/// <summary> /// Gets the hashed string. /// </summary> public string GetHashedString(User user, string str) { PasswordHash passwordHash; if (string.IsNullOrEmpty(user.Password)) { passwordHash = new PasswordHash(_cryptographyProvider); } else { ConvertPasswordFormat(user); passwordHash = new PasswordHash(user.Password); } if (passwordHash.SaltBytes != null) { // the password is modern format with PBKDF and we should take advantage of that passwordHash.HashBytes = Encoding.UTF8.GetBytes(str); return(PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash))); } else { // the password has no salt and should be called with the older method for safety return(PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash.Id, Encoding.UTF8.GetBytes(str)))); } }
public string GetEasyPasswordHash(User user) { // This should be removed in the future. This was added to let user login after // Jellyfin 10.3.3 failed to save a well formatted PIN. ConvertPasswordFormat(user); return(string.IsNullOrEmpty(user.EasyPassword) ? null : PasswordHash.ConvertToByteString(new PasswordHash(user.EasyPassword).Hash)); }
public Task ChangePassword(User user, string newPassword) { ConvertPasswordFormat(user); // This is needed to support changing a no password user to a password user if (string.IsNullOrEmpty(user.Password)) { PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider); newPasswordHash.SaltBytes = _cryptographyProvider.GenerateSalt(); newPasswordHash.Salt = PasswordHash.ConvertToByteString(newPasswordHash.SaltBytes); newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod; newPasswordHash.Hash = GetHashedStringChangeAuth(newPassword, newPasswordHash); user.Password = newPasswordHash.ToString(); return(Task.CompletedTask); } PasswordHash passwordHash = new PasswordHash(user.Password); if (passwordHash.Id == "SHA1" && string.IsNullOrEmpty(passwordHash.Salt)) { passwordHash.SaltBytes = _cryptographyProvider.GenerateSalt(); passwordHash.Salt = PasswordHash.ConvertToByteString(passwordHash.SaltBytes); passwordHash.Id = _cryptographyProvider.DefaultHashMethod; passwordHash.Hash = GetHashedStringChangeAuth(newPassword, passwordHash); } else if (newPassword != null) { passwordHash.Hash = GetHashedString(user, newPassword); } if (string.IsNullOrWhiteSpace(passwordHash.Hash)) { throw new ArgumentNullException(nameof(passwordHash.Hash)); } user.Password = passwordHash.ToString(); return(Task.CompletedTask); }
public string GetHashedStringChangeAuth(string newPassword, PasswordHash passwordHash) { passwordHash.HashBytes = Encoding.UTF8.GetBytes(newPassword); return(PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash))); }
private string GetLocalPasswordHash(User user) { return(string.IsNullOrEmpty(user.EasyPassword) ? null : PasswordHash.ConvertToByteString(new PasswordHash(user.EasyPassword).Hash)); }