public Task ChangePassword(User user, string newPassword) { ConvertPasswordFormat(user); // This is needed to support changing a no password user to a password user if (string.IsNullOrEmpty(user.Password)) { PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider); newPasswordHash.Salt = _cryptographyProvider.GenerateSalt(); newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod; newPasswordHash.Hash = GetHashedChangeAuth(newPassword, newPasswordHash); user.Password = newPasswordHash.ToString(); return(Task.CompletedTask); } PasswordHash passwordHash = new PasswordHash(user.Password); if (passwordHash.Id == "SHA1" && passwordHash.Salt.Length == 0) { passwordHash.Salt = _cryptographyProvider.GenerateSalt(); passwordHash.Id = _cryptographyProvider.DefaultHashMethod; passwordHash.Hash = GetHashedChangeAuth(newPassword, passwordHash); } else if (newPassword != null) { passwordHash.Hash = GetHashed(user, newPassword); } user.Password = passwordHash.ToString(); return(Task.CompletedTask); }
public Task ChangePassword(User user, string newPassword) { ConvertPasswordFormat(user); // This is needed to support changing a no password user to a password user if (string.IsNullOrEmpty(user.Password)) { PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider); newPasswordHash.SaltBytes = _cryptographyProvider.GenerateSalt(); newPasswordHash.Salt = PasswordHash.ConvertToByteString(newPasswordHash.SaltBytes); newPasswordHash.Id = _cryptographyProvider.DefaultHashMethod; newPasswordHash.Hash = GetHashedStringChangeAuth(newPassword, newPasswordHash); user.Password = newPasswordHash.ToString(); return(Task.CompletedTask); } PasswordHash passwordHash = new PasswordHash(user.Password); if (passwordHash.Id == "SHA1" && string.IsNullOrEmpty(passwordHash.Salt)) { passwordHash.SaltBytes = _cryptographyProvider.GenerateSalt(); passwordHash.Salt = PasswordHash.ConvertToByteString(passwordHash.SaltBytes); passwordHash.Id = _cryptographyProvider.DefaultHashMethod; passwordHash.Hash = GetHashedStringChangeAuth(newPassword, passwordHash); } else if (newPassword != null) { passwordHash.Hash = GetHashedString(user, newPassword); } if (string.IsNullOrWhiteSpace(passwordHash.Hash)) { throw new ArgumentNullException(nameof(passwordHash.Hash)); } user.Password = passwordHash.ToString(); return(Task.CompletedTask); }
/// <summary> /// Creates a new <see cref="PasswordHash" /> instance. /// </summary> /// <param name="cryptoProvider">The <see cref="ICryptoProvider" /> instance used.</param> /// <param name="password">The password that will be hashed.</param> /// <returns>A <see cref="PasswordHash" /> instance with the hash method, hash, salt and number of iterations.</returns> public static PasswordHash CreatePasswordHash(this ICryptoProvider cryptoProvider, string password) { byte[] salt = cryptoProvider.GenerateSalt(); return(new PasswordHash( cryptoProvider.DefaultHashMethod, cryptoProvider.ComputeHashWithDefaultMethod( Encoding.UTF8.GetBytes(password), salt), salt, new Dictionary <string, string> { { "iterations", DefaultIterations.ToString(CultureInfo.InvariantCulture) } })); }
public PasswordHash(ICryptoProvider cryptoProvider) { _id = cryptoProvider.DefaultHashMethod; _salt = cryptoProvider.GenerateSalt(); _hash = Array.Empty <Byte>(); }