aboutsummaryrefslogtreecommitdiff
path: root/Timeline/Services/PasswordService.cs
diff options
context:
space:
mode:
Diffstat (limited to 'Timeline/Services/PasswordService.cs')
-rw-r--r--Timeline/Services/PasswordService.cs432
1 files changed, 216 insertions, 216 deletions
diff --git a/Timeline/Services/PasswordService.cs b/Timeline/Services/PasswordService.cs
index d114bb26..8c67d046 100644
--- a/Timeline/Services/PasswordService.cs
+++ b/Timeline/Services/PasswordService.cs
@@ -1,216 +1,216 @@
-using Microsoft.AspNetCore.Cryptography.KeyDerivation;
-using System;
-using System.Runtime.CompilerServices;
-using System.Security.Cryptography;
-
-namespace Timeline.Services
-{
- /// <summary>
- /// Hashed password is of bad format.
- /// </summary>
- /// <seealso cref="IPasswordService.VerifyPassword(string, string)"/>
- [Serializable]
- public class HashedPasswordBadFromatException : Exception
- {
- public HashedPasswordBadFromatException(string hashedPassword, string message) : base(message) { HashedPassword = hashedPassword; }
- public HashedPasswordBadFromatException(string hashedPassword, string message, Exception inner) : base(message, inner) { HashedPassword = hashedPassword; }
- protected HashedPasswordBadFromatException(
- System.Runtime.Serialization.SerializationInfo info,
- System.Runtime.Serialization.StreamingContext context) : base(info, context) { }
-
- public string HashedPassword { get; private set; }
- }
-
- public interface IPasswordService
- {
- /// <summary>
- /// Hash a password.
- /// </summary>
- /// <param name="password">The password to hash.</param>
- /// <returns>A hashed representation of the supplied <paramref name="password"/>.</returns>
- /// <exception cref="ArgumentNullException">Thrown when <paramref name="password"/> is null.</exception>
- string HashPassword(string password);
-
- /// <summary>
- /// Verify whether the password fits into the hashed one.
- ///
- /// Usually you only need to check the returned bool value.
- /// Catching <see cref="HashedPasswordBadFromatException"/> usually is not necessary.
- /// Because if your program logic is right and always call <see cref="HashPassword(string)"/>
- /// and <see cref="VerifyPassword(string, string)"/> in pair, this exception will never be thrown.
- /// A thrown one usually means the data you saved is corupted, which is a critical problem.
- /// </summary>
- /// <param name="hashedPassword">The hashed password.</param>
- /// <param name="providedPassword">The password supplied for comparison.</param>
- /// <returns>True indicating password is right. Otherwise false.</returns>
- /// <exception cref="ArgumentNullException">Thrown when <paramref name="hashedPassword"/> or <paramref name="providedPassword"/> is null.</exception>
- /// <exception cref="HashedPasswordBadFromatException">Thrown when the hashed password is of bad format.</exception>
- bool VerifyPassword(string hashedPassword, string providedPassword);
- }
-
- /// <summary>
- /// Copied from https://github.com/aspnet/AspNetCore/blob/master/src/Identity/Extensions.Core/src/PasswordHasher.cs
- /// Remove V2 format and unnecessary format version check.
- /// Remove configuration options.
- /// Remove user related parts.
- /// Change the exceptions.
- /// </summary>
- public class PasswordService : IPasswordService
- {
- /* =======================
- * HASHED PASSWORD FORMATS
- * =======================
- *
- * Version 3:
- * PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations.
- * Format: { 0x01, prf (UInt32), iter count (UInt32), salt length (UInt32), salt, subkey }
- * (All UInt32s are stored big-endian.)
- */
-
- private readonly RandomNumberGenerator _rng = RandomNumberGenerator.Create();
-
- public PasswordService()
- {
- }
-
- // Compares two byte arrays for equality. The method is specifically written so that the loop is not optimized.
- [MethodImpl(MethodImplOptions.NoInlining | MethodImplOptions.NoOptimization)]
- private static bool ByteArraysEqual(byte[] a, byte[] b)
- {
- if (a == null && b == null)
- {
- return true;
- }
- if (a == null || b == null || a.Length != b.Length)
- {
- return false;
- }
- var areSame = true;
- for (var i = 0; i < a.Length; i++)
- {
- areSame &= (a[i] == b[i]);
- }
- return areSame;
- }
-
- public string HashPassword(string password)
- {
- if (password == null)
- throw new ArgumentNullException(nameof(password));
- return Convert.ToBase64String(HashPasswordV3(password, _rng));
- }
-
- private byte[] HashPasswordV3(string password, RandomNumberGenerator rng)
- {
- return HashPasswordV3(password, rng,
- prf: KeyDerivationPrf.HMACSHA256,
- iterCount: 10000,
- saltSize: 128 / 8,
- numBytesRequested: 256 / 8);
- }
-
- private static byte[] HashPasswordV3(string password, RandomNumberGenerator rng, KeyDerivationPrf prf, int iterCount, int saltSize, int numBytesRequested)
- {
- // Produce a version 3 (see comment above) text hash.
- byte[] salt = new byte[saltSize];
- rng.GetBytes(salt);
- byte[] subkey = KeyDerivation.Pbkdf2(password, salt, prf, iterCount, numBytesRequested);
-
- var outputBytes = new byte[13 + salt.Length + subkey.Length];
- outputBytes[0] = 0x01; // format marker
- WriteNetworkByteOrder(outputBytes, 1, (uint)prf);
- WriteNetworkByteOrder(outputBytes, 5, (uint)iterCount);
- WriteNetworkByteOrder(outputBytes, 9, (uint)saltSize);
- Buffer.BlockCopy(salt, 0, outputBytes, 13, salt.Length);
- Buffer.BlockCopy(subkey, 0, outputBytes, 13 + saltSize, subkey.Length);
- return outputBytes;
- }
-
- public bool VerifyPassword(string hashedPassword, string providedPassword)
- {
- if (hashedPassword == null)
- throw new ArgumentNullException(nameof(hashedPassword));
- if (providedPassword == null)
- throw new ArgumentNullException(nameof(providedPassword));
-
- byte[] decodedHashedPassword;
- try
- {
- decodedHashedPassword = Convert.FromBase64String(hashedPassword);
- }
- catch (FormatException e)
- {
- throw new HashedPasswordBadFromatException(hashedPassword, "Not of valid base64 format. See inner exception.", e);
- }
-
- // read the format marker from the hashed password
- if (decodedHashedPassword.Length == 0)
- {
- throw new HashedPasswordBadFromatException(hashedPassword, "Decoded hashed password is of length 0.");
- }
- switch (decodedHashedPassword[0])
- {
- case 0x01:
- return VerifyHashedPasswordV3(decodedHashedPassword, providedPassword, hashedPassword);
-
- default:
- throw new HashedPasswordBadFromatException(hashedPassword, "Unknown format marker.");
- }
- }
-
- private bool VerifyHashedPasswordV3(byte[] hashedPassword, string password, string hashedPasswordString)
- {
- try
- {
- // Read header information
- KeyDerivationPrf prf = (KeyDerivationPrf)ReadNetworkByteOrder(hashedPassword, 1);
- int iterCount = (int)ReadNetworkByteOrder(hashedPassword, 5);
- int saltLength = (int)ReadNetworkByteOrder(hashedPassword, 9);
-
- // Read the salt: must be >= 128 bits
- if (saltLength < 128 / 8)
- {
- throw new HashedPasswordBadFromatException(hashedPasswordString, "Salt length < 128 bits.");
- }
- byte[] salt = new byte[saltLength];
- Buffer.BlockCopy(hashedPassword, 13, salt, 0, salt.Length);
-
- // Read the subkey (the rest of the payload): must be >= 128 bits
- int subkeyLength = hashedPassword.Length - 13 - salt.Length;
- if (subkeyLength < 128 / 8)
- {
- throw new HashedPasswordBadFromatException(hashedPasswordString, "Subkey length < 128 bits.");
- }
- byte[] expectedSubkey = new byte[subkeyLength];
- Buffer.BlockCopy(hashedPassword, 13 + salt.Length, expectedSubkey, 0, expectedSubkey.Length);
-
- // Hash the incoming password and verify it
- byte[] actualSubkey = KeyDerivation.Pbkdf2(password, salt, prf, iterCount, subkeyLength);
- return ByteArraysEqual(actualSubkey, expectedSubkey);
- }
- catch (Exception e)
- {
- // This should never occur except in the case of a malformed payload, where
- // we might go off the end of the array. Regardless, a malformed payload
- // implies verification failed.
- throw new HashedPasswordBadFromatException(hashedPasswordString, "See inner exception.", e);
- }
- }
-
- private static uint ReadNetworkByteOrder(byte[] buffer, int offset)
- {
- return ((uint)(buffer[offset + 0]) << 24)
- | ((uint)(buffer[offset + 1]) << 16)
- | ((uint)(buffer[offset + 2]) << 8)
- | ((uint)(buffer[offset + 3]));
- }
-
- private static void WriteNetworkByteOrder(byte[] buffer, int offset, uint value)
- {
- buffer[offset + 0] = (byte)(value >> 24);
- buffer[offset + 1] = (byte)(value >> 16);
- buffer[offset + 2] = (byte)(value >> 8);
- buffer[offset + 3] = (byte)(value >> 0);
- }
- }
-}
+using Microsoft.AspNetCore.Cryptography.KeyDerivation;
+using System;
+using System.Runtime.CompilerServices;
+using System.Security.Cryptography;
+
+namespace Timeline.Services
+{
+ /// <summary>
+ /// Hashed password is of bad format.
+ /// </summary>
+ /// <seealso cref="IPasswordService.VerifyPassword(string, string)"/>
+ [Serializable]
+ public class HashedPasswordBadFromatException : Exception
+ {
+ public HashedPasswordBadFromatException(string hashedPassword, string message) : base(message) { HashedPassword = hashedPassword; }
+ public HashedPasswordBadFromatException(string hashedPassword, string message, Exception inner) : base(message, inner) { HashedPassword = hashedPassword; }
+ protected HashedPasswordBadFromatException(
+ System.Runtime.Serialization.SerializationInfo info,
+ System.Runtime.Serialization.StreamingContext context) : base(info, context) { }
+
+ public string HashedPassword { get; private set; }
+ }
+
+ public interface IPasswordService
+ {
+ /// <summary>
+ /// Hash a password.
+ /// </summary>
+ /// <param name="password">The password to hash.</param>
+ /// <returns>A hashed representation of the supplied <paramref name="password"/>.</returns>
+ /// <exception cref="ArgumentNullException">Thrown when <paramref name="password"/> is null.</exception>
+ string HashPassword(string password);
+
+ /// <summary>
+ /// Verify whether the password fits into the hashed one.
+ ///
+ /// Usually you only need to check the returned bool value.
+ /// Catching <see cref="HashedPasswordBadFromatException"/> usually is not necessary.
+ /// Because if your program logic is right and always call <see cref="HashPassword(string)"/>
+ /// and <see cref="VerifyPassword(string, string)"/> in pair, this exception will never be thrown.
+ /// A thrown one usually means the data you saved is corupted, which is a critical problem.
+ /// </summary>
+ /// <param name="hashedPassword">The hashed password.</param>
+ /// <param name="providedPassword">The password supplied for comparison.</param>
+ /// <returns>True indicating password is right. Otherwise false.</returns>
+ /// <exception cref="ArgumentNullException">Thrown when <paramref name="hashedPassword"/> or <paramref name="providedPassword"/> is null.</exception>
+ /// <exception cref="HashedPasswordBadFromatException">Thrown when the hashed password is of bad format.</exception>
+ bool VerifyPassword(string hashedPassword, string providedPassword);
+ }
+
+ /// <summary>
+ /// Copied from https://github.com/aspnet/AspNetCore/blob/master/src/Identity/Extensions.Core/src/PasswordHasher.cs
+ /// Remove V2 format and unnecessary format version check.
+ /// Remove configuration options.
+ /// Remove user related parts.
+ /// Change the exceptions.
+ /// </summary>
+ public class PasswordService : IPasswordService
+ {
+ /* =======================
+ * HASHED PASSWORD FORMATS
+ * =======================
+ *
+ * Version 3:
+ * PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations.
+ * Format: { 0x01, prf (UInt32), iter count (UInt32), salt length (UInt32), salt, subkey }
+ * (All UInt32s are stored big-endian.)
+ */
+
+ private readonly RandomNumberGenerator _rng = RandomNumberGenerator.Create();
+
+ public PasswordService()
+ {
+ }
+
+ // Compares two byte arrays for equality. The method is specifically written so that the loop is not optimized.
+ [MethodImpl(MethodImplOptions.NoInlining | MethodImplOptions.NoOptimization)]
+ private static bool ByteArraysEqual(byte[] a, byte[] b)
+ {
+ if (a == null && b == null)
+ {
+ return true;
+ }
+ if (a == null || b == null || a.Length != b.Length)
+ {
+ return false;
+ }
+ var areSame = true;
+ for (var i = 0; i < a.Length; i++)
+ {
+ areSame &= (a[i] == b[i]);
+ }
+ return areSame;
+ }
+
+ public string HashPassword(string password)
+ {
+ if (password == null)
+ throw new ArgumentNullException(nameof(password));
+ return Convert.ToBase64String(HashPasswordV3(password, _rng));
+ }
+
+ private byte[] HashPasswordV3(string password, RandomNumberGenerator rng)
+ {
+ return HashPasswordV3(password, rng,
+ prf: KeyDerivationPrf.HMACSHA256,
+ iterCount: 10000,
+ saltSize: 128 / 8,
+ numBytesRequested: 256 / 8);
+ }
+
+ private static byte[] HashPasswordV3(string password, RandomNumberGenerator rng, KeyDerivationPrf prf, int iterCount, int saltSize, int numBytesRequested)
+ {
+ // Produce a version 3 (see comment above) text hash.
+ byte[] salt = new byte[saltSize];
+ rng.GetBytes(salt);
+ byte[] subkey = KeyDerivation.Pbkdf2(password, salt, prf, iterCount, numBytesRequested);
+
+ var outputBytes = new byte[13 + salt.Length + subkey.Length];
+ outputBytes[0] = 0x01; // format marker
+ WriteNetworkByteOrder(outputBytes, 1, (uint)prf);
+ WriteNetworkByteOrder(outputBytes, 5, (uint)iterCount);
+ WriteNetworkByteOrder(outputBytes, 9, (uint)saltSize);
+ Buffer.BlockCopy(salt, 0, outputBytes, 13, salt.Length);
+ Buffer.BlockCopy(subkey, 0, outputBytes, 13 + saltSize, subkey.Length);
+ return outputBytes;
+ }
+
+ public bool VerifyPassword(string hashedPassword, string providedPassword)
+ {
+ if (hashedPassword == null)
+ throw new ArgumentNullException(nameof(hashedPassword));
+ if (providedPassword == null)
+ throw new ArgumentNullException(nameof(providedPassword));
+
+ byte[] decodedHashedPassword;
+ try
+ {
+ decodedHashedPassword = Convert.FromBase64String(hashedPassword);
+ }
+ catch (FormatException e)
+ {
+ throw new HashedPasswordBadFromatException(hashedPassword, "Not of valid base64 format. See inner exception.", e);
+ }
+
+ // read the format marker from the hashed password
+ if (decodedHashedPassword.Length == 0)
+ {
+ throw new HashedPasswordBadFromatException(hashedPassword, "Decoded hashed password is of length 0.");
+ }
+ switch (decodedHashedPassword[0])
+ {
+ case 0x01:
+ return VerifyHashedPasswordV3(decodedHashedPassword, providedPassword, hashedPassword);
+
+ default:
+ throw new HashedPasswordBadFromatException(hashedPassword, "Unknown format marker.");
+ }
+ }
+
+ private bool VerifyHashedPasswordV3(byte[] hashedPassword, string password, string hashedPasswordString)
+ {
+ try
+ {
+ // Read header information
+ KeyDerivationPrf prf = (KeyDerivationPrf)ReadNetworkByteOrder(hashedPassword, 1);
+ int iterCount = (int)ReadNetworkByteOrder(hashedPassword, 5);
+ int saltLength = (int)ReadNetworkByteOrder(hashedPassword, 9);
+
+ // Read the salt: must be >= 128 bits
+ if (saltLength < 128 / 8)
+ {
+ throw new HashedPasswordBadFromatException(hashedPasswordString, "Salt length < 128 bits.");
+ }
+ byte[] salt = new byte[saltLength];
+ Buffer.BlockCopy(hashedPassword, 13, salt, 0, salt.Length);
+
+ // Read the subkey (the rest of the payload): must be >= 128 bits
+ int subkeyLength = hashedPassword.Length - 13 - salt.Length;
+ if (subkeyLength < 128 / 8)
+ {
+ throw new HashedPasswordBadFromatException(hashedPasswordString, "Subkey length < 128 bits.");
+ }
+ byte[] expectedSubkey = new byte[subkeyLength];
+ Buffer.BlockCopy(hashedPassword, 13 + salt.Length, expectedSubkey, 0, expectedSubkey.Length);
+
+ // Hash the incoming password and verify it
+ byte[] actualSubkey = KeyDerivation.Pbkdf2(password, salt, prf, iterCount, subkeyLength);
+ return ByteArraysEqual(actualSubkey, expectedSubkey);
+ }
+ catch (Exception e)
+ {
+ // This should never occur except in the case of a malformed payload, where
+ // we might go off the end of the array. Regardless, a malformed payload
+ // implies verification failed.
+ throw new HashedPasswordBadFromatException(hashedPasswordString, "See inner exception.", e);
+ }
+ }
+
+ private static uint ReadNetworkByteOrder(byte[] buffer, int offset)
+ {
+ return ((uint)(buffer[offset + 0]) << 24)
+ | ((uint)(buffer[offset + 1]) << 16)
+ | ((uint)(buffer[offset + 2]) << 8)
+ | ((uint)(buffer[offset + 3]));
+ }
+
+ private static void WriteNetworkByteOrder(byte[] buffer, int offset, uint value)
+ {
+ buffer[offset + 0] = (byte)(value >> 24);
+ buffer[offset + 1] = (byte)(value >> 16);
+ buffer[offset + 2] = (byte)(value >> 8);
+ buffer[offset + 3] = (byte)(value >> 0);
+ }
+ }
+}
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-28 21:50:31 +0000