jellyfin/MediaBrowser.Model/Cryptography/PasswordHash.cs

using System;
using System.Collections.Generic;
using System.Text;

namespace MediaBrowser.Model.Cryptography
{
    public class PasswordHash
    {
        // Defined from this hash storage spec
        // https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md
        // $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
        // with one slight amendment to ease the transition, we're writing out the bytes in hex
        // rather than making them a BASE64 string with stripped padding

        private string _id;

        private Dictionary<string, string> _parameters = new Dictionary<string, string>();

        private string _salt;

        private byte[] _saltBytes;

        private string _hash;

        private byte[] _hashBytes;

        public string Id { get => _id; set => _id = value; }

        public Dictionary<string, string> Parameters { get => _parameters; set => _parameters = value; }

        public string Salt { get => _salt; set => _salt = value; }

        public byte[] SaltBytes { get => _saltBytes; set => _saltBytes = value; }

        public string Hash { get => _hash; set => _hash = value; }

        public byte[] HashBytes { get => _hashBytes; set => _hashBytes = value; }

        public PasswordHash(string storageString)
        {
            string[] splitted = storageString.Split('$');
            _id = splitted[1];
            if (splitted[2].Contains("="))
            {
                foreach (string paramset in (splitted[2].Split(',')))
                {
                    if (!string.IsNullOrEmpty(paramset))
                    {
                        string[] fields = paramset.Split('=');
                        if (fields.Length == 2)
                        {
                            _parameters.Add(fields[0], fields[1]);
                        }
                        else
                        {
                            throw new Exception($"Malformed parameter in password hash string {paramset}");
                        }
                    }
                }
                if (splitted.Length == 5)
                {
                    _salt = splitted[3];
                    _saltBytes = ConvertFromByteString(_salt);
                    _hash = splitted[4];
                    _hashBytes = ConvertFromByteString(_hash);
                }
                else
                {
                    _salt = string.Empty;
                    _hash = splitted[3];
                    _hashBytes = ConvertFromByteString(_hash);
                }
            }
            else
            {
                if (splitted.Length == 4)
                {
                    _salt = splitted[2];
                    _saltBytes = ConvertFromByteString(_salt);
                    _hash = splitted[3];
                    _hashBytes = ConvertFromByteString(_hash);
                }
                else
                {
                    _salt = string.Empty;
                    _hash = splitted[2];
                    _hashBytes = ConvertFromByteString(_hash);
                }

            }

        }

        public PasswordHash(ICryptoProvider cryptoProvider)
        {
            _id = cryptoProvider.DefaultHashMethod;
            _saltBytes = cryptoProvider.GenerateSalt();
            _salt = ConvertToByteString(SaltBytes);
        }

        public static byte[] ConvertFromByteString(string byteString)
        {
            List<byte> bytes = new List<byte>();
            for (int i = 0; i < byteString.Length; i += 2)
            {
                // TODO: NetStandard2.1 switch this to use a span instead of a substring.
                bytes.Add(Convert.ToByte(byteString.Substring(i, 2), 16));
            }

            return bytes.ToArray();
        }

        public static string ConvertToByteString(byte[] bytes)
        {
            return BitConverter.ToString(bytes).Replace("-", "");
        }

        private string SerializeParameters()
        {
            string ReturnString = string.Empty;
            foreach (var KVP in _parameters)
            {
                ReturnString += $",{KVP.Key}={KVP.Value}";
            }

            if ((!string.IsNullOrEmpty(ReturnString)) && ReturnString[0] == ',')
            {
                ReturnString = ReturnString.Remove(0, 1);
            }

            return ReturnString;
        }

        public override string ToString()
        {
            string outString = "$" + _id;
            string paramstring = SerializeParameters();
            if (!string.IsNullOrEmpty(paramstring))
            {
                outString += $"${paramstring}";
            }

            if (!string.IsNullOrEmpty(_salt))
            {
                outString += $"${_salt}";
            }

            outString += $"${_hash}";
            return outString;
        }
    }

}
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`using System;`
			`using System.Collections.Generic;`
			`using System.Text;`

			`namespace MediaBrowser.Model.Cryptography`
			`{`
			`public class PasswordHash`
			`{`
minor style fixes 2019-03-05 07:58:25 +00:00			`// Defined from this hash storage spec`
			`// https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md`
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`// $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]`
			`// with one slight amendment to ease the transition, we're writing out the bytes in hex`
minor style fixes 2019-03-05 07:58:25 +00:00			`// rather than making them a BASE64 string with stripped padding`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`private string _id;`
minor style fixes 2019-03-05 07:58:25 +00:00
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`private Dictionary<string, string> _parameters = new Dictionary<string, string>();`
minor style fixes 2019-03-05 07:58:25 +00:00
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`private string _salt;`
minor style fixes 2019-03-05 07:58:25 +00:00
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`private byte[] _saltBytes;`
minor style fixes 2019-03-05 07:58:25 +00:00
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`private string _hash;`

			`private byte[] _hashBytes;`

			`public string Id { get => _id; set => _id = value; }`

			`public Dictionary<string, string> Parameters { get => _parameters; set => _parameters = value; }`

			`public string Salt { get => _salt; set => _salt = value; }`

			`public byte[] SaltBytes { get => _saltBytes; set => _saltBytes = value; }`

			`public string Hash { get => _hash; set => _hash = value; }`

			`public byte[] HashBytes { get => _hashBytes; set => _hashBytes = value; }`
minor style fixes 2019-03-05 07:58:25 +00:00
Minor fixes re:PR870, added null checks from PR876 2019-02-13 08:33:00 +00:00			`public PasswordHash(string storageString)`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
added justaman notes, fixed new bug from emty has removals 2019-02-18 09:26:01 +00:00			`string[] splitted = storageString.Split('$');`
minor style fixes 2019-03-05 07:58:25 +00:00			`_id = splitted[1];`
added justaman notes, fixed new bug from emty has removals 2019-02-18 09:26:01 +00:00			`if (splitted[2].Contains("="))`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
added justaman notes, fixed new bug from emty has removals 2019-02-18 09:26:01 +00:00			`foreach (string paramset in (splitted[2].Split(',')))`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
minor changes and return to netstandard 2019-02-20 08:00:26 +00:00			`if (!string.IsNullOrEmpty(paramset))`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`string[] fields = paramset.Split('=');`
			`if (fields.Length == 2)`
			`{`
			`_parameters.Add(fields[0], fields[1]);`
			`}`
			`else`
			`{`
			`throw new Exception($"Malformed parameter in password hash string {paramset}");`
Minor fixes re:PR870, added null checks from PR876 2019-02-13 08:33:00 +00:00			`}`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`}`
			`}`
added justaman notes, fixed new bug from emty has removals 2019-02-18 09:26:01 +00:00			`if (splitted.Length == 5)`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
minor style fixes 2019-03-05 07:58:25 +00:00			`_salt = splitted[3];`
			`_saltBytes = ConvertFromByteString(_salt);`
			`_hash = splitted[4];`
			`_hashBytes = ConvertFromByteString(_hash);`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`}`
			`else`
			`{`
minor style fixes 2019-03-05 07:58:25 +00:00			`_salt = string.Empty;`
			`_hash = splitted[3];`
			`_hashBytes = ConvertFromByteString(_hash);`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`}`
			`}`
			`else`
			`{`
added justaman notes, fixed new bug from emty has removals 2019-02-18 09:26:01 +00:00			`if (splitted.Length == 4)`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
minor style fixes 2019-03-05 07:58:25 +00:00			`_salt = splitted[2];`
			`_saltBytes = ConvertFromByteString(_salt);`
			`_hash = splitted[3];`
			`_hashBytes = ConvertFromByteString(_hash);`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`}`
			`else`
			`{`
minor style fixes 2019-03-05 07:58:25 +00:00			`_salt = string.Empty;`
			`_hash = splitted[2];`
			`_hashBytes = ConvertFromByteString(_hash);`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`}`

			`}`

Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`}`

Minor fixes re:PR870, added null checks from PR876 2019-02-13 08:33:00 +00:00			`public PasswordHash(ICryptoProvider cryptoProvider)`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
minor style fixes 2019-03-05 07:58:25 +00:00			`_id = cryptoProvider.DefaultHashMethod;`
			`_saltBytes = cryptoProvider.GenerateSalt();`
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`_salt = ConvertToByteString(SaltBytes);`
			`}`

			`public static byte[] ConvertFromByteString(string byteString)`
			`{`
			`List<byte> bytes = new List<byte>();`
			`for (int i = 0; i < byteString.Length; i += 2)`
			`{`
			`// TODO: NetStandard2.1 switch this to use a span instead of a substring.`
			`bytes.Add(Convert.ToByte(byteString.Substring(i, 2), 16));`
			`}`

			`return bytes.ToArray();`
			`}`

			`public static string ConvertToByteString(byte[] bytes)`
			`{`
			`return BitConverter.ToString(bytes).Replace("-", "");`
			`}`
Minor fixes re:PR870, added null checks from PR876 2019-02-13 08:33:00 +00:00
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`private string SerializeParameters()`
			`{`
minor changes and return to netstandard 2019-02-20 08:00:26 +00:00			`string ReturnString = string.Empty;`
minor style fixes 2019-03-05 07:58:25 +00:00			`foreach (var KVP in _parameters)`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
minor changes and return to netstandard 2019-02-20 08:00:26 +00:00			`ReturnString += $",{KVP.Key}={KVP.Value}";`
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`}`
minor changes and return to netstandard 2019-02-20 08:00:26 +00:00
sha256 with salt auth and sha1 interop 2019-02-12 10:16:03 +00:00			`if ((!string.IsNullOrEmpty(ReturnString)) && ReturnString[0] == ',')`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`{`
			`ReturnString = ReturnString.Remove(0, 1);`
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`}`
minor changes and return to netstandard 2019-02-20 08:00:26 +00:00
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`return ReturnString;`
			`}`

			`public override string ToString()`
Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`{`
			`string outString = "$" + _id;`
			`string paramstring = SerializeParameters();`
			`if (!string.IsNullOrEmpty(paramstring))`
			`{`
			`outString += $"${paramstring}";`
			`}`

			`if (!string.IsNullOrEmpty(_salt))`
			`{`
			`outString += $"${_salt}";`
			`}`

minor style fixes 2019-03-05 07:58:25 +00:00			`outString += $"${_hash}";`
added justaman notes, fixed new bug from emty has removals 2019-02-18 09:26:01 +00:00			`return outString;`
Upgrade crypto provider, retarget better framework 2019-01-31 08:24:53 +00:00			`}`
			`}`

Apply suggestions from code review more minor fixes before I do larger fixes Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com> 2019-03-07 10:41:44 +00:00			`}`