static PasswordHasher() { int size; if (!int.TryParse(ConfigurationManagerExtension.AppSettings["core.password.size"], out size)) { size = 256; } PasswordHashSize = size; int iterations; if (!int.TryParse(ConfigurationManagerExtension.AppSettings["core.password.iterations"], out iterations)) { iterations = 100000; } PasswordHashIterations = iterations; PasswordHashSalt = (ConfigurationManagerExtension.AppSettings["core.password.salt"] ?? "").Trim(); if (string.IsNullOrEmpty(PasswordHashSalt)) { var salt = Hasher.Hash("{9450BEF7-7D9F-4E4F-A18A-971D8681722D}", HashAlg.SHA256); var PasswordHashSaltBytes = KeyDerivation.Pbkdf2( Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant()), salt, KeyDerivationPrf.HMACSHA256, PasswordHashIterations, PasswordHashSize / 8); PasswordHashSalt = BitConverter.ToString(PasswordHashSaltBytes).Replace("-", string.Empty).ToLower(); } }
public PasswordHasher(IConfiguration configuration, MachinePseudoKeys machinePseudoKeys) { if (!int.TryParse(configuration["core:password:size"], out var size)) { size = 256; } Size = size; if (!int.TryParse(configuration["core.password.iterations"], out var iterations)) { iterations = 100000; } Iterations = iterations; Salt = (configuration["core:password:salt"] ?? "").Trim(); if (string.IsNullOrEmpty(Salt)) { var salt = Hasher.Hash("{9450BEF7-7D9F-4E4F-A18A-971D8681722D}", HashAlg.SHA256); var PasswordHashSaltBytes = KeyDerivation.Pbkdf2( Encoding.UTF8.GetString(machinePseudoKeys.GetMachineConstant()), salt, KeyDerivationPrf.HMACSHA256, Iterations, Size / 8); Salt = BitConverter.ToString(PasswordHashSaltBytes).Replace("-", string.Empty).ToLower(); } }
private static byte[] EKey() { return(MachinePseudoKeys.GetMachineConstant(32)); }
private string FormatEmail(int tenantId, string email) { if (email == null) { throw new ArgumentNullException("email"); } try { return(string.Format("{0}|{1}|{2}", email.ToLowerInvariant(), tenantId, Encoding.UTF8.GetString(MachinePseudoKeys.GetMachineConstant()))); } catch (Exception e) { log.Fatal("Failed to format tenant specific email", e); return(email.ToLowerInvariant()); } }
internal static byte[] GetMachineConstantInternal() { return(MachinePseudoKeys.GetMachineConstant()); }