[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Better default authentication #870

Merged
merged 22 commits into from
Mar 7, 2019
Merged

Better default authentication #870

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
22 commits
Select commit Hold shift + click to select a range
49d9649
added submodule dir to gitignore
LogicalPhallacy Jan 31, 2019
4519ce2
Upgrade crypto provider, retarget better framework
LogicalPhallacy Jan 31, 2019
8bf88f4
Merge pull request #9 from jellyfin/master
LogicalPhallacy Feb 12, 2019
05bbf71
sha256 with salt auth and sha1 interop
LogicalPhallacy Feb 12, 2019
1dc5a62
fixed gitignore fail
LogicalPhallacy Feb 13, 2019
1ffd443
fixed nul user check to be first per justaman
LogicalPhallacy Feb 13, 2019
77602af
Minor fixes re:PR870, added null checks from PR876
LogicalPhallacy Feb 13, 2019
9e58e31
Update Emby.Server.Implementations/Library/DefaultAuthenticationProvi…
cvium Feb 13, 2019
d8e6808
Update Emby.Server.Implementations/Library/DefaultAuthenticationProvi…
cvium Feb 13, 2019
9f3aa2c
Apply suggestions from code review
LogicalPhallacy Feb 18, 2019
48e7274
added justaman notes, fixed new bug from emty has removals
LogicalPhallacy Feb 18, 2019
56e3063
little fixes for JustAMan
LogicalPhallacy Feb 18, 2019
6bbb968
minor changes and return to netstandard
LogicalPhallacy Feb 20, 2019
a0d31a4
merging with master to clear merge conflict
LogicalPhallacy Feb 20, 2019
098de6b
made newlines into linux newlines
LogicalPhallacy Feb 20, 2019
edba82d
fixed logic flip in auth empty check and fixed crypto algo choice
LogicalPhallacy Feb 28, 2019
2c26517
minor style fixes
LogicalPhallacy Mar 5, 2019
bef665b
Minor fixes to address style issues
LogicalPhallacy Mar 6, 2019
c31b0b3
Apply suggestions from code review
Bond-009 Mar 7, 2019
8f4895e
more fixes for perf and style
LogicalPhallacy Mar 7, 2019
dfb1d70
made hashset static and readonly
LogicalPhallacy Mar 7, 2019
f486f59
Update Emby.Server.Implementations/Library/DefaultAuthenticationProvi…
Bond-009 Mar 7, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Apply suggestions from code review 
more minor fixes before I do larger fixes

Co-Authored-By: LogicalPhallacy <44458166+LogicalPhallacy@users.noreply.github.com>
  • Loading branch information
@Bond-009 @LogicalPhallacy
Bond-009 and LogicalPhallacy authored Mar 7, 2019
commit c31b0b311b339475650aa8812eb57152cac32d80
6 changes: 3 additions & 3 deletions Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,7 +83,7 @@ private byte[] PBKDF2(string method, byte[] bytes, byte[] salt, int iterations)
{
//downgrading for now as we need this library to be dotnetstandard compliant
LogicalPhallacy marked this conversation as resolved.
Show resolved Hide resolved
//with this downgrade we'll add a check to make sure we're on the downgrade method at the moment
if(method == DefaultHashMethod)
if (method == DefaultHashMethod)
{
using (var r = new Rfc2898DeriveBytes(bytes, salt, iterations))
{
Expand All @@ -96,7 +96,7 @@ private byte[] PBKDF2(string method, byte[] bytes, byte[] salt, int iterations)

public byte[] ComputeHash(string hashMethod, byte[] bytes)
{
return ComputeHash(hashMethod, bytes, new byte[0]);
return ComputeHash(hashMethod, bytes, Array.Empty<byte>());
}

public byte[] ComputeHashWithDefaultMethod(byte[] bytes)
Expand All @@ -106,7 +106,7 @@ public byte[] ComputeHashWithDefaultMethod(byte[] bytes)

public byte[] ComputeHash(string hashMethod, byte[] bytes, byte[] salt)
{
if(hashMethod == DefaultHashMethod)
if (hashMethod == DefaultHashMethod)
{
return PBKDF2(hashMethod, bytes, salt, _defaultIterations);
}
Expand Down
2 changes: 1 addition & 1 deletion Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ private void ConvertPasswordFormat(User user)
if (!user.Password.Contains("$"))
{
string hash = user.Password;
user.Password = String.Format("$SHA1${0}", hash);
user.Password = string.Format("$SHA1${0}", hash);
}

if (user.EasyPassword != null && !user.EasyPassword.Contains("$"))
Expand Down
132 changes: 66 additions & 66 deletions MediaBrowser.Model/Cryptography/PasswordHash.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,34 +8,34 @@ public class PasswordHash
{
// Defined from this hash storage spec
// https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md
// $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
// with one slight amendment to ease the transition, we're writing out the bytes in hex
// $<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
// with one slight amendment to ease the transition, we're writing out the bytes in hex
// rather than making them a BASE64 string with stripped padding

private string _id;
private string _id;

private Dictionary<string, string> _parameters = new Dictionary<string, string>();
private Dictionary<string, string> _parameters = new Dictionary<string, string>();

private string _salt;
private string _salt;

private byte[] _saltBytes;
private byte[] _saltBytes;

private string _hash;
private string _hash;

private byte[] _hashBytes;

public string Id { get => _id; set => _id = value; }

public Dictionary<string, string> Parameters { get => _parameters; set => _parameters = value; }

public string Salt { get => _salt; set => _salt = value; }

public byte[] SaltBytes { get => _saltBytes; set => _saltBytes = value; }

public string Hash { get => _hash; set => _hash = value; }

public byte[] HashBytes { get => _hashBytes; set => _hashBytes = value; }

private byte[] _hashBytes;

public string Id { get => _id; set => _id = value; }

public Dictionary<string, string> Parameters { get => _parameters; set => _parameters = value; }

public string Salt { get => _salt; set => _salt = value; }

public byte[] SaltBytes { get => _saltBytes; set => _saltBytes = value; }

public string Hash { get => _hash; set => _hash = value; }

public byte[] HashBytes { get => _hashBytes; set => _hashBytes = value; }

public PasswordHash(string storageString)
{
string[] splitted = storageString.Split('$');
Expand All @@ -46,14 +46,14 @@ public PasswordHash(string storageString)
{
if (!string.IsNullOrEmpty(paramset))
{
string[] fields = paramset.Split('=');
if (fields.Length == 2)
{
_parameters.Add(fields[0], fields[1]);
}
else
{
throw new Exception($"Malformed parameter in password hash string {paramset}");
string[] fields = paramset.Split('=');
LogicalPhallacy marked this conversation as resolved.
Show resolved Hide resolved
if (fields.Length == 2)
{
_parameters.Add(fields[0], fields[1]);
}
else
{
throw new Exception($"Malformed parameter in password hash string {paramset}");
}
LogicalPhallacy marked this conversation as resolved.
Show resolved Hide resolved
}
}
Expand Down Expand Up @@ -89,65 +89,65 @@ public PasswordHash(string storageString)

}

}

}
public PasswordHash(ICryptoProvider cryptoProvider)
{
_id = cryptoProvider.DefaultHashMethod;
_saltBytes = cryptoProvider.GenerateSalt();
_salt = ConvertToByteString(SaltBytes);
}

public static byte[] ConvertFromByteString(string byteString)
{
List<byte> bytes = new List<byte>();
for (int i = 0; i < byteString.Length; i += 2)
{
// TODO: NetStandard2.1 switch this to use a span instead of a substring.
bytes.Add(Convert.ToByte(byteString.Substring(i, 2),16));
}

return bytes.ToArray();
}

public static string ConvertToByteString(byte[] bytes)
{
return BitConverter.ToString(bytes).Replace("-", "");
}
_salt = ConvertToByteString(SaltBytes);
}
public static byte[] ConvertFromByteString(string byteString)
{
List<byte> bytes = new List<byte>();
for (int i = 0; i < byteString.Length; i += 2)
{
// TODO: NetStandard2.1 switch this to use a span instead of a substring.
bytes.Add(Convert.ToByte(byteString.Substring(i, 2), 16));
}
return bytes.ToArray();
}
public static string ConvertToByteString(byte[] bytes)
{
return BitConverter.ToString(bytes).Replace("-", "");
}

private string SerializeParameters()
{
string ReturnString = string.Empty;
LogicalPhallacy marked this conversation as resolved.
Show resolved Hide resolved
foreach (var KVP in _parameters)
{
ReturnString += $",{KVP.Key}={KVP.Value}";
}
}

if ((!string.IsNullOrEmpty(ReturnString)) && ReturnString[0] == ',')
{
ReturnString = ReturnString.Remove(0, 1);
}
}
LogicalPhallacy marked this conversation as resolved.
Show resolved Hide resolved

return ReturnString;
}

public override string ToString()
{
string outString = "$" +_id;
string paramstring = SerializeParameters();
if (!string.IsNullOrEmpty(paramstring))
{
outString += $"${paramstring}";
}

if (!string.IsNullOrEmpty(_salt))
{
outString += $"${_salt}";
}

{
string outString = "$" + _id;
string paramstring = SerializeParameters();
if (!string.IsNullOrEmpty(paramstring))
{
outString += $"${paramstring}";
}
if (!string.IsNullOrEmpty(_salt))
{
outString += $"${_salt}";
}
outString += $"${_hash}";
return outString;
}
}

}
}