Esempio n. 1
0
        /// <inheritdoc />
        public override string GenerateSalt(CrypterOptions options)
        {
            Check.Null("options", options);

            switch (options.GetValue(CrypterOption.Variant, LdapCrypterVariant.SSha))
            {
            case LdapCrypterVariant.Crypt:
                Crypter crypter = options.GetValue <Crypter>(LdapCrypterOption.Crypter);
                if (crypter == null)
                {
                    throw Exceptions.Argument("LdapCrypterOption.Crypter",
                                              "Crypter not set. Did you intend Crypter.TraditionalDes (the slappasswd default)?");
                }

                CrypterOptions crypterOptions = options.GetValue(LdapCrypterOption.CrypterOptions, CrypterOptions.None);
                return("{CRYPT}" + crypter.GenerateSalt(crypterOptions));

            case LdapCrypterVariant.SSha: return("{SSHA}" + Convert.ToBase64String(Security.GenerateRandomBytes(8)));

            case LdapCrypterVariant.SMD5: return("{SMD5}" + Convert.ToBase64String(Security.GenerateRandomBytes(8)));

            case LdapCrypterVariant.Sha: return("{SHA}");

            case LdapCrypterVariant.MD5: return("{MD5}");

            case LdapCrypterVariant.Cleartext: return("{CLEARTEXT}");

            default: throw Exceptions.ArgumentOutOfRange("CrypterOption.Variant", "Unknown variant.");
            }
        }
Esempio n. 2
0
        /// <inheritdoc />
        public override string GenerateSalt(CrypterOptions options)
        {
            Check.Null("options", options);

            int rounds = options.GetValue(CrypterOption.Rounds, 14);

            Check.Range("CrypterOption.Rounds", rounds, MinRounds, MaxRounds);

            string prefix;

            switch (options.GetValue(CrypterOption.Variant, PhpassCrypterVariant.Standard))
            {
            case PhpassCrypterVariant.Standard: prefix = "$P$"; break;

            case PhpassCrypterVariant.Phpbb: prefix = "$H$"; break;

            case PhpassCrypterVariant.Drupal: prefix = "$S$"; break;

            default: throw Exceptions.ArgumentOutOfRange("CrypterOption.Variant", "Unknown variant.");
            }

            return(prefix
                   + Base64Encoding.UnixMD5.GetChar(rounds)
                   + Base64Encoding.UnixMD5.GetString(Security.GenerateRandomBytes(6)));
        }
Esempio n. 3
0
        /// <summary>
        /// Creates a one-way password hash (crypted password) from password bytes.
        /// Options modify the crypt operation.
        /// </summary>
        /// <param name="password">The bytes of the password.</param>
        /// <param name="options">Options modifying the crypt operation.</param>
        /// <returns>The crypted password.</returns>
        public string Crypt(byte[] password, CrypterOptions options)
        {
            Check.Null("password", password);
            Check.Null("options", options);

            return(Crypt(password, GenerateSalt(options)));
        }
Esempio n. 4
0
        /// <inheritdoc />
        public override string GenerateSalt(CrypterOptions options)
        {
            Check.Null("options", options);

            int rounds = options.GetValue(CrypterOption.Rounds, 6);

            Check.Range("CrypterOption.Rounds", rounds, MinRounds, MaxRounds);

            string prefix;

            switch (options.GetValue(CrypterOption.Variant, BlowfishCrypterVariant.Unspecified))
            {
            case BlowfishCrypterVariant.Unspecified: prefix = "$2a$"; break;

            case BlowfishCrypterVariant.Compatible: prefix = "$2x$"; break;

            case BlowfishCrypterVariant.Corrected: prefix = "$2y$"; break;

            default: throw Exceptions.ArgumentOutOfRange("CrypterOption.Variant", "Unknown variant.");
            }

            return(prefix
                   + rounds.ToString("00") + '$'
                   + Base64Encoding.Blowfish.GetString(Security.GenerateRandomBytes(16)));
        }
Esempio n. 5
0
        /// <inheritdoc />
        public override string GenerateSalt(CrypterOptions options)
        {
            Check.Null("options", options);

            int?rounds = options.GetValue <int?>(CrypterOption.Rounds);

            if (rounds != null)
            {
                Check.Range("CrypterOption.Rounds", (int)rounds, MinRounds, MaxRounds);
            }

            byte[] roundsBytes = new byte[3], saltBytes = null;
            try
            {
                BitPacking.LEBytesFromUInt24((uint)(rounds ?? 4321), roundsBytes, 0);
                saltBytes = Security.GenerateRandomBytes(3);

                return("_"
                       + Base64Encoding.UnixMD5.GetString(roundsBytes)
                       + Base64Encoding.UnixMD5.GetString(saltBytes));
            }
            finally
            {
                Security.Clear(roundsBytes);
                Security.Clear(saltBytes);
            }
        }
Esempio n. 6
0
        /// <inheritdoc />
        public override string GenerateSalt(CrypterOptions options)
        {
            Check.Null("options", options);

            string salt;

            do
            {
                salt = Base64Encoding.UnixMD5.GetString(Security.GenerateRandomBytes(2)).Substring(0, 2);
            }while (FilterSalt(salt) != salt);
            return(salt);
        }
Esempio n. 7
0
        /// <inheritdoc />
        public override string GenerateSalt(CrypterOptions options)
        {
            Check.Null("options", options);

            int?rounds = options.GetValue <int?>(CrypterOption.Rounds);

            if (rounds != null)
            {
                Check.Range("CrypterOption.Rounds", (int)rounds, MinRounds, MaxRounds);
            }

            return(CryptPrefix
                   + (rounds != null ? string.Format("rounds={0}$", rounds) : "")
                   + Base64Encoding.UnixMD5.GetString(Security.GenerateRandomBytes(12)));
        }
Esempio n. 8
0
        /// <inheritdoc />
        public override string GenerateSalt(CrypterOptions options)
        {
            Check.Null("options", options);

            string prefix;

            switch (options.GetValue(CrypterOption.Variant, MD5CrypterVariant.Standard))
            {
            case MD5CrypterVariant.Standard: prefix = "$1$"; break;

            case MD5CrypterVariant.Apache: prefix = "$apr1$"; break;

            default: throw Exceptions.ArgumentOutOfRange("CrypterOption.Variant", "Unknown variant.");
            }

            return(prefix + Base64Encoding.UnixMD5.GetString(Security.GenerateRandomBytes(6)));
        }
Esempio n. 9
0
 static CrypterOptions()
 {
     None = new CrypterOptions().MakeReadOnly();
 }
Esempio n. 10
0
 /// <summary>
 /// Generates a salt string. Options are used to modify the salt generation.
 /// The purpose of salt is to make dictionary attacks against a whole password database much harder,
 /// by causing the crypted password to be different even if two users have the same uncrypted password.
 ///
 /// Randomness in a crypted password comes from its salt string, as do all recorded options.
 /// The same salt string, when combined with the same password, will generate the same crypted password.
 /// If the salt string differs, the same password will generate a different crypted password
 /// (crypted passwords have the form <c>algorithm+salt+hash</c>, so the salt is always carried along
 /// with the crypted password).
 /// </summary>
 /// <param name="options">Options modifying the salt generation.</param>
 /// <returns>The salt string.</returns>
 public abstract string GenerateSalt(CrypterOptions options);
Esempio n. 11
0
 /// <summary>
 /// Creates a one-way password hash (crypted password) from a password string.
 /// Options modify the crypt operation.
 /// </summary>
 /// <param name="password">The password string. Characters are UTF-8 encoded.</param>
 /// <param name="options">Options modifying the crypt operation.</param>
 /// <returns>The crypted password.</returns>
 public string Crypt(string password, CrypterOptions options)
 {
     return(Crypt(password, GenerateSalt(options)));
 }