Cutlery/jellyfin
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2025-07-09 03:04:24 -04:00
Code Issues Packages Projects Releases Wiki Activity

Upgrade crypto provider, retarget better framework

Browse Source
This commit is contained in:
Phallacy 2019-01-31 00:24:53 -08:00
parent 49d9649b8e
commit 4519ce26e2
5 changed files with 248 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

171
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
View File

@ -1,40 +1,131 @@
using System; using System;
using System.IO; using System.Collections.Generic;
using System.Security.Cryptography; using System.IO;
using System.Text; using System.Security.Cryptography;
using MediaBrowser.Model.Cryptography; using System.Text;
using MediaBrowser.Model.Cryptography;
namespace Emby.Server.Implementations.Cryptography
{ namespace Emby.Server.Implementations.Cryptography
public class CryptographyProvider : ICryptoProvider {
{ public class CryptographyProvider : ICryptoProvider
public Guid GetMD5(string str) {
{ private List<string> SupportedHashMethods = new List<string>();
return new Guid(ComputeMD5(Encoding.Unicode.GetBytes(str))); private string DefaultHashMethod = "SHA256";
} private RandomNumberGenerator rng;
private int defaultiterations = 1000;
public byte[] ComputeSHA1(byte[] bytes) public CryptographyProvider()
{ {
using (var provider = SHA1.Create()) //Currently supported hash methods from https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.cryptoconfig?view=netcore-2.1
{ //there might be a better way to autogenerate this list as dotnet updates, but I couldn't find one
return provider.ComputeHash(bytes); SupportedHashMethods = new List<string>
} {
} "MD5"
,"System.Security.Cryptography.MD5"
public byte[] ComputeMD5(Stream str) ,"SHA"
{ ,"SHA1"
using (var provider = MD5.Create()) ,"System.Security.Cryptography.SHA1"
{ ,"SHA256"
return provider.ComputeHash(str); ,"SHA-256"
} ,"System.Security.Cryptography.SHA256"
} ,"SHA384"
,"SHA-384"
public byte[] ComputeMD5(byte[] bytes) ,"System.Security.Cryptography.SHA384"
{ ,"SHA512"
using (var provider = MD5.Create()) ,"SHA-512"
{ ,"System.Security.Cryptography.SHA512"
return provider.ComputeHash(bytes); };
} rng = RandomNumberGenerator.Create();
} }
}
} public Guid GetMD5(string str)
{
return new Guid(ComputeMD5(Encoding.Unicode.GetBytes(str)));
}
public byte[] ComputeSHA1(byte[] bytes)
{
using (var provider = SHA1.Create())
{
return provider.ComputeHash(bytes);
}
}
public byte[] ComputeMD5(Stream str)
{
using (var provider = MD5.Create())
{
return provider.ComputeHash(str);
}
}
public byte[] ComputeMD5(byte[] bytes)
{
using (var provider = MD5.Create())
{
return provider.ComputeHash(bytes);
}
}
public IEnumerable<string> GetSupportedHashMethods()
{
return SupportedHashMethods;
}
private byte[] PBKDF2(string method, byte[] bytes, byte[] salt)
{
using (var r = new Rfc2898DeriveBytes(bytes, salt, defaultiterations, new HashAlgorithmName(method)))
{
return r.GetBytes(32);
}
}
public byte[] ComputeHash(string HashMethod, byte[] bytes)
{
return ComputeHash(HashMethod, bytes, new byte[0]);
}
public byte[] ComputeHashWithDefaultMethod(byte[] bytes)
{
return ComputeHash(DefaultHashMethod, bytes);
}
public byte[] ComputeHash(string HashMethod, byte[] bytes, byte[] salt)
{
if (SupportedHashMethods.Contains(HashMethod))
{
if (salt.Length == 0)
{
using (var h = HashAlgorithm.Create(HashMethod))
{
return h.ComputeHash(bytes);
}
}
else
{
return PBKDF2(HashMethod, bytes, salt);
}
}
else
{
throw new CryptographicException(String.Format("Requested hash method is not supported: {0}", HashMethod));
}
}
public byte[] ComputeHashWithDefaultMethod(byte[] bytes, byte[] salt)
{
return PBKDF2(DefaultHashMethod, bytes, salt);
}
public byte[] ComputeHash(PasswordHash hash)
{
return ComputeHash(hash.Id, hash.HashBytes, hash.SaltBytes);
}
public byte[] GenerateSalt()
{
byte[] salt = new byte[8];
rng.GetBytes(salt);
return salt;
}
}
}

2
Emby.Server.Implementations/Emby.Server.Implementations.csproj
View File

@ -35,7 +35,7 @@
</ItemGroup> </ItemGroup>
<PropertyGroup> <PropertyGroup>
<TargetFramework>netstandard2.0</TargetFramework> <TargetFramework>netcoreapp2.1</TargetFramework>
<GenerateAssemblyInfo>false</GenerateAssemblyInfo> <GenerateAssemblyInfo>false</GenerateAssemblyInfo>
</PropertyGroup> </PropertyGroup>

31
Emby.Server.Implementations/Library/UserManager.cs
View File

@ -4,6 +4,7 @@ using System.Globalization;
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Text; using System.Text;
using System.Text.RegularExpressions;
using System.Threading; using System.Threading;
using System.Threading.Tasks; using System.Threading.Tasks;
using MediaBrowser.Common.Events; using MediaBrowser.Common.Events;
@ -220,22 +221,20 @@ namespace Emby.Server.Implementations.Library
} }
} }
public bool IsValidUsername(string username) public bool IsValidUsername(string username)
{ {
// Usernames can contain letters (a-z), numbers (0-9), dashes (-), underscores (_), apostrophes ('), and periods (.) //The old way was dumb, we should make it less dumb, lets do so.
foreach (var currentChar in username) //This is some regex that matches only on unicode "word" characters, as well as -, _ and @
{ //In theory this will cut out most if not all 'control' characters which should help minimize any weirdness
if (!IsValidUsernameCharacter(currentChar)) string UserNameRegex = "^[\\w-'._@]*$";
{ // Usernames can contain letters (a-z + whatever else unicode is cool with), numbers (0-9), dashes (-), underscores (_), apostrophes ('), and periods (.)
return false; return Regex.IsMatch(username, UserNameRegex);
} }
}
return true; private static bool IsValidUsernameCharacter(char i)
} {
string UserNameRegex = "^[\\w-'._@]*$";
private static bool IsValidUsernameCharacter(char i) return Regex.IsMatch(i.ToString(), UserNameRegex);
{
return !char.Equals(i, '<') && !char.Equals(i, '>');
} }
public string MakeValidUsername(string username) public string MakeValidUsername(string username)

8
MediaBrowser.Model/Cryptography/ICryptoProvider.cs
View File

@ -1,5 +1,6 @@
using System; using System;
using System.IO; using System.IO;
using System.Collections.Generic;
namespace MediaBrowser.Model.Cryptography namespace MediaBrowser.Model.Cryptography
{ {
@ -9,5 +10,12 @@ namespace MediaBrowser.Model.Cryptography
byte[] ComputeMD5(Stream str); byte[] ComputeMD5(Stream str);
byte[] ComputeMD5(byte[] bytes); byte[] ComputeMD5(byte[] bytes);
byte[] ComputeSHA1(byte[] bytes); byte[] ComputeSHA1(byte[] bytes);
IEnumerable<string> GetSupportedHashMethods();
byte[] ComputeHash(string HashMethod, byte[] bytes);
byte[] ComputeHashWithDefaultMethod(byte[] bytes);
byte[] ComputeHash(string HashMethod, byte[] bytes, byte[] salt);
byte[] ComputeHashWithDefaultMethod(byte[] bytes, byte[] salt);
byte[] ComputeHash(PasswordHash hash);
byte[] GenerateSalt();
} }
} }

93
MediaBrowser.Model/Cryptography/PasswordHash.cs Normal file
View File

@ -0,0 +1,93 @@
using System;
using System.Collections.Generic;
using System.Text;
namespace MediaBrowser.Model.Cryptography
{
public class PasswordHash
{
//Defined from this hash storage spec
//https://github.com/P-H-C/phc-string-format/blob/master/phc-sf-spec.md
//$<id>[$<param>=<value>(,<param>=<value>)*][$<salt>[$<hash>]]
public string Id;
public Dictionary<string, string> Parameters = new Dictionary<string, string>();
public string Salt;
public byte[] SaltBytes;
public string Hash;
public byte[] HashBytes;
public PasswordHash(string StorageString)
{
string[] a = StorageString.Split('$');
Id = a[1];
if (a[2].Contains("="))
{
foreach (string paramset in (a[2].Split(',')))
{
if (!String.IsNullOrEmpty(paramset))
{
string[] fields = paramset.Split('=');
Parameters.Add(fields[0], fields[1]);
}
}
if (a.Length == 4)
{
Salt = a[2];
SaltBytes = Convert.FromBase64CharArray(Salt.ToCharArray(), 0, Salt.Length);
Hash = a[3];
HashBytes = Convert.FromBase64CharArray(Hash.ToCharArray(), 0, Hash.Length);
}
else
{
Salt = string.Empty;
Hash = a[3];
HashBytes = Convert.FromBase64CharArray(Hash.ToCharArray(), 0, Hash.Length);
}
}
else
{
if (a.Length == 4)
{
Salt = a[2];
SaltBytes = Convert.FromBase64CharArray(Salt.ToCharArray(), 0, Salt.Length);
Hash = a[3];
HashBytes = Convert.FromBase64CharArray(Hash.ToCharArray(), 0, Hash.Length);
}
else
{
Salt = string.Empty;
Hash = a[2];
HashBytes = Convert.FromBase64CharArray(Hash.ToCharArray(), 0, Hash.Length);
}
}
}
public PasswordHash(ICryptoProvider cryptoProvider2)
{
Id = "SHA256";
SaltBytes = cryptoProvider2.GenerateSalt();
Salt = Convert.ToBase64String(SaltBytes);
}
private string SerializeParameters()
{
string ReturnString = String.Empty;
foreach (var KVP in Parameters)
{
ReturnString += String.Format(",{0}={1}", KVP.Key, KVP.Value);
}
if (ReturnString[0] == ',')
{
ReturnString = ReturnString.Remove(0, 1);
}
return ReturnString;
}
public override string ToString()
{
return String.Format("${0}${1}${2}${3}", Id, SerializeParameters(), Salt, Hash);
}
}
}