Etusivu Tutki Apua
Kirjaudu sisään
mirrors
/
jellyfin
peilaus alkaen https://github.com/jellyfin/jellyfin
2
0
Haarauta 0
Tiedostot Esitykset 0 Wiki
Puu: v10.4.1
Haarat Tunnisteet
jellyfin
/
MediaBrowser.Common
/
Cryptography
/
PasswordHash.cs

PasswordHash.cs 4.8 KB
Pysyvä linkki Historia Raaka

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155 
  1. using System;
    2. 

  2. using System.Collections.Generic;
    3. 

  3. using System.IO;
    4. 

  4. using System.Text;
    5. 

  5. using static MediaBrowser.Common.HexHelper;
    6. 

  6. 

  7. namespace MediaBrowser.Common.Cryptography
    8. 

  8. {
    9. 

  9.     // Defined from this hash storage spec
    10. 

  10.     // https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md
    11. 

  11.     // $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
    12. 

  12.     // with one slight amendment to ease the transition, we're writing out the bytes in hex
    13. 

  13.     // rather than making them a BASE64 string with stripped padding
    14. 

  14.     public class PasswordHash
    15. 

  15.     {
    16. 

  16.         private readonly Dictionary<string, string> _parameters;
    17. 

  17. 

  18.         public PasswordHash(string id, byte[] hash)
    19. 

  19.             : this(id, hash, Array.Empty<byte>())
    20. 

  20.         {
    21. 

  21. 

  22.         }
    23. 

  23. 

  24.         public PasswordHash(string id, byte[] hash, byte[] salt)
    25. 

  25.             : this(id, hash, salt, new Dictionary<string, string>())
    26. 

  26.         {
    27. 

  27. 

  28.         }
    29. 

  29. 

  30.         public PasswordHash(string id, byte[] hash, byte[] salt, Dictionary<string, string> parameters)
    31. 

  31.         {
    32. 

  32.             Id = id;
    33. 

  33.             Hash = hash;
    34. 

  34.             Salt = salt;
    35. 

  35.             _parameters = parameters;
    36. 

  36.         }
    37. 

  37. 

  38.         /// <summary>
    39. 

  39.         /// Gets the symbolic name for the function used.
    40. 

  40.         /// </summary>
    41. 

  41.         /// <value>Returns the symbolic name for the function used.</value>
    42. 

  42.         public string Id { get; }
    43. 

  43. 

  44.         /// <summary>
    45. 

  45.         /// Gets the additional parameters used by the hash function.
    46. 

  46.         /// </summary>
    47. 

  47.         /// <value></value>
    48. 

  48.         public IReadOnlyDictionary<string, string> Parameters => _parameters;
    49. 

  49. 

  50.         /// <summary>
    51. 

  51.         /// Gets the salt used for hashing the password.
    52. 

  52.         /// </summary>
    53. 

  53.         /// <value>Returns the salt used for hashing the password.</value>
    54. 

  54.         public byte[] Salt { get; }
    55. 

  55. 

  56.         /// <summary>
    57. 

  57.         /// Gets the hashed password.
    58. 

  58.         /// </summary>
    59. 

  59.         /// <value>Return the hashed password.</value>
    60. 

  60.         public byte[] Hash { get; }
    61. 

  61. 

  62.         public static PasswordHash Parse(string storageString)
    63. 

  63.         {
    64. 

  64.             string[] splitted = storageString.Split('$');
    65. 

  65.             // The string should at least contain the hash function and the hash itself
    66. 

  66.             if (splitted.Length < 3)
    67. 

  67.             {
    68. 

  68.                 throw new ArgumentException("String doesn't contain enough segments", nameof(storageString));
    69. 

  69.             }
    70. 

  70. 

  71.             // Start at 1, the first index shouldn't contain any data
    72. 

  72.             int index = 1;
    73. 

  73. 

  74.             // Name of the hash function
    75. 

  75.             string id = splitted[index++];
    76. 

  76. 

  77.             // Optional parameters
    78. 

  78.             Dictionary<string, string> parameters = new Dictionary<string, string>();
    79. 

  79.             if (splitted[index].IndexOf('=') != -1)
    80. 

  80.             {
    81. 

  81.                 foreach (string paramset in splitted[index++].Split(','))
    82. 

  82.                 {
    83. 

  83.                     if (string.IsNullOrEmpty(paramset))
    84. 

  84.                     {
    85. 

  85.                         continue;
    86. 

  86.                     }
    87. 

  87. 

  88.                     string[] fields = paramset.Split('=');
    89. 

  89.                     if (fields.Length != 2)
    90. 

  90.                     {
    91. 

  91.                         throw new InvalidDataException($"Malformed parameter in password hash string {paramset}");
    92. 

  92.                     }
    93. 

  93. 

  94.                     parameters.Add(fields[0], fields[1]);
    95. 

  95.                 }
    96. 

  96.             }
    97. 

  97. 

  98.             byte[] hash;
    99. 

  99.             byte[] salt;
    100. 

  100.             // Check if the string also contains a salt
    101. 

  101.             if (splitted.Length - index == 2)
    102. 

  102.             {
    103. 

  103.                 salt = FromHexString(splitted[index++]);
    104. 

  104.                 hash = FromHexString(splitted[index++]);
    105. 

  105.             }
    106. 

  106.             else
    107. 

  107.             {
    108. 

  108.                 salt = Array.Empty<byte>();
    109. 

  109.                 hash = FromHexString(splitted[index++]);
    110. 

  110.             }
    111. 

  111. 

  112.             return new PasswordHash(id, hash, salt, parameters);
    113. 

  113.         }
    114. 

  114. 

  115.         private void SerializeParameters(StringBuilder stringBuilder)
    116. 

  116.         {
    117. 

  117.             if (_parameters.Count == 0)
    118. 

  118.             {
    119. 

  119.                 return;
    120. 

  120.             }
    121. 

  121. 

  122.             stringBuilder.Append('$');
    123. 

  123.             foreach (var pair in _parameters)
    124. 

  124.             {
    125. 

  125.                 stringBuilder.Append(pair.Key);
    126. 

  126.                 stringBuilder.Append('=');
    127. 

  127.                 stringBuilder.Append(pair.Value);
    128. 

  128.                 stringBuilder.Append(',');
    129. 

  129.             }
    130. 

  130. 

  131.             // Remove last ','
    132. 

  132.             stringBuilder.Length -= 1;
    133. 

  133.         }
    134. 

  134. 

  135.         /// <inheritdoc />
    136. 

  136.         public override string ToString()
    137. 

  137.         {
    138. 

  138.             var str = new StringBuilder();
    139. 

  139.             str.Append('$');
    140. 

  140.             str.Append(Id);
    141. 

  141.             SerializeParameters(str);
    142. 

  142. 

  143.             if (Salt.Length != 0)
    144. 

  144.             {
    145. 

  145.                 str.Append('$');
    146. 

  146.                 str.Append(ToHexString(Salt));
    147. 

  147.             }
    148. 

  148. 

  149.             str.Append('$');
    150. 

  150.             str.Append(ToHexString(Hash));
    151. 

  151. 

  152.             return str.ToString();
    153. 

  153.         }
    154. 

  154.     }
    155. 

  155. }
    156.