tgstation-server 6.12.0
The /tg/station 13 server suite
Loading...
Searching...
No Matches
CryptographySuite.cs
Go to the documentation of this file.
1using System;
2using System.Globalization;
3using System.Security.Cryptography;
4
5using Microsoft.AspNetCore.Identity;
6
7using Tgstation.Server.Host.Models;
8
9namespace Tgstation.Server.Host.Security
10{
12 sealed class CryptographySuite : ICryptographySuite
13 {
17 const uint SecureStringLength = 30;
18
22 readonly IPasswordHasher<User> passwordHasher;
23
28 public CryptographySuite(IPasswordHasher<User> passwordHasher)
29 {
30 this.passwordHasher = passwordHasher ?? throw new ArgumentNullException(nameof(passwordHasher));
31 }
32
34 public byte[] GetSecureBytes(uint amount)
35 {
36 using var rng = RandomNumberGenerator.Create(); // uses RNGCryptoServiceProvider under the hood https://khalidabuhakmeh.com/creating-random-numbers-with-dotnet-core
37 var byt = new byte[amount];
38 rng.GetBytes(byt);
39 return byt;
40 }
41
43 public void SetUserPassword(User user, string newPassword, bool newUser)
44 {
45 ArgumentNullException.ThrowIfNull(user);
46 ArgumentNullException.ThrowIfNull(newPassword);
47 user.PasswordHash = passwordHasher.HashPassword(user, newPassword);
48 if (!newUser)
49 user.LastPasswordUpdate = DateTimeOffset.UtcNow;
50 }
51
53 public bool CheckUserPassword(User user, string password)
54 {
55 ArgumentNullException.ThrowIfNull(user);
56 ArgumentNullException.ThrowIfNull(password);
57
58 if (user.PasswordHash == null)
59 throw new ArgumentException("user must have PasswordHash!", nameof(user));
60
61 var result = passwordHasher.VerifyHashedPassword(user, user.PasswordHash, password);
62 switch (result)
63 {
64 case PasswordVerificationResult.Failed:
65 return false;
66 case PasswordVerificationResult.SuccessRehashNeeded:
67 SetUserPassword(user, password, false);
68 break;
69 case PasswordVerificationResult.Success:
70 break;
71 default:
72 throw new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, "Password hasher return unknown PasswordVerificationResult: {0}", result));
73 }
74
75 return true;
76 }
77
79 public string GetSecureString() => Convert.ToBase64String(GetSecureBytes(SecureStringLength));
80 }
81}
Tgstation.Server.Host.Models.User.PasswordHash
string? PasswordHash
The hash of the user's password.
Definition User.cs:26
Tgstation.Server.Host.Security.CryptographySuite.CheckUserPassword
bool CheckUserPassword(User user, string password)
Checks a given password matches a given user 's User.PasswordHash. This may result in User....
Definition CryptographySuite.cs:53
Tgstation.Server.Host.Security.CryptographySuite.SetUserPassword
void SetUserPassword(User user, string newPassword, bool newUser)
Sets a User.PasswordHash for a given user .
Definition CryptographySuite.cs:43
Tgstation.Server.Host.Security.CryptographySuite.GetSecureString
string GetSecureString()
Generates a 40-length secure ascii string.A 40-length secure ascii string.
Tgstation.Server.Host.Security.CryptographySuite.CryptographySuite
CryptographySuite(IPasswordHasher< User > passwordHasher)
Initializes a new instance of the CryptographySuite class.
Definition CryptographySuite.cs:28
Tgstation.Server.Host.Security.CryptographySuite.SecureStringLength
const uint SecureStringLength
Length in bytes of generated base64 secure string.
Definition CryptographySuite.cs:17
Tgstation.Server.Host.Security.CryptographySuite.GetSecureBytes
byte[] GetSecureBytes(uint amount)
Generates a secure set of bytes.A secure set of bytes.
Definition CryptographySuite.cs:34
Tgstation.Server.Host.Security.CryptographySuite.passwordHasher
readonly IPasswordHasher< User > passwordHasher
The IPasswordHasher<TUser> for the CryptographySuite.
Definition CryptographySuite.cs:22
Tgstation.Server.Host.Security.ICryptographySuite
Contains various cryptographic functions.
Definition ICryptographySuite.cs:9
Generated by doxygen 1.9.8