public HashedStringFieldEditPermission(ContentPart part, HashedStringField field) { Name = "HashedStringFieldEditPermission_" + part.PartDefinition.Name + "." + field.Name; Part = part; Field = field; ImpliedBy = new Permission[] { HashedStringFieldPermissions.ManageAllHashedStringFields }; }
public void HashValue(HashedStringField field, string value) { if (value != null) { var saltBytes = new byte[0x10]; using (var random = new RNGCryptoServiceProvider()) { random.GetBytes(saltBytes); } field.Salt = Convert.ToBase64String(saltBytes); field.HashAlgorithm = DefaultHashAlgorithm; field.Value = HashString(value, field.Salt, field.HashAlgorithm); } else { field.Value = null; } }
public bool IsValueEqual(HashedStringField field, string value) { // Preliminary checks. if (string.IsNullOrWhiteSpace(field.Salt)) { return(false); } if (string.IsNullOrWhiteSpace(field.HashAlgorithm)) { return(false); } bool isValid; var saltBytes = Convert.FromBase64String(field.Salt); if (field.HashAlgorithm == PBKDF2) { // We can't reuse ComputeHashBase64 as the internally generated salt repeated calls to Crypto.HashPassword() return different results. isValid = Crypto.VerifyHashedPassword(field.Value, Encoding.Unicode.GetString(CombineSaltAndPassword(saltBytes, value))); } else { isValid = SecureStringEquality(field.Value, ComputeHashBase64(field.HashAlgorithm, saltBytes, value)); } // Migrating older hashes to Default algorithm if necessary and enabled. if (isValid && field.HashAlgorithm != DefaultHashAlgorithm) { var keepOldConfiguration = _appConfigurationAccessor.GetConfiguration("Orchard.Users.KeepOldPasswordHash"); if (String.IsNullOrEmpty(keepOldConfiguration) || keepOldConfiguration.Equals("false", StringComparison.OrdinalIgnoreCase)) { field.HashAlgorithm = DefaultHashAlgorithm; field.Value = ComputeHashBase64(field.HashAlgorithm, saltBytes, value); } } return(isValid); }
public Permission GetAllPermission(ContentPart part, HashedStringField field) { return(GetAllHashedPermission(part.PartDefinition.Name, field.Name)); }