public byte[] HashPassword(string password, ISecureRandomGenerator secureRandomGenerator) { var passwordBytes = Encoding.UTF8.GetBytes(password); var salt = secureRandomGenerator.GenerateBytes(32); var iv = secureRandomGenerator.GenerateBytes(16); var cipher = Aes.Create(); cipher.KeySize = 256; cipher.Padding = PaddingMode.PKCS7; cipher.Mode = CipherMode.CBC; cipher.Key = salt; cipher.IV = iv; var encryptor = cipher.CreateEncryptor(); var subKey = encryptor.TransformFinalBlock(passwordBytes, 0, passwordBytes.Length); var outputBytes = new byte[9 + salt.Length + iv.Length + subKey.Length]; outputBytes[0] = FormatMarkers.Aes256; BufferUtil.WriteNetworkByteOrder(outputBytes, 1, (uint)cipher.Padding); BufferUtil.WriteNetworkByteOrder(outputBytes, 5, (uint)cipher.Mode); BufferUtil.BlockFill(salt, outputBytes, 9); BufferUtil.BlockFill(iv, outputBytes, 9 + salt.Length); BufferUtil.BlockFill(subKey, outputBytes, 9 + salt.Length + iv.Length); return(outputBytes); }
public BCryptHashService( ISecureRandomGenerator secureRandomGenerator, IEncryptionService encryptionService) { _secureRandomGenerator = secureRandomGenerator; _encryptionService = encryptionService; }
private static byte[] HashPasswordByPkbdf2(string password, ISecureRandomGenerator secureRandomGenerator, KeyDerivationPrf keyDerivationPrf, int iterCount, uint saltSize, int numBytesRequested) { var salt = secureRandomGenerator.GenerateBytes(saltSize); var subkey = KeyDerivation.Pbkdf2(password, salt, keyDerivationPrf, iterCount, numBytesRequested); var outputBytes = new byte[13 + salt.Length + subkey.Length]; outputBytes[0] = FormatMarkers.Pbkdf2; // format marker BufferUtil.WriteNetworkByteOrder(outputBytes, 1, (uint)keyDerivationPrf); BufferUtil.WriteNetworkByteOrder(outputBytes, 5, (uint)iterCount); BufferUtil.WriteNetworkByteOrder(outputBytes, 9, (uint)saltSize); Buffer.BlockCopy(salt, 0, outputBytes, 13, salt.Length); Buffer.BlockCopy(subkey, 0, outputBytes, 13 + (int)saltSize, subkey.Length); return(outputBytes); }
/// <summary> /// Initializes a new instance of the <see cref="AuthenticationFlow"/> class. /// </summary> /// <param name="httpContextAccessor">The context accessor.</param> /// <param name="jwtCrytpoProvider">The crypto provider.</param> /// <param name="userManager">The user manager.</param> /// <param name="dbContext">The database context.</param> /// <param name="rngGenerator">The random generator.</param> /// <param name="moment">The current moment provider.</param> /// <param name="options">The options.</param> /// <param name="logger">The logger.</param> public AuthenticationFlow( IHttpContextAccessor httpContextAccessor, IJwtCryptoProvider jwtCrytpoProvider, UserManager <AppUser> userManager, FvectContext dbContext, ISecureRandomGenerator rngGenerator, IMoment moment, IOptionsMonitor <BackendOptions> options, ILogger <AuthenticationFlow> logger) { this.httpContextAccessor = httpContextAccessor ?? throw new ArgumentNullException(nameof(httpContextAccessor)); this.jwtCrytpoProvider = jwtCrytpoProvider ?? throw new ArgumentNullException(nameof(jwtCrytpoProvider)); this.userManager = userManager ?? throw new ArgumentNullException(nameof(userManager)); this.dbContext = dbContext ?? throw new ArgumentNullException(nameof(dbContext)); this.rngGenerator = rngGenerator ?? throw new ArgumentNullException(nameof(rngGenerator)); this.moment = moment ?? throw new ArgumentNullException(nameof(moment)); this.options = options ?? throw new ArgumentNullException(nameof(options)); this.logger = logger ?? throw new ArgumentNullException(nameof(logger)); }
public PasswordHasher(IBinaryConverter binaryConverter, ISecureRandomGenerator secureRandomGenerator, IEnumerable <IPasswordFormatHasher> passwordFormatHashers) { _binaryConverter = binaryConverter ?? throw new ArgumentNullException(nameof(binaryConverter)); _secureRandomGenerator = secureRandomGenerator ?? throw new ArgumentNullException(nameof(secureRandomGenerator)); _passwordFormatHashers = passwordFormatHashers ?? throw new ArgumentNullException(nameof(passwordFormatHashers)); }
public byte[] HashPassword(string password, ISecureRandomGenerator secureRandomGenerator) { return(HashPasswordByPkbdf2(password, secureRandomGenerator, KeyDerivationPrf.HMACSHA256, IterCount, 128 / 8, 256 / 8)); }