diff options
| author | Bond-009 <bond.009@outlook.com> | 2019-09-17 18:07:15 +0200 |
|---|---|---|
| committer | Anthony Lavado <anthony@lavado.ca> | 2019-09-17 12:07:15 -0400 |
| commit | 6f17a0b7af5775386e554f2e2e2a4a6829d2895d (patch) | |
| tree | ce792d21af0f8e5d0208aec1aba55e8047f2f439 /MediaBrowser.Model | |
| parent | adc2a68a98a572e6541ffac587fd9f6247aec6d5 (diff) | |
Remove legacy auth code (#1677)
* Remove legacy auth code
* Adds tests so we don't break PasswordHash (again)
* Clean up interfaces
* Remove duplicate code
* Use auto properties
* static using
* Don't use 'this'
* Fix build
Diffstat (limited to 'MediaBrowser.Model')
| -rw-r--r-- | MediaBrowser.Model/Cryptography/ICryptoProvider.cs | 19 | ||||
| -rw-r--r-- | MediaBrowser.Model/Cryptography/PasswordHash.cs | 142 |
2 files changed, 8 insertions, 153 deletions
diff --git a/MediaBrowser.Model/Cryptography/ICryptoProvider.cs b/MediaBrowser.Model/Cryptography/ICryptoProvider.cs index 9e85beb43..ce6493232 100644 --- a/MediaBrowser.Model/Cryptography/ICryptoProvider.cs +++ b/MediaBrowser.Model/Cryptography/ICryptoProvider.cs @@ -1,5 +1,3 @@ -using System; -using System.IO; using System.Collections.Generic; namespace MediaBrowser.Model.Cryptography @@ -7,20 +5,19 @@ namespace MediaBrowser.Model.Cryptography public interface ICryptoProvider { string DefaultHashMethod { get; } - [Obsolete("Use System.Security.Cryptography.MD5 directly")] - Guid GetMD5(string str); - [Obsolete("Use System.Security.Cryptography.MD5 directly")] - byte[] ComputeMD5(Stream str); - [Obsolete("Use System.Security.Cryptography.MD5 directly")] - byte[] ComputeMD5(byte[] bytes); - [Obsolete("Use System.Security.Cryptography.SHA1 directly")] - byte[] ComputeSHA1(byte[] bytes); + IEnumerable<string> GetSupportedHashMethods(); + byte[] ComputeHash(string HashMethod, byte[] bytes); + byte[] ComputeHashWithDefaultMethod(byte[] bytes); + byte[] ComputeHash(string HashMethod, byte[] bytes, byte[] salt); + byte[] ComputeHashWithDefaultMethod(byte[] bytes, byte[] salt); - byte[] ComputeHash(PasswordHash hash); + byte[] GenerateSalt(); + + byte[] GenerateSalt(int length); } } diff --git a/MediaBrowser.Model/Cryptography/PasswordHash.cs b/MediaBrowser.Model/Cryptography/PasswordHash.cs deleted file mode 100644 index 6e66f2088..000000000 --- a/MediaBrowser.Model/Cryptography/PasswordHash.cs +++ /dev/null @@ -1,142 +0,0 @@ -using System; -using System.Collections.Generic; -using System.IO; -using System.Text; - -namespace MediaBrowser.Model.Cryptography -{ - public class PasswordHash - { - // Defined from this hash storage spec - // https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md - // $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]] - // with one slight amendment to ease the transition, we're writing out the bytes in hex - // rather than making them a BASE64 string with stripped padding - - private string _id; - - private Dictionary<string, string> _parameters = new Dictionary<string, string>(); - - private byte[] _salt; - - private byte[] _hash; - - public PasswordHash(string storageString) - { - string[] splitted = storageString.Split('$'); - // The string should at least contain the hash function and the hash itself - if (splitted.Length < 3) - { - throw new ArgumentException("String doesn't contain enough segments", nameof(storageString)); - } - - // Start at 1, the first index shouldn't contain any data - int index = 1; - - // Name of the hash function - _id = splitted[index++]; - - // Optional parameters - if (splitted[index].IndexOf('=') != -1) - { - foreach (string paramset in splitted[index++].Split(',')) - { - if (string.IsNullOrEmpty(paramset)) - { - continue; - } - - string[] fields = paramset.Split('='); - if (fields.Length != 2) - { - throw new InvalidDataException($"Malformed parameter in password hash string {paramset}"); - } - - _parameters.Add(fields[0], fields[1]); - } - } - - // Check if the string also contains a salt - if (splitted.Length - index == 2) - { - _salt = ConvertFromByteString(splitted[index++]); - _hash = ConvertFromByteString(splitted[index++]); - } - else - { - _salt = Array.Empty<byte>(); - _hash = ConvertFromByteString(splitted[index++]); - } - } - - public PasswordHash(ICryptoProvider cryptoProvider) - { - _id = cryptoProvider.DefaultHashMethod; - _salt = cryptoProvider.GenerateSalt(); - _hash = Array.Empty<Byte>(); - } - - public string Id { get => _id; set => _id = value; } - - public Dictionary<string, string> Parameters { get => _parameters; set => _parameters = value; } - - public byte[] Salt { get => _salt; set => _salt = value; } - - public byte[] Hash { get => _hash; set => _hash = value; } - - // TODO: move this class and use the HexHelper class - public static byte[] ConvertFromByteString(string byteString) - { - byte[] bytes = new byte[byteString.Length / 2]; - for (int i = 0; i < byteString.Length; i += 2) - { - // TODO: NetStandard2.1 switch this to use a span instead of a substring. - bytes[i / 2] = Convert.ToByte(byteString.Substring(i, 2), 16); - } - - return bytes; - } - - public static string ConvertToByteString(byte[] bytes) - => BitConverter.ToString(bytes).Replace("-", string.Empty); - - private void SerializeParameters(StringBuilder stringBuilder) - { - if (_parameters.Count == 0) - { - return; - } - - stringBuilder.Append('$'); - foreach (var pair in _parameters) - { - stringBuilder.Append(pair.Key); - stringBuilder.Append('='); - stringBuilder.Append(pair.Value); - stringBuilder.Append(','); - } - - // Remove last ',' - stringBuilder.Length -= 1; - } - - public override string ToString() - { - var str = new StringBuilder(); - str.Append('$'); - str.Append(_id); - SerializeParameters(str); - - if (_salt.Length != 0) - { - str.Append('$'); - str.Append(ConvertToByteString(_salt)); - } - - str.Append('$'); - str.Append(ConvertToByteString(_hash)); - - return str.ToString(); - } - } -} |