Пример #1
0
 protected override MD5PasswordHashingOptions DoExtractPasswordHashingOptions(HashedPassword hash, out bool needRehash)
 {
     needRehash = false;
     return(new MD5PasswordHashingOptions
     {
         Salt = Convert.FromBase64String(hash["salt"].AsString())
     });
 }
Пример #2
0
        protected virtual bool DoAreEquivalent(HashedPassword a, HashedPassword b)
        {
            var algo = m_Algorithms[a.AlgoName];

            if (algo == null)
            {
                return(false);
            }
            return(algo.AreEquivalent(a, b));
        }
Пример #3
0
        protected override MD5PasswordHashingOptions DoExtractPasswordHashingOptions(HashedPassword hash, out bool needRehash)
        {
            var salt = hash["salt"].AsString(string.Empty);

            needRehash = salt.IsNullOrWhiteSpace();
            return(new MD5PasswordHashingOptions
            {
                Salt = Convert.FromBase64String(salt)
            });
        }
Пример #4
0
 public bool AreEquivalent(HashedPassword hash, HashedPassword rehash)
 {
     if (hash == null || rehash == null)
     {
         return(false);
     }
     if (!hash.AlgoName.EqualsOrdIgnoreCase(rehash.AlgoName))
     {
         return(false);
     }
     return(DoAreEquivalent(hash, rehash));
 }
Пример #5
0
        public bool AreEquivalent(HashedPassword a, HashedPassword b)
        {
            if (a == null || b == null)
            {
                return(false);
            }
            if (a.AlgoName != b.AlgoName)
            {
                return(false);
            }

            CheckDaemonInactive();

            return(DoAreEquivalent(a, b));
        }
Пример #6
0
        public static HashedPassword FromString(string str)
        {
            if (str.IsNullOrWhiteSpace())
            {
                throw new SecurityException(StringConsts.ARGUMENT_ERROR + "HashedPassword.FromString(str==null|empty)");
            }
            var password = new HashedPassword();
            var json     = str.JSONToDataObject() as JSONDataMap;

            if (json == null || json[KEY_ALGO].AsString().IsNullOrWhiteSpace())
            {
                throw new SecurityException(StringConsts.ARGUMENT_ERROR + "HashedPassword.FromString(!map|!algo)");
            }
            password.m_Content = json;
            return(password);
        }
Пример #7
0
        public bool AreEquivalent(HashedPassword a, HashedPassword b)
        {
            if (a == null || b == null)
            {
                return(false);
            }
            if (a.AlgoName != b.AlgoName)
            {
                return(false);
            }

            if (!Running)
            {
                return(false);
            }
            return(DoAreEquivalent(a, b));
        }
Пример #8
0
        public bool Verify(SecureBuffer password, HashedPassword hash, out bool needRehash)
        {
            if (password == null || hash == null)
            {
                throw new SecurityException(StringConsts.ARGUMENT_ERROR + "PasswordManager.Verify((password|hash)==null)");
            }
            if (!password.IsSealed)
            {
                throw new SecurityException(StringConsts.ARGUMENT_ERROR + "PasswordManager.Verify(!password.IsSealed)");
            }

            needRehash = false;
            if (!Running)
            {
                return(false);
            }

            return(DoVerify(password, hash, out needRehash));
        }
Пример #9
0
        protected virtual bool DoVerify(SecureBuffer password, HashedPassword hash, out bool needRehash)
        {
            needRehash = false;
            var algo = m_Algorithms[hash.AlgoName];

            if (algo == null)
            {
                return(false);
            }

            bool need = false;

            if (!algo.Verify(password, hash, out need))
            {
                return(false);
            }

            needRehash = !algo.IsDefault || need;
            return(true);
        }
Пример #10
0
        protected override HashedPassword DoComputeHash(PasswordFamily family, SecureBuffer password, PBKDF2PasswordHashingOptions options)
        {
            var salt    = options.Salt;
            var content = password.Content;

            var iterations = getIterations();

            //https://stackoverflow.com/questions/18648084/rfc2898-pbkdf2-with-sha256-as-digest-in-c-sharp
            var hash = PlatformAbstractionLayer.Cryptography.ComputePBKDF2(content, salt, HASH_LENGTH_BYTES, iterations, HashAlgorithmName.SHA256);

            var pwd = new HashedPassword(Name, family)
            {
                { "h", hash.ToWebSafeBase64() },
                { "s", salt.ToWebSafeBase64() }
            };

            Array.Clear(hash, 0, hash.Length);

            return(pwd);
        }
Пример #11
0
 protected abstract bool DoAreEquivalent(HashedPassword hash, HashedPassword rehash);
Пример #12
0
        protected override PBKDF2PasswordHashingOptions DoExtractPasswordHashingOptions(HashedPassword hash, out bool needRehash)
        {
            needRehash = false;
            try
            {
                return(new PBKDF2PasswordHashingOptions
                {
                    Salt = hash["s"].AsString().FromWebSafeBase64()
                });
            }
            catch (Exception error)
            {
                WriteLog(Log.MessageType.TraceErrors, nameof(DoExtractPasswordHashingOptions), "Leaked: " + error.ToMessageWithType(), error);
            }

            return(DefaultPasswordHashingOptions);
        }
Пример #13
0
 protected abstract bool DoVerify(SecureBuffer password, HashedPassword hash, out bool needRehash);
Пример #14
0
 protected override bool DoAreEquivalent(HashedPassword hash, HashedPassword rehash)
 {
     return(hash["hash"].AsString().EqualsOrdIgnoreCase(rehash["hash"].AsString()));
 }
Пример #15
0
        private IConfigSectionNode findUserNode(IConfigSectionNode securityRootNode, IDPasswordCredentials cred)
        {
            var users = securityRootNode[CONFIG_USERS_SECTION];

            using (var password = cred.SecurePassword)
            {
                bool needRehash = false;
                return(users.Children.FirstOrDefault(cn => cn.IsSameName(CONFIG_USER_SECTION) &&
                                                     string.Equals(cn.AttrByName(CONFIG_ID_ATTR).Value, cred.ID, StringComparison.InvariantCulture) &&
                                                     m_PasswordManager.Verify(password, HashedPassword.FromString(cn.AttrByName(CONFIG_PASSWORD_ATTR).Value), out needRehash)
                                                     ) ?? users.Configuration.EmptySection);
            }
        }
Пример #16
0
 protected override IPasswordHashingOptions DoExtractPasswordHashingOptions(HashedPassword hash, out bool needRehash)
 {
     needRehash = false;
     return(null);
 }
Пример #17
0
 protected override PBKDF2PasswordHashingOptions DoExtractPasswordHashingOptions(HashedPassword hash, out bool needRehash)
 {
     needRehash = false;
     return(new PBKDF2PasswordHashingOptions
     {
         Salt = hash["s"].AsString().FromWebSafeBase64()
     });
 }