More...

Inheritance diagram for Tgstation.Server.Host.Security.CryptographySuite:

[legend]

Collaboration diagram for Tgstation.Server.Host.Security.CryptographySuite:

[legend]

Public Member Functions

CryptographySuite (IPasswordHasher< User > passwordHasher)

Initializes a new instance of the CryptographySuite class.

byte[] GetSecureBytes (uint amount)

Generates a secure set of bytes.

Parameters

amount The amount of bytes to generate.

Returns: A secure set of bytes.

void SetUserPassword (User user, string newPassword, bool newUser)

Sets a User.PasswordHash for a given user .

Parameters

user	The User whos User.PasswordHash is to be set.
newPassword	The new password for the User.
newUser	If the user is just being created.

bool CheckUserPassword (User user, string password)

Checks a given password matches a given user 's User.PasswordHash. This may result in User.PasswordHash being modified and this should be persisted.

Parameters

user	The User to check.
password	The password to check.

Returns: true if password matches the hash, false otherwise.

string GetSecureString ()

Generates a 40-length secure ascii string.

Returns: A 40-length secure ascii string.

Private Attributes
readonly IPasswordHasher< User >	passwordHasher
	The IPasswordHasher<TUser> for the CryptographySuite.

Static Private Attributes
const uint	SecureStringLength = 30
	Length in bytes of generated base64 secure string.

Detailed Description

Definition at line 12 of file CryptographySuite.cs.

Constructor & Destructor Documentation

◆ CryptographySuite()

Tgstation.Server.Host.Security.CryptographySuite.CryptographySuite ( IPasswordHasher< User > passwordHasher )

Initializes a new instance of the CryptographySuite class.

Parameters

passwordHasher The value of passwordHasher.

Definition at line 28 of file CryptographySuite.cs.

        {
            this.passwordHasher = passwordHasher ?? throw new ArgumentNullException(nameof(passwordHasher));
        }

References Tgstation.Server.Host.Security.CryptographySuite.passwordHasher.

Member Function Documentation

◆ CheckUserPassword()

bool Tgstation.Server.Host.Security.CryptographySuite.CheckUserPassword	(	User	user,
		string	password
	)

Checks a given password matches a given user 's User.PasswordHash. This may result in User.PasswordHash being modified and this should be persisted.

Parameters

user	The User to check.
password	The password to check.

Returns: true if password matches the hash, false otherwise.

Implements Tgstation.Server.Host.Security.ICryptographySuite.

Definition at line 53 of file CryptographySuite.cs.

        {
            ArgumentNullException.ThrowIfNull(user);
            ArgumentNullException.ThrowIfNull(password);
 
            if (user.PasswordHash == null)
                throw new ArgumentException("user must have PasswordHash!", nameof(user));
 
            var result = passwordHasher.VerifyHashedPassword(user, user.PasswordHash, password);
            switch (result)
            {
                case PasswordVerificationResult.Failed:
                    return false;
                case PasswordVerificationResult.SuccessRehashNeeded:
                    SetUserPassword(user, password, false);
                    break;
                case PasswordVerificationResult.Success:
                    break;
                default:
                    throw new InvalidOperationException(String.Format(CultureInfo.InvariantCulture, "Password hasher return unknown PasswordVerificationResult: {0}", result));
            }
 
            return true;
        }

References Tgstation.Server.Host.Models.User.PasswordHash, Tgstation.Server.Host.Security.CryptographySuite.passwordHasher, and Tgstation.Server.Host.Security.CryptographySuite.SetUserPassword().

Here is the call graph for this function:

◆ GetSecureBytes()

byte[] Tgstation.Server.Host.Security.CryptographySuite.GetSecureBytes ( uint amount )

Generates a secure set of bytes.

Parameters

amount The amount of bytes to generate.

Returns: A secure set of bytes.

Implements Tgstation.Server.Host.Security.ICryptographySuite.

Definition at line 34 of file CryptographySuite.cs.

        {
            using var rng = RandomNumberGenerator.Create(); // uses RNGCryptoServiceProvider under the hood https://khalidabuhakmeh.com/creating-random-numbers-with-dotnet-core
            var byt = new byte[amount];
            rng.GetBytes(byt);
            return byt;
        }

◆ GetSecureString()

string Tgstation.Server.Host.Security.CryptographySuite.GetSecureString ( )

Generates a 40-length secure ascii string.

Returns: A 40-length secure ascii string.

Implements Tgstation.Server.Host.Security.ICryptographySuite.

◆ SetUserPassword()

void Tgstation.Server.Host.Security.CryptographySuite.SetUserPassword	(	User	user,
		string	newPassword,
		bool	newUser
	)

Sets a User.PasswordHash for a given user .

Parameters

user	The User whos User.PasswordHash is to be set.
newPassword	The new password for the User.
newUser	If the user is just being created.

Implements Tgstation.Server.Host.Security.ICryptographySuite.

Definition at line 43 of file CryptographySuite.cs.

        {
            ArgumentNullException.ThrowIfNull(user);
            ArgumentNullException.ThrowIfNull(newPassword);
            user.PasswordHash = passwordHasher.HashPassword(user, newPassword);
            if (!newUser)
                user.LastPasswordUpdate = DateTimeOffset.UtcNow;
        }

References Tgstation.Server.Host.Security.CryptographySuite.passwordHasher.

Referenced by Tgstation.Server.Host.Security.CryptographySuite.CheckUserPassword().

Here is the caller graph for this function:

Member Data Documentation

◆ passwordHasher

readonly IPasswordHasher<User> Tgstation.Server.Host.Security.CryptographySuite.passwordHasher

private

The IPasswordHasher<TUser> for the CryptographySuite.

Definition at line 22 of file CryptographySuite.cs.

Referenced by Tgstation.Server.Host.Security.CryptographySuite.CheckUserPassword(), Tgstation.Server.Host.Security.CryptographySuite.CryptographySuite(), and Tgstation.Server.Host.Security.CryptographySuite.SetUserPassword().

◆ SecureStringLength

const uint Tgstation.Server.Host.Security.CryptographySuite.SecureStringLength = 30

staticprivate

Length in bytes of generated base64 secure string.

Definition at line 17 of file CryptographySuite.cs.

The documentation for this class was generated from the following file:

src/Tgstation.Server.Host/Security/CryptographySuite.cs

Public Member Functions

Private Attributes

Static Private Attributes

Detailed Description

Constructor & Destructor Documentation

◆ CryptographySuite()

Member Function Documentation

◆ CheckUserPassword()

◆ GetSecureBytes()

◆ GetSecureString()

◆ SetUserPassword()

Member Data Documentation

◆ passwordHasher

◆ SecureStringLength