jellyfin/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs

134 lines
4.6 KiB
C#
Raw Normal View History

2019-02-20 09:17:30 +00:00
using System;
using System.Collections.Generic;
using System.Security.Cryptography;
using MediaBrowser.Model.Cryptography;
using static MediaBrowser.Common.Cryptography.Constants;
2019-02-20 09:17:30 +00:00
namespace Emby.Server.Implementations.Cryptography
{
2019-05-21 17:28:34 +00:00
public class CryptographyProvider : ICryptoProvider, IDisposable
2019-02-20 09:17:30 +00:00
{
2019-03-07 11:32:05 +00:00
private static readonly HashSet<string> _supportedHashMethods = new HashSet<string>()
2019-02-20 09:17:30 +00:00
{
2019-03-07 11:11:41 +00:00
"MD5",
"System.Security.Cryptography.MD5",
"SHA",
"SHA1",
"System.Security.Cryptography.SHA1",
"SHA256",
"SHA-256",
"System.Security.Cryptography.SHA256",
"SHA384",
"SHA-384",
"System.Security.Cryptography.SHA384",
"SHA512",
"SHA-512",
"System.Security.Cryptography.SHA512"
2019-02-20 09:17:30 +00:00
};
2019-03-07 11:32:05 +00:00
private RandomNumberGenerator _randomNumberGenerator;
2019-05-21 17:28:34 +00:00
private bool _disposed = false;
2019-03-07 11:32:05 +00:00
public CryptographyProvider()
{
2019-05-21 17:28:34 +00:00
// FIXME: When we get DotNet Standard 2.1 we need to revisit how we do the crypto
// Currently supported hash methods from https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.cryptoconfig?view=netcore-2.1
// there might be a better way to autogenerate this list as dotnet updates, but I couldn't find one
// Please note the default method of PBKDF2 is not included, it cannot be used to generate hashes cleanly as it is actually a pbkdf with sha1
2019-03-05 07:58:25 +00:00
_randomNumberGenerator = RandomNumberGenerator.Create();
2019-02-20 09:17:30 +00:00
}
2019-05-21 17:28:34 +00:00
public string DefaultHashMethod => "PBKDF2";
2019-02-20 09:17:30 +00:00
public IEnumerable<string> GetSupportedHashMethods()
2019-05-21 17:28:34 +00:00
=> _supportedHashMethods;
2019-02-20 09:17:30 +00:00
private byte[] PBKDF2(string method, byte[] bytes, byte[] salt, int iterations)
{
// downgrading for now as we need this library to be dotnetstandard compliant
// with this downgrade we'll add a check to make sure we're on the downgrade method at the moment
if (method == DefaultHashMethod)
2019-02-20 09:17:30 +00:00
{
using (var r = new Rfc2898DeriveBytes(bytes, salt, iterations))
{
return r.GetBytes(32);
}
2019-02-20 09:17:30 +00:00
}
2019-03-05 07:58:25 +00:00
throw new CryptographicException($"Cannot currently use PBKDF2 with requested hash method: {method}");
2019-02-20 09:17:30 +00:00
}
2019-03-05 07:58:25 +00:00
public byte[] ComputeHash(string hashMethod, byte[] bytes)
2019-05-21 17:28:34 +00:00
=> ComputeHash(hashMethod, bytes, Array.Empty<byte>());
2019-02-20 09:17:30 +00:00
public byte[] ComputeHashWithDefaultMethod(byte[] bytes)
2019-05-21 17:28:34 +00:00
=> ComputeHash(DefaultHashMethod, bytes);
2019-02-20 09:17:30 +00:00
2019-03-05 07:58:25 +00:00
public byte[] ComputeHash(string hashMethod, byte[] bytes, byte[] salt)
2019-02-20 09:17:30 +00:00
{
if (hashMethod == DefaultHashMethod)
{
return PBKDF2(hashMethod, bytes, salt, DefaultIterations);
}
2019-03-05 07:58:25 +00:00
else if (_supportedHashMethods.Contains(hashMethod))
2019-02-20 09:17:30 +00:00
{
2019-03-05 07:58:25 +00:00
using (var h = HashAlgorithm.Create(hashMethod))
2019-02-20 09:17:30 +00:00
{
if (salt.Length == 0)
2019-02-20 09:17:30 +00:00
{
return h.ComputeHash(bytes);
}
else
{
2019-03-07 11:11:41 +00:00
byte[] salted = new byte[bytes.Length + salt.Length];
Array.Copy(bytes, salted, bytes.Length);
Array.Copy(salt, 0, salted, bytes.Length, salt.Length);
return h.ComputeHash(salted);
}
2019-02-20 09:17:30 +00:00
}
}
2019-05-21 17:28:34 +00:00
throw new CryptographicException($"Requested hash method is not supported: {hashMethod}");
2019-02-20 09:17:30 +00:00
}
public byte[] ComputeHashWithDefaultMethod(byte[] bytes, byte[] salt)
=> PBKDF2(DefaultHashMethod, bytes, salt, DefaultIterations);
2019-02-20 09:17:30 +00:00
public byte[] GenerateSalt()
=> GenerateSalt(DefaultSaltLength);
public byte[] GenerateSalt(int length)
2019-02-20 09:17:30 +00:00
{
byte[] salt = new byte[length];
2019-03-05 07:58:25 +00:00
_randomNumberGenerator.GetBytes(salt);
2019-02-20 09:17:30 +00:00
return salt;
}
2019-05-21 17:28:34 +00:00
/// <inheritdoc />
public void Dispose()
{
Dispose(true);
GC.SuppressFinalize(this);
}
protected virtual void Dispose(bool disposing)
{
if (_disposed)
{
return;
}
if (disposing)
{
_randomNumberGenerator.Dispose();
}
_randomNumberGenerator = null;
_disposed = true;
}
2019-02-20 09:17:30 +00:00
}
}