From 7afa9a729114333fa400567bc35332882a212787 Mon Sep 17 00:00:00 2001 From: Dmitry Dzygin Date: Thu, 1 Mar 2018 14:28:41 +0100 Subject: [PATCH] Captcha code refactoring --- .../WebClient/Captcha/CaptchaConfiguration.cs | 75 +++++++++---------- .../Core/WebClient/Captcha/Encryption.cs | 23 ++++-- 2 files changed, 52 insertions(+), 46 deletions(-) diff --git a/Composite/Core/WebClient/Captcha/CaptchaConfiguration.cs b/Composite/Core/WebClient/Captcha/CaptchaConfiguration.cs index ac630c9367..6bdf07258b 100644 --- a/Composite/Core/WebClient/Captcha/CaptchaConfiguration.cs +++ b/Composite/Core/WebClient/Captcha/CaptchaConfiguration.cs @@ -1,4 +1,4 @@ -using System; +using System; using System.IO; using System.Xml; using Composite.Core.Extensions; @@ -9,59 +9,54 @@ namespace Composite.Core.WebClient.Captcha internal static class CaptchaConfiguration { private static readonly string CaptchaConfigurationFilePath = @"App_Data\Composite\Configuration\Captcha.xml"; - private static readonly object _syncRoot = new object(); - private static string _password; + public static string Password { get; } - public static string Password + static CaptchaConfiguration() { - get - { - if (_password != null) return _password; - - lock (_syncRoot) - { - if (_password != null) return _password; + string configurationFilePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, CaptchaConfigurationFilePath); - string configurationFilePath = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, CaptchaConfigurationFilePath); + string password = null; - if (C1File.Exists(configurationFilePath)) + if (C1File.Exists(configurationFilePath)) + { + var doc = new XmlDocument(); + try + { + using (var sr = new C1StreamReader(configurationFilePath)) { - var doc = new XmlDocument(); - try - { - using (var sr = new C1StreamReader(configurationFilePath)) - { - doc.Load(sr); - } + doc.Load(sr); + } - var passwordNode = doc.SelectSingleNode("captcha/password"); - if (passwordNode != null && !string.IsNullOrEmpty(passwordNode.InnerText)) - { - _password = passwordNode.InnerText; - } - } - catch (Exception) - { - // Do nothing - } + var passwordNode = doc.SelectSingleNode("captcha/password"); + if (!string.IsNullOrEmpty(passwordNode?.InnerText)) + { + password = passwordNode.InnerText; + } + } + catch (Exception) + { + // Do nothing + } - if (_password != null) return _password; + if (password != null) + { + Password = password; + return; + } - // Deleting configuration file - C1File.Delete(configurationFilePath); - } + // Deleting configuration file + C1File.Delete(configurationFilePath); + } - _password = Guid.NewGuid().ToString(); + password = Guid.NewGuid().ToString(); - string configFile = @" {0} ".FormatWith(_password); + string configFile = @" {0} ".FormatWith(password); - C1File.WriteAllText(configurationFilePath, configFile); + C1File.WriteAllText(configurationFilePath, configFile); - return _password; - } - } + Password = password; } } } diff --git a/Composite/Core/WebClient/Captcha/Encryption.cs b/Composite/Core/WebClient/Captcha/Encryption.cs index dc0eded538..74b7c37748 100644 --- a/Composite/Core/WebClient/Captcha/Encryption.cs +++ b/Composite/Core/WebClient/Captcha/Encryption.cs @@ -1,4 +1,4 @@ -using System; +using System; using System.Globalization; using System.IO; using System.Security.Cryptography; @@ -16,19 +16,25 @@ internal static class Encryption static Encryption() { - var md5 = MD5.Create(); - string key = Environment.MachineName + CaptchaConfiguration.Password + HostingEnvironment.ApplicationPhysicalPath; byte[] keyBytes = Encoding.UTF8.GetBytes(key); - _encryptionKey = md5.ComputeHash(keyBytes); + using (var hashAlgorithm = MD5.Create()) + { + _encryptionKey = hashAlgorithm.ComputeHash(keyBytes); + } } public static string Encrypt(string value) { Verify.ArgumentNotNullOrEmpty(value, nameof(value)); + return ByteToHexString(RijndaelEncrypt(value)); + } + + private static byte[] RijndaelEncrypt(string value) + { // Create a RijndaelManaged object // with the specified key and IV. using (var rima = new RijndaelManaged()) @@ -49,7 +55,7 @@ public static string Encrypt(string value) swEncrypt.Write(value); } // Return the encrypted bytes from the memory stream. - return ByteToHexString(msEncrypt.ToArray()); + return msEncrypt.ToArray(); } } } @@ -59,6 +65,11 @@ public static string Decrypt(string encryptedValue) Verify.ArgumentNotNullOrEmpty(encryptedValue, nameof(encryptedValue)); byte[] encodedSequence = HexStringToByteArray(encryptedValue); + return RijndaelDecrypt(encodedSequence); + } + + private static string RijndaelDecrypt(byte[] bytes) + { using (var rima = new RijndaelManaged()) { rima.Key = _encryptionKey; @@ -68,7 +79,7 @@ public static string Decrypt(string encryptedValue) ICryptoTransform decryptor = rima.CreateDecryptor(); // Create the streams used for decryption. - using (var msDecrypt = new MemoryStream(encodedSequence)) + using (var msDecrypt = new MemoryStream(bytes)) using (var csDecrypt = new CryptoStream(msDecrypt, decryptor, CryptoStreamMode.Read)) using (var srDecrypt = new C1StreamReader(csDecrypt)) {