Beispiel #1
0
 protected override MD5PasswordHashingOptions DoExtractPasswordHashingOptions(HashedPassword hash, out bool needRehash)
 {
     needRehash = false;
     return(new MD5PasswordHashingOptions
     {
         Salt = Convert.FromBase64String(hash["salt"].AsString())
     });
 }
Beispiel #2
0
        protected virtual bool DoAreEquivalent(HashedPassword a, HashedPassword b)
        {
            var algo = m_Algorithms[a.AlgoName];

            if (algo == null)
            {
                return(false);
            }
            return(algo.AreEquivalent(a, b));
        }
 public bool AreEquivalent(HashedPassword hash, HashedPassword rehash)
 {
     if (hash == null || rehash == null)
     {
         return(false);
     }
     if (!hash.AlgoName.EqualsOrdIgnoreCase(rehash.AlgoName))
     {
         return(false);
     }
     return(DoAreEquivalent(hash, rehash));
 }
Beispiel #4
0
        public bool AreEquivalent(HashedPassword a, HashedPassword b)
        {
            if (a == null || b == null)
            {
                return(false);
            }
            if (a.AlgoName != b.AlgoName)
            {
                return(false);
            }

            CheckServiceInactive();

            return(DoAreEquivalent(a, b));
        }
Beispiel #5
0
        public static HashedPassword FromString(string str)
        {
            if (str.IsNullOrWhiteSpace())
            {
                throw new SecurityException(StringConsts.ARGUMENT_ERROR + "HashedPassword.FromString(str==null|empty)");
            }
            var password = new HashedPassword();
            var json     = str.JSONToDataObject() as JSONDataMap;

            if (json == null || json[KEY_ALGO].AsString().IsNullOrWhiteSpace())
            {
                throw new SecurityException(StringConsts.ARGUMENT_ERROR + "HashedPassword.FromString(!map|!algo)");
            }
            password.m_Content = json;
            return(password);
        }
        public bool Verify(SecureBuffer password, HashedPassword hash, out bool needRehash)
        {
            if (password == null || hash == null)
            {
                throw new SecurityException(StringConsts.ARGUMENT_ERROR + "PasswordManager.Verify((password|hash)==null)");
            }
            if (!password.IsSealed)
            {
                throw new SecurityException(StringConsts.ARGUMENT_ERROR + "PasswordManager.Verify(!password.IsSealed)");
            }

            needRehash = false;
            if (!Running)
            {
                return(false);
            }

            return(DoVerify(password, hash, out needRehash));
        }
Beispiel #7
0
        protected virtual bool DoVerify(SecureBuffer password, HashedPassword hash, out bool needRehash)
        {
            needRehash = false;
            var algo = m_Algorithms[hash.AlgoName];

            if (algo == null)
            {
                return(false);
            }

            bool need = false;

            if (!algo.Verify(password, hash, out need))
            {
                return(false);
            }

            needRehash = !algo.IsDefault || need;
            return(true);
        }
 protected abstract bool DoAreEquivalent(HashedPassword hash, HashedPassword rehash);
 protected abstract bool DoVerify(SecureBuffer password, HashedPassword hash, out bool needRehash);
Beispiel #10
0
        private IConfigSectionNode findUserNode(IConfigSectionNode securityRootNode, IDPasswordCredentials cred)
        {
            var users = securityRootNode[CONFIG_USERS_SECTION];

            using (var password = cred.SecurePassword)
            {
                bool needRehash = false;
                return(users.Children.FirstOrDefault(cn => cn.IsSameName(CONFIG_USER_SECTION) &&
                                                     string.Equals(cn.AttrByName(CONFIG_ID_ATTR).Value, cred.ID, StringComparison.InvariantCulture) &&
                                                     m_PasswordManager.Verify(password, HashedPassword.FromString(cn.AttrByName(CONFIG_PASSWORD_ATTR).Value), out needRehash)
                                                     ) ?? users.Configuration.EmptySection);
            }
        }
Beispiel #11
0
 protected override bool DoAreEquivalent(HashedPassword hash, HashedPassword rehash)
 {
     return(hash["hash"].AsString().EqualsOrdIgnoreCase(rehash["hash"].AsString()));
 }