diff options
| author | Phallacy <Dragoonmac@gmail.com> | 2019-02-13 00:33:00 -0800 |
|---|---|---|
| committer | Phallacy <Dragoonmac@gmail.com> | 2019-02-13 00:33:00 -0800 |
| commit | 77602aff889e605f8178ecf95592c0d75102e59f (patch) | |
| tree | 0db6627a1aab95d6b4710e0b4de2e8f01b87cc00 /Emby.Server.Implementations/Cryptography | |
| parent | 1ffd443d5aaec408170eaec31923a1cbbe1bb929 (diff) | |
Minor fixes re:PR870, added null checks from PR876
Diffstat (limited to 'Emby.Server.Implementations/Cryptography')
| -rw-r--r-- | Emby.Server.Implementations/Cryptography/CryptographyProvider.cs | 38 |
1 files changed, 24 insertions, 14 deletions
diff --git a/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs b/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs index 4f2bc1b03..7817989e7 100644 --- a/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs +++ b/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs @@ -9,7 +9,7 @@ namespace Emby.Server.Implementations.Cryptography {
public class CryptographyProvider : ICryptoProvider
{
- private List<string> SupportedHashMethods = new List<string>();
+ private HashSet<string> SupportedHashMethods;
public string DefaultHashMethod => "SHA256";
private RandomNumberGenerator rng;
private int defaultiterations = 1000;
@@ -17,7 +17,7 @@ namespace Emby.Server.Implementations.Cryptography {
//Currently supported hash methods from https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.cryptoconfig?view=netcore-2.1
//there might be a better way to autogenerate this list as dotnet updates, but I couldn't find one
- SupportedHashMethods = new List<string>
+ SupportedHashMethods = new HashSet<string>()
{
"MD5"
,"System.Security.Cryptography.MD5"
@@ -71,9 +71,9 @@ namespace Emby.Server.Implementations.Cryptography return SupportedHashMethods;
}
- private byte[] PBKDF2(string method, byte[] bytes, byte[] salt)
- {
- using (var r = new Rfc2898DeriveBytes(bytes, salt, defaultiterations, new HashAlgorithmName(method)))
+ private byte[] PBKDF2(string method, byte[] bytes, byte[] salt, int iterations)
+ { + using (var r = new Rfc2898DeriveBytes(bytes, salt, iterations, new HashAlgorithmName(method)))
{
return r.GetBytes(32);
}
@@ -102,30 +102,40 @@ namespace Emby.Server.Implementations.Cryptography }
else
{
- return PBKDF2(HashMethod, bytes, salt);
+ return PBKDF2(HashMethod, bytes, salt,defaultiterations);
}
}
else
{
throw new CryptographicException(String.Format("Requested hash method is not supported: {0}", HashMethod));
}
- }
+ } public byte[] ComputeHashWithDefaultMethod(byte[] bytes, byte[] salt)
{
- return PBKDF2(DefaultHashMethod, bytes, salt);
+ return PBKDF2(DefaultHashMethod, bytes, salt, defaultiterations);
}
public byte[] ComputeHash(PasswordHash hash)
- {
- return ComputeHash(hash.Id, hash.HashBytes, hash.SaltBytes);
- }
-
+ { + int iterations = defaultiterations; + if (!hash.Parameters.ContainsKey("iterations")) + { + hash.Parameters.Add("iterations", defaultiterations.ToString()); + } + else + { + try { iterations = int.Parse(hash.Parameters["iterations"]); } + catch (Exception e) { iterations = defaultiterations; throw new Exception($"Couldn't successfully parse iterations value from string:{hash.Parameters["iterations"]}", e); } + }
+ return PBKDF2(hash.Id, hash.HashBytes, hash.SaltBytes,iterations);
+ } + public byte[] GenerateSalt()
{
- byte[] salt = new byte[8];
+ byte[] salt = new byte[64];
rng.GetBytes(salt);
return salt;
- }
+ } }
}
|