsafe.main.Show();
 
-            loginForm.Show();
             Close();
         }
     }

diff --git a/vIDsafe/Identity.cs b/vIDsafe/Identity.cs
@@ -0,0 +1,19 @@
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Threading.Tasks;
+
+namespace vIDsafe
+{
+    [Serializable]
+    class Identity
+    {
+        private List<Credential> credentials = new List<Credential>();
+
+        public Identity()
+        {
+
+        }
+    }
+}
diff --git a/vIDsafe/ImportExport.Designer.cs b/vIDsafe/ImportExport.Designer.cs
diff --git a/vIDsafe/Login.cs b/vIDsafe/Login.cs
@@ -17,16 +17,35 @@ public Login()
             InitializeComponent();
         }
 
-        private void testOpen()
-
+        private void btnLogin_Click(object sender, EventArgs e)
         {
+            vIDsafe.main.user = new UserAccount(txtName.Text, txtPassword.Text);
+
+            if (isValid())
+            {
+                int loginStatusCode = vIDsafe.main.user.returnLoginSuccess();
 
+                switch (loginStatusCode)
+                {
+                    case 0:
+                        Console.WriteLine("Account doesn't exist");
+                        break;
+                    case 1:
+                        Form1 form = new Form1();
+                        form.Show();
+
+                        ParentForm.Hide();
+                        break;
+                    case 2:
+                        Console.WriteLine("Wrong password");
+                        break;
+                }
+            }
         }
 
-        private void btnLogin_Click(object sender, EventArgs e)
+        private bool isValid()
         {
-            Form1 form = new Form1();
-            form.Show();
+            return true;
         }
 
         private void btnRegister_Click(object sender, EventArgs e)

diff --git a/vIDsafe/MasterAccount.Designer.cs b/vIDsafe/MasterAccount.Designer.cs
diff --git a/vIDsafe/Register.Designer.cs b/vIDsafe/Register.Designer.cs
diff --git a/vIDsafe/Register.cs b/vIDsafe/Register.cs
@@ -19,7 +19,30 @@ public Register()
 
         private void btnRegister_Click(object sender, EventArgs e)
         {
-            vIDsafe.openChildForm(new Login());
+            vIDsafe.main.user = new UserAccount(txtName.Text, txtPassword.Text);
+
+            if (isValid())
+            {
+                int registerStatusCode = vIDsafe.main.user.returnRegisterSuccess();
+
+                switch (registerStatusCode)
+                {
+                    case 0:
+                        Console.WriteLine("Account already exist");
+                        break;
+                    case 1:
+                        Form1 form = new Form1();
+                        form.Show();
+
+                        ParentForm.Hide();
+                        break;
+                }
+            }
+        }
+
+        private bool isValid()
+        {
+            return true;
         }
 
         private void btnLogin_Click(object sender, EventArgs e)