protected override MD5PasswordHashingOptions DoExtractPasswordHashingOptions(HashedPassword hash, out bool needRehash)
{
needRehash = false;
return(new MD5PasswordHashingOptions
{
Salt = Convert.FromBase64String(hash["salt"].AsString())
});
}
protected virtual bool DoAreEquivalent(HashedPassword a, HashedPassword b)
{
var algo = m_Algorithms[a.AlgoName];
if (algo == null)
{
return(false);
}
return(algo.AreEquivalent(a, b));
}
public bool AreEquivalent(HashedPassword hash, HashedPassword rehash)
{
if (hash == null || rehash == null)
{
return(false);
}
if (!hash.AlgoName.EqualsOrdIgnoreCase(rehash.AlgoName))
{
return(false);
}
return(DoAreEquivalent(hash, rehash));
}
public bool AreEquivalent(HashedPassword a, HashedPassword b)
{
if (a == null || b == null)
{
return(false);
}
if (a.AlgoName != b.AlgoName)
{
return(false);
}
CheckServiceInactive();
return(DoAreEquivalent(a, b));
}
public static HashedPassword FromString(string str)
{
if (str.IsNullOrWhiteSpace())
{
throw new SecurityException(StringConsts.ARGUMENT_ERROR + "HashedPassword.FromString(str==null|empty)");
}
var password = new HashedPassword();
var json = str.JSONToDataObject() as JSONDataMap;
if (json == null || json[KEY_ALGO].AsString().IsNullOrWhiteSpace())
{
throw new SecurityException(StringConsts.ARGUMENT_ERROR + "HashedPassword.FromString(!map|!algo)");
}
password.m_Content = json;
return(password);
}
public bool Verify(SecureBuffer password, HashedPassword hash, out bool needRehash)
{
if (password == null || hash == null)
{
throw new SecurityException(StringConsts.ARGUMENT_ERROR + "PasswordManager.Verify((password|hash)==null)");
}
if (!password.IsSealed)
{
throw new SecurityException(StringConsts.ARGUMENT_ERROR + "PasswordManager.Verify(!password.IsSealed)");
}
needRehash = false;
if (!Running)
{
return(false);
}
return(DoVerify(password, hash, out needRehash));
}
protected virtual bool DoVerify(SecureBuffer password, HashedPassword hash, out bool needRehash)
{
needRehash = false;
var algo = m_Algorithms[hash.AlgoName];
if (algo == null)
{
return(false);
}
bool need = false;
if (!algo.Verify(password, hash, out need))
{
return(false);
}
needRehash = !algo.IsDefault || need;
return(true);
}
protected abstract bool DoAreEquivalent(HashedPassword hash, HashedPassword rehash);
protected abstract bool DoVerify(SecureBuffer password, HashedPassword hash, out bool needRehash);
private IConfigSectionNode findUserNode(IConfigSectionNode securityRootNode, IDPasswordCredentials cred)
{
var users = securityRootNode[CONFIG_USERS_SECTION];
using (var password = cred.SecurePassword)
{
bool needRehash = false;
return(users.Children.FirstOrDefault(cn => cn.IsSameName(CONFIG_USER_SECTION) &&
string.Equals(cn.AttrByName(CONFIG_ID_ATTR).Value, cred.ID, StringComparison.InvariantCulture) &&
m_PasswordManager.Verify(password, HashedPassword.FromString(cn.AttrByName(CONFIG_PASSWORD_ATTR).Value), out needRehash)
) ?? users.Configuration.EmptySection);
}
}
protected override bool DoAreEquivalent(HashedPassword hash, HashedPassword rehash)
{
return(hash["hash"].AsString().EqualsOrdIgnoreCase(rehash["hash"].AsString()));
}
