public static (HashingAlgo hashingAlgo, EncodingType encodingType) GetAlgoDet(string password, string salt, string hash)
{
var isValidAlgo = false;
var result = (hashingAlgo : HashingAlgo.NONE, encodingType : EncodingType.Default);
foreach (string algo in Enum.GetNames(typeof(HashingAlgo)))
{
HashingAlgo hashalgo = (HashingAlgo)Enum.Parse(typeof(HashingAlgo), algo);
foreach (string encodeType in Enum.GetNames(typeof(EncodingType)))
{
EncodingType encodingType = (EncodingType)Enum.Parse(typeof(EncodingType), encodeType);
isValidAlgo = CheckPassword(password, salt, hash, hashalgo, encodingType);
if (isValidAlgo == true)
{
result.hashingAlgo = hashalgo;
result.encodingType = encodingType;
return(result);
}
}
}
return(result);
}
public void Correct_Password_Wrong_Encoding_Should_Not_Match(HashingAlgo hashingAlgo)
{
var originalHashConfig = new HashingConfig
{
GenratePerPasswordSalt = true,
GlobalSalt = null,
SaltedPasswordFormat = SaltedPasswordFormat,
HashingAlgo = hashingAlgo,
PasswordHashEncodingType = EncodingType.Hex
};
var mismatchedHashConfig = new HashingConfig
{
GenratePerPasswordSalt = true,
GlobalSalt = null,
SaltedPasswordFormat = SaltedPasswordFormat,
HashingAlgo = hashingAlgo,
PasswordHashEncodingType = EncodingType.Base64
};
var passwordHashing = new PasswordHashing();
var hash = passwordHashing.GetHash(CorrectPassword, originalHashConfig);
var match = passwordHashing.CheckPassword(hash, mismatchedHashConfig, CorrectPassword);
Assert.False(match);
}
public static bool CheckPassword(string password, string salt, string hash, HashingAlgo hashingAlgo,
EncodingType encodingType)
{
switch (hashingAlgo)
{
case HashingAlgo.HMAC_SHA1:
return(ToHMAC_SHA1(password, salt) == hash);
case HashingAlgo.HMAC_SHA256:
return(ToHMAC_SHA256(password, salt) == hash);
case HashingAlgo.SHA1:
return(ToSHA1(password, encodingType) == hash);
case HashingAlgo.SHA256:
return(ToSHA256(password, encodingType) == hash);
case HashingAlgo.SHA512:
return(ToSHA512(password, encodingType) == hash);
case HashingAlgo.MD5:
return(ToMd5(password, encodingType) == hash);
default:
throw new ArgumentOutOfRangeException(nameof(hashingAlgo));
}
}
public Encrypter(HashingAlgo hashingAlgo)
{
HashingAlgo = hashingAlgo;
switch (hashingAlgo)
{
case HashingAlgo.SHA1:
hashAlgorithm = new SHA1CryptoServiceProvider();
macInUse = new HMACSHA1();
break;
default:
case HashingAlgo.MD5:
hashAlgorithm = new MD5CryptoServiceProvider();
macInUse = new HMACMD5();
break;
case HashingAlgo.SHA256:
hashAlgorithm = new SHA256CryptoServiceProvider();
macInUse = new HMACSHA256();
break;
case HashingAlgo.SHA384:
hashAlgorithm = new SHA384CryptoServiceProvider();
macInUse = new HMACSHA384();
break;
case HashingAlgo.SHA512:
hashAlgorithm = new SHA512CryptoServiceProvider();
macInUse = new HMACSHA512();
break;
}
}
public HashMessage(HashingAlgo algo, byte[] hashedMessage, byte[] salt)
{
HashingAlgo = algo;
HashedMessage = hashedMessage;
Salt = salt;
}
public void Wrong_Password_Should_Not_Match(HashingAlgo hashingAlgo)
{
var hashConfig = new HashingConfig
{
GenratePerPasswordSalt = false,
GlobalSalt = GlobalSalt,
SaltedPasswordFormat = SaltedPasswordFormat,
HashingAlgo = hashingAlgo,
PasswordHashEncodingType = EncodingType.Default
};
var passwordHashing = new PasswordHashing();
var hash = passwordHashing.GetHash(CorrectPassword, hashConfig);
var match = passwordHashing.CheckPassword(hash, hashConfig, "wrongPassword");
Assert.False(match);
}
public void Correct_Password_Should_Match(HashingAlgo hashingAlgo)
{
var hashConfig = new HashingConfig
{
GenratePerPasswordSalt = true,
GlobalSalt = null,
SaltedPasswordFormat = SaltedPasswordFormat,
HashingAlgo = hashingAlgo,
PasswordHashEncodingType = EncodingType.Default
};
var passwordHashing = new PasswordHashing();
var hash = passwordHashing.GetHash(CorrectPassword, hashConfig);
var match = passwordHashing.CheckPassword(hash, hashConfig, CorrectPassword);
Assert.True(match);
}
public void Correct_Hash_Values_Should_Match_GetHash(HashingAlgo hashingAlgo, string expectedHashBase64)
{
var hashConfig = new HashingConfig
{
GenratePerPasswordSalt = false,
GlobalSalt = GlobalSalt,
SaltedPasswordFormat = SaltedPasswordFormat,
HashingAlgo = hashingAlgo,
PasswordHashEncodingType = EncodingType.Default
};
var passwordHashing = new PasswordHashing();
var hashActual = passwordHashing.GetHash(CorrectPassword, hashConfig);
var hashExpected = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(expectedHashBase64));
Assert.Equal(hashExpected, hashActual);
}
public void Correct_Hash_Values_Should_Match_CheckPassword(HashingAlgo hashingAlgo, string expectedHashBase64)
{
var hashConfig = new HashingConfig
{
GeneratePerPasswordSalt = false,
GlobalSalt = GlobalSalt,
SaltedPasswordFormat = SaltedPasswordFormat,
HashingAlgo = hashingAlgo,
PasswordHashEncodingType = EncodingType.Default
};
var passwordHashing = new PasswordHashing();
var expectedHash = System.Text.Encoding.UTF8.GetString(System.Convert.FromBase64String(expectedHashBase64));
var match = passwordHashing.CheckPassword(expectedHash, hashConfig, CorrectPassword);
Assert.True(match);
}
public static bool CheckPassword(string password, string salt, string hash, HashingAlgo hashingAlgo,
EncodingType encodingType, int pbdfk2Iterations = 0)
{
switch (hashingAlgo)
{
case HashingAlgo.HMAC_SHA1:
return(ToHMAC_SHA1(password, salt) == hash);
case HashingAlgo.HMAC_SHA256:
return(ToHMAC_SHA256(password, salt) == hash);
case HashingAlgo.SHA1:
return(ToSHA1(password, encodingType) == hash);
case HashingAlgo.SHA256:
return(ToSHA256(password, encodingType) == hash);
case HashingAlgo.SHA512:
return(ToSHA512(password, encodingType) == hash);
case HashingAlgo.MD5:
return(ToMd5(password, encodingType) == hash);
case HashingAlgo.PBKDF2:
return(ToPBKDF2(password, salt, encodingType, pbdfk2Iterations) == hash);
case HashingAlgo.BCRYPT:
return(ToBCRYPT(password, salt) == hash);
case HashingAlgo.NONE:
return(false);
default:
throw new ArgumentOutOfRangeException(nameof(hashingAlgo));
}
}
