private static string GenerateSalt(int workFactor, SaltRevision saltRevision) { if (workFactor < 4 || workFactor > 31) { throw new ArgumentOutOfRangeException(nameof(workFactor), workFactor, "The work factor must be between 4 and 31 (inclusive)."); } var salt = new byte[bcryptSaltLength]; random.GetBytes(salt); var result = new StringBuilder(); result.AppendFormat("${0}${1:00}$", saltRevision.ToRevisionString(), workFactor); result.Append(EncodeBase64(salt, salt.Length)); return(result.ToString()); }
/// <summary> /// Generate a salt for use with the <see cref="BCrypt.HashPassword(string,string)"/> method. /// </summary> /// <param name="workFactor">The log2 of the number of rounds of hashing to apply - the work /// factor therefore increases as 2**workFactor.</param> /// <param name="saltSaltRevision">The revision to return in the salt portion, defaults to 2b</param> /// <returns>A base64 encoded salt value.</returns> public static string GenerateSalt(int workFactor, SaltRevision saltSaltRevision = SaltRevision.Revision2B) { if (workFactor < 4 || workFactor > 31) { throw new ArgumentOutOfRangeException(nameof(workFactor), workFactor, "The work factor must be between 4 and 31 (inclusive)"); } var rnd = new byte[BcryptSaltLen]; var rng = RandomNumberGenerator.Create(); rng.GetBytes(rnd); var rs = new StringBuilder(); rs.AppendFormat("${0}${1:00}$", GetSaltRevisionString(saltSaltRevision), workFactor); rs.Append(EncodeBase64(rnd, rnd.Length)); return(rs.ToString()); }
private static bool TryGetSaltRevision(string value, out SaltRevision result) { result = SaltRevision.Revision2; if (string.IsNullOrWhiteSpace(value) || value[0] != '2' || value.Length > 2) { return(false); } // Determine which version we got if (value.Length < 2) { return(true); } switch (value[1]) { case 'a': result = SaltRevision.Revision2A; break; case 'b': result = SaltRevision.Revision2B; break; case 'x': result = SaltRevision.Revision2X; break; case 'y': result = SaltRevision.Revision2Y; break; default: return(false); } // Got the salt revision successfully return(true); }
/// <summary> /// Gets the string representation of the salt revision /// </summary> /// <param name="saltSaltRevision">Salt revision enum</param> /// <returns>The string representation of the salt revision</returns> private static string GetSaltRevisionString(SaltRevision saltSaltRevision) { switch (saltSaltRevision) { case SaltRevision.Revision2: return("2"); case SaltRevision.Revision2A: return("2a"); case SaltRevision.Revision2B: return("2b"); case SaltRevision.Revision2X: return("2x"); case SaltRevision.Revision2Y: return("2y"); default: throw new ArgumentOutOfRangeException(nameof(saltSaltRevision), saltSaltRevision, null); } }
public IActionResult SignUp(string email, string username, string password, string passwordverification) { SaltRevision salt = (SaltRevision)Enum.GetValues(typeof(SaltRevision)).GetValue(rng.Next(Enum.GetValues(typeof(SaltRevision)).Length)); if (password.Equals(passwordverification)) { User u = new User(); u.Username = username; u.Email = email; u.Password = BCrypt.Net.BCrypt.HashPassword(password, 12, salt); u.UserId = database.Users.Count() + 1; database.AddAsync(u); database.SaveChangesAsync(); //HttpContext.Session.Set("UserID", Encoding.UTF8.GetBytes(u.UserId.ToString())); //return to the index with the user return(View("Index", null)); } else { return(View("Index")); } //return RedirectToAction("Characters"); }
/// <summary> /// Returns a string representation of the salt revision. /// </summary> /// <param name="revision">The salt revision.</param> public static string ToRevisionString(this SaltRevision revision) { switch (revision) { case SaltRevision.Revision2: return("2"); case SaltRevision.Revision2A: return("2a"); case SaltRevision.Revision2B: return("2b"); case SaltRevision.Revision2X: return("2x"); case SaltRevision.Revision2Y: return("2y"); default: throw new InvalidOperationException($"The revision '{revision}' is not supported!"); } }
/// <summary> /// Generate a salt for use with the <see cref="BCrypt.HashPassword(string,string)"/> method /// selecting a reasonable default for the number of hashing rounds to apply. /// </summary> /// <param name="saltSaltRevision">The revision to return in the salt portion, defaults to 2b</param> /// <returns>A base64 encoded salt value.</returns> public static string GenerateSalt(SaltRevision saltSaltRevision = SaltRevision.Revision2B) { return(GenerateSalt(GensaltDefaultLog2Rounds, saltSaltRevision)); }
/// <summary> /// Hash a password using the OpenBSD bcrypt scheme and a salt generated by <see /// cref="BCrypt.GenerateSalt(int)"/> using the given <paramref name="workFactor"/>. /// </summary> /// <param name="input"> The password to hash.</param> /// <param name="workFactor">The log2 of the number of rounds of hashing to apply - the work /// factor therefore increases as 2^workFactor.</param> /// <param name="saltSaltRevision">Allows you to override the salt revision used in the output</param> /// <returns>The hashed password.</returns> public static string HashPassword(string input, int workFactor, SaltRevision saltSaltRevision = SaltRevision.Revision2B) { return(HashPassword(input, GenerateSalt(workFactor, saltSaltRevision))); }
/// <summary> /// Hash a string using the OpenBSD bcrypt scheme and a salt generated by <see /// cref="BCrypt.GenerateSalt()"/>. /// </summary> /// <remarks>Just an alias for HashPassword.</remarks> /// <param name="source"> The string to hash.</param> /// <param name="workFactor">The log2 of the number of rounds of hashing to apply - the work /// factor therefore increases as 2^workFactor.</param> /// <param name="saltSaltRevision">Allows you to override the salt revision used in the output</param> /// <returns>The hashed string.</returns> public static string HashString(string source, int workFactor, SaltRevision saltSaltRevision = SaltRevision.Revision2B) { return(HashPassword(source, GenerateSalt(workFactor))); }
/// <summary> /// Hash a string using the OpenBSD bcrypt scheme and a salt generated by <see /// cref="BCrypt.GenerateSalt()" />. /// </summary> /// <remarks>Just an alias for HashPassword.</remarks> /// <param name="source">The string to hash.</param> /// <param name="saltSaltRevision">Allows you to override the salt revision used in the output</param> /// <returns>The hashed string.</returns> public static string HashString(string source, SaltRevision saltSaltRevision = SaltRevision.Revision2B) { return(HashPassword(source, saltSaltRevision)); }
private HashInformation(SaltRevision revision, int workFactor, string rawHash) { Revision = revision; WorkFactor = workFactor; RawHash = rawHash; }
/// <summary> /// Returns a hashed representation of the supplied <paramref name="password" />. /// </summary> /// <param name="password">The password to hash.</param> /// <param name="workFactor"> /// The log2 of the number of rounds of hashing to apply - the work /// factor therefore increases as 2^workFactor. /// </param> /// <param name="saltRevision">The BCrypt sal revision.</param> public static string HashPassword(string password, int workFactor = 10, SaltRevision saltRevision = SaltRevision.Revision2B) { Requires.NotNull(password, nameof(password)); return(HashPassword(password, GenerateSalt(workFactor, saltRevision))); }
public BCryptOptions() { SaltWorkFactor = 10; SaltRevision = SaltRevision.Revision2B; }