diff options
| author | crupest <crupest@outlook.com> | 2019-04-12 23:34:40 +0800 |
|---|---|---|
| committer | crupest <crupest@outlook.com> | 2019-04-12 23:34:40 +0800 |
| commit | 401a5b74696c471e5168e421e3de0db1e5f946a8 (patch) | |
| tree | 46e4110f6044d606dc7e30d03c8527db6954b212 /Timeline/Services/PasswordService.cs | |
| parent | 8c5e7069d2651fb6fae641dfe482d7a0910b3fd1 (diff) | |
| download | timeline-401a5b74696c471e5168e421e3de0db1e5f946a8.tar.gz timeline-401a5b74696c471e5168e421e3de0db1e5f946a8.tar.bz2 timeline-401a5b74696c471e5168e421e3de0db1e5f946a8.zip | |
Add database connection.
Diffstat (limited to 'Timeline/Services/PasswordService.cs')
| -rw-r--r-- | Timeline/Services/PasswordService.cs | 205 |
1 files changed, 205 insertions, 0 deletions
diff --git a/Timeline/Services/PasswordService.cs b/Timeline/Services/PasswordService.cs new file mode 100644 index 00000000..8eab526e --- /dev/null +++ b/Timeline/Services/PasswordService.cs @@ -0,0 +1,205 @@ +using Microsoft.AspNetCore.Cryptography.KeyDerivation; +using Microsoft.Extensions.Logging; +using System; +using System.Runtime.CompilerServices; +using System.Security.Cryptography; + +namespace Timeline.Services +{ + public interface IPasswordService + { + /// <summary> + /// Returns a hashed representation of the supplied <paramref name="password"/>. + /// </summary> + /// <param name="password">The password to hash.</param> + /// <returns>A hashed representation of the supplied <paramref name="password"/>.</returns> + string HashPassword(string password); + + /// <summary> + /// Returns a boolean indicating the result of a password hash comparison. + /// </summary> + /// <param name="hashedPassword">The hash value for a user's stored password.</param> + /// <param name="providedPassword">The password supplied for comparison.</param> + /// <returns>True indicating success. Otherwise false.</returns> + bool VerifyPassword(string hashedPassword, string providedPassword); + } + + /// <summary> + /// Copied from https://github.com/aspnet/AspNetCore/blob/master/src/Identity/Extensions.Core/src/PasswordHasher.cs + /// Remove V2 format and unnecessary format version check. + /// Remove configuration options. + /// Remove user related parts. + /// Add log for wrong format. + /// </summary> + public class PasswordService : IPasswordService + { + /* ======================= + * HASHED PASSWORD FORMATS + * ======================= + * + * Version 3: + * PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations. + * Format: { 0x01, prf (UInt32), iter count (UInt32), salt length (UInt32), salt, subkey } + * (All UInt32s are stored big-endian.) + */ + + private static EventId BadFormatEventId { get; } = new EventId(4000, "BadFormatPassword"); + + private readonly RandomNumberGenerator _rng = RandomNumberGenerator.Create(); + private readonly ILogger<PasswordService> _logger; + + public PasswordService(ILogger<PasswordService> logger) + { + _logger = logger; + } + + + // Compares two byte arrays for equality. The method is specifically written so that the loop is not optimized. + [MethodImpl(MethodImplOptions.NoInlining | MethodImplOptions.NoOptimization)] + private static bool ByteArraysEqual(byte[] a, byte[] b) + { + if (a == null && b == null) + { + return true; + } + if (a == null || b == null || a.Length != b.Length) + { + return false; + } + var areSame = true; + for (var i = 0; i < a.Length; i++) + { + areSame &= (a[i] == b[i]); + } + return areSame; + } + + public string HashPassword(string password) + { + if (password == null) + throw new ArgumentNullException(nameof(password)); + return Convert.ToBase64String(HashPasswordV3(password, _rng)); + } + + private byte[] HashPasswordV3(string password, RandomNumberGenerator rng) + { + return HashPasswordV3(password, rng, + prf: KeyDerivationPrf.HMACSHA256, + iterCount: 10000, + saltSize: 128 / 8, + numBytesRequested: 256 / 8); + } + + private static byte[] HashPasswordV3(string password, RandomNumberGenerator rng, KeyDerivationPrf prf, int iterCount, int saltSize, int numBytesRequested) + { + // Produce a version 3 (see comment above) text hash. + byte[] salt = new byte[saltSize]; + rng.GetBytes(salt); + byte[] subkey = KeyDerivation.Pbkdf2(password, salt, prf, iterCount, numBytesRequested); + + var outputBytes = new byte[13 + salt.Length + subkey.Length]; + outputBytes[0] = 0x01; // format marker + WriteNetworkByteOrder(outputBytes, 1, (uint)prf); + WriteNetworkByteOrder(outputBytes, 5, (uint)iterCount); + WriteNetworkByteOrder(outputBytes, 9, (uint)saltSize); + Buffer.BlockCopy(salt, 0, outputBytes, 13, salt.Length); + Buffer.BlockCopy(subkey, 0, outputBytes, 13 + saltSize, subkey.Length); + return outputBytes; + } + + private void LogBadFormatError(string hashedPassword, string message, Exception exception = null) + { + if (_logger == null) + return; + + if (exception != null) + _logger.LogError(BadFormatEventId, exception, $"{message} Hashed password is {hashedPassword} ."); + else + _logger.LogError(BadFormatEventId, $"{message} Hashed password is {hashedPassword} ."); + } + + public virtual bool VerifyPassword(string hashedPassword, string providedPassword) + { + if (hashedPassword == null) + throw new ArgumentNullException(nameof(hashedPassword)); + if (providedPassword == null) + throw new ArgumentNullException(nameof(providedPassword)); + + byte[] decodedHashedPassword = Convert.FromBase64String(hashedPassword); + + // read the format marker from the hashed password + if (decodedHashedPassword.Length == 0) + { + LogBadFormatError(hashedPassword, "Decoded hashed password is of length 0."); + return false; + } + switch (decodedHashedPassword[0]) + { + case 0x01: + return VerifyHashedPasswordV3(decodedHashedPassword, providedPassword, hashedPassword); + + default: + LogBadFormatError(hashedPassword, "Unknown format marker."); + return false; // unknown format marker + } + } + + private bool VerifyHashedPasswordV3(byte[] hashedPassword, string password, string hashedPasswordString) + { + try + { + // Read header information + KeyDerivationPrf prf = (KeyDerivationPrf)ReadNetworkByteOrder(hashedPassword, 1); + int iterCount = (int)ReadNetworkByteOrder(hashedPassword, 5); + int saltLength = (int)ReadNetworkByteOrder(hashedPassword, 9); + + // Read the salt: must be >= 128 bits + if (saltLength < 128 / 8) + { + LogBadFormatError(hashedPasswordString, "Salt length < 128 bits."); + return false; + } + byte[] salt = new byte[saltLength]; + Buffer.BlockCopy(hashedPassword, 13, salt, 0, salt.Length); + + // Read the subkey (the rest of the payload): must be >= 128 bits + int subkeyLength = hashedPassword.Length - 13 - salt.Length; + if (subkeyLength < 128 / 8) + { + LogBadFormatError(hashedPasswordString, "Subkey length < 128 bits."); + return false; + } + byte[] expectedSubkey = new byte[subkeyLength]; + Buffer.BlockCopy(hashedPassword, 13 + salt.Length, expectedSubkey, 0, expectedSubkey.Length); + + // Hash the incoming password and verify it + byte[] actualSubkey = KeyDerivation.Pbkdf2(password, salt, prf, iterCount, subkeyLength); + return ByteArraysEqual(actualSubkey, expectedSubkey); + } + catch (Exception e) + { + // This should never occur except in the case of a malformed payload, where + // we might go off the end of the array. Regardless, a malformed payload + // implies verification failed. + LogBadFormatError(hashedPasswordString, "See exception.", e); + return false; + } + } + + private static uint ReadNetworkByteOrder(byte[] buffer, int offset) + { + return ((uint)(buffer[offset + 0]) << 24) + | ((uint)(buffer[offset + 1]) << 16) + | ((uint)(buffer[offset + 2]) << 8) + | ((uint)(buffer[offset + 3])); + } + + private static void WriteNetworkByteOrder(byte[] buffer, int offset, uint value) + { + buffer[offset + 0] = (byte)(value >> 24); + buffer[offset + 1] = (byte)(value >> 16); + buffer[offset + 2] = (byte)(value >> 8); + buffer[offset + 3] = (byte)(value >> 0); + } + } +} |