alteropen/jellyfin
1
0
Fork 0
mirror of https://github.com/jellyfin/jellyfin.git synced 2026-06-02 22:08:27 +01:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity

minor style fixes

Browse Source
This commit is contained in:
Phallacy
2019-03-04 23:58:25 -08:00
parent edba82db37
commit 2c26517172
5 changed files with 115 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
Emby.Server.Implementations/Cryptography/CryptographyProvider.cs
View File

@@ -11,17 +11,21 @@ namespace Emby.Server.Implementations.Cryptography
{
public class CryptographyProvider : ICryptoProvider
{
private HashSet<string> SupportedHashMethods;
private HashSet<string> _supportedHashMethods;
public string DefaultHashMethod => "PBKDF2";
private RandomNumberGenerator rng;
private int defaultiterations = 1000;
private RandomNumberGenerator _randomNumberGenerator;
private int _defaultIterations = 1000;
public CryptographyProvider()
{
//FIXME: When we get DotNet Standard 2.1 we need to revisit how we do the crypto
//Currently supported hash methods from https://docs.microsoft.com/en-us/dotnet/api/system.security.cryptography.cryptoconfig?view=netcore-2.1
//there might be a better way to autogenerate this list as dotnet updates, but I couldn't find one
//Please note the default method of PBKDF2 is not included, it cannot be used to generate hashes cleanly as it is actually a pbkdf with sha1
SupportedHashMethods = new HashSet<string>()
_supportedHashMethods = new HashSet<string>()
{
"MD5"
,"System.Security.Cryptography.MD5"
@@ -38,7 +42,7 @@ namespace Emby.Server.Implementations.Cryptography
,"SHA-512"
,"System.Security.Cryptography.SHA512"
};
rng = RandomNumberGenerator.Create();
_randomNumberGenerator = RandomNumberGenerator.Create();
}
public Guid GetMD5(string str)
@@ -72,7 +76,7 @@ namespace Emby.Server.Implementations.Cryptography
public IEnumerable<string> GetSupportedHashMethods()
{
return SupportedHashMethods;
return _supportedHashMethods;
}
private byte[] PBKDF2(string method, byte[] bytes, byte[] salt, int iterations)
@@ -86,12 +90,13 @@ namespace Emby.Server.Implementations.Cryptography
return r.GetBytes(32);
}
}
throw new CryptographicException($"Cannot currently use PBKDF2 with requested hash method: {method}");
}
public byte[] ComputeHash(string HashMethod, byte[] bytes)
public byte[] ComputeHash(string hashMethod, byte[] bytes)
{
return ComputeHash(HashMethod, bytes, new byte[0]);
return ComputeHash(hashMethod, bytes, new byte[0]);
}
public byte[] ComputeHashWithDefaultMethod(byte[] bytes)
@@ -99,15 +104,15 @@ namespace Emby.Server.Implementations.Cryptography
return ComputeHash(DefaultHashMethod, bytes);
}
public byte[] ComputeHash(string HashMethod, byte[] bytes, byte[] salt)
public byte[] ComputeHash(string hashMethod, byte[] bytes, byte[] salt)
{
if(HashMethod == DefaultHashMethod)
if(hashMethod == DefaultHashMethod)
{
return PBKDF2(HashMethod, bytes, salt, defaultiterations);
return PBKDF2(hashMethod, bytes, salt, _defaultIterations);
}
else if (SupportedHashMethods.Contains(HashMethod))
else if (_supportedHashMethods.Contains(hashMethod))
{
using (var h = HashAlgorithm.Create(HashMethod))
using (var h = HashAlgorithm.Create(hashMethod))
{
if (salt.Length == 0)
{
@@ -121,21 +126,21 @@ namespace Emby.Server.Implementations.Cryptography
}
else
{
throw new CryptographicException($"Requested hash method is not supported: {HashMethod}");
throw new CryptographicException($"Requested hash method is not supported: {hashMethod}");
}
}
public byte[] ComputeHashWithDefaultMethod(byte[] bytes, byte[] salt)
{
return PBKDF2(DefaultHashMethod, bytes, salt, defaultiterations);
return PBKDF2(DefaultHashMethod, bytes, salt, _defaultIterations);
}
public byte[] ComputeHash(PasswordHash hash)
{
int iterations = defaultiterations;
int iterations = _defaultIterations;
if (!hash.Parameters.ContainsKey("iterations"))
{
hash.Parameters.Add("iterations", defaultiterations.ToString(CultureInfo.InvariantCulture));
hash.Parameters.Add("iterations", _defaultIterations.ToString(CultureInfo.InvariantCulture));
}
else
{
@@ -148,13 +153,14 @@ namespace Emby.Server.Implementations.Cryptography
throw new InvalidDataException($"Couldn't successfully parse iterations value from string: {hash.Parameters["iterations"]}", e);
}
}
return PBKDF2(hash.Id, hash.HashBytes, hash.SaltBytes, iterations);
}
public byte[] GenerateSalt()
{
byte[] salt = new byte[64];
rng.GetBytes(salt);
_randomNumberGenerator.GetBytes(salt);
return salt;
}
}

39
Emby.Server.Implementations/Library/DefaultAuthenticationProvider.cs
View File

@@ -19,18 +19,16 @@ namespace Emby.Server.Implementations.Library
public string Name => "Default";
public bool IsEnabled => true;
//This is dumb and an artifact of the backwards way auth providers were designed.
//This version of authenticate was never meant to be called, but needs to be here for interface compat
//Only the providers that don't provide local user support use this
// This is dumb and an artifact of the backwards way auth providers were designed.
// This version of authenticate was never meant to be called, but needs to be here for interface compat
// Only the providers that don't provide local user support use this
public Task<ProviderAuthenticationResult> Authenticate(string username, string password)
{
throw new NotImplementedException();
}
//This is the verson that we need to use for local users. Because reasons.
// This is the verson that we need to use for local users. Because reasons.
public Task<ProviderAuthenticationResult> Authenticate(string username, string password, User resolvedUser)
{
bool success = false;
@@ -39,7 +37,7 @@ namespace Emby.Server.Implementations.Library
throw new Exception("Invalid username or password");
}
//As long as jellyfin supports passwordless users, we need this little block here to accomodate
// As long as jellyfin supports passwordless users, we need this little block here to accomodate
if (IsPasswordEmpty(resolvedUser, password))
{
return Task.FromResult(new ProviderAuthenticationResult
@@ -70,7 +68,7 @@ namespace Emby.Server.Implementations.Library
if (CalculatedHashString == readyHash.Hash)
{
success = true;
//throw new Exception("Invalid username or password");
// throw new Exception("Invalid username or password");
}
}
else
@@ -78,7 +76,7 @@ namespace Emby.Server.Implementations.Library
throw new Exception(String.Format($"Requested crypto method not available in provider: {readyHash.Id}"));
}
//var success = string.Equals(GetPasswordHash(resolvedUser), GetHashedString(resolvedUser, password), StringComparison.OrdinalIgnoreCase);
// var success = string.Equals(GetPasswordHash(resolvedUser), GetHashedString(resolvedUser, password), StringComparison.OrdinalIgnoreCase);
if (!success)
{
@@ -91,8 +89,8 @@ namespace Emby.Server.Implementations.Library
});
}
//This allows us to move passwords forward to the newformat without breaking. They are still insecure, unsalted, and dumb before a password change
//but at least they are in the new format.
// This allows us to move passwords forward to the newformat without breaking. They are still insecure, unsalted, and dumb before a password change
// but at least they are in the new format.
private void ConvertPasswordFormat(User user)
{
if (string.IsNullOrEmpty(user.Password))
@@ -121,18 +119,13 @@ namespace Emby.Server.Implementations.Library
private bool IsPasswordEmpty(User user, string password)
{
if (string.IsNullOrEmpty(user.Password))
{
return string.IsNullOrEmpty(password);
}
return false;
return (string.IsNullOrEmpty(user.Password) && string.IsNullOrEmpty(password));
}
public Task ChangePassword(User user, string newPassword)
{
ConvertPasswordFormat(user);
//This is needed to support changing a no password user to a password user
// This is needed to support changing a no password user to a password user
if (string.IsNullOrEmpty(user.Password))
{
PasswordHash newPasswordHash = new PasswordHash(_cryptographyProvider);
@@ -184,7 +177,7 @@ namespace Emby.Server.Implementations.Library
public string GetHashedString(User user, string str)
{
PasswordHash passwordHash;
if (String.IsNullOrEmpty(user.Password))
if (string.IsNullOrEmpty(user.Password))
{
passwordHash = new PasswordHash(_cryptographyProvider);
}
@@ -196,13 +189,13 @@ namespace Emby.Server.Implementations.Library
if (passwordHash.SaltBytes != null)
{
//the password is modern format with PBKDF and we should take advantage of that
// the password is modern format with PBKDF and we should take advantage of that
passwordHash.HashBytes = Encoding.UTF8.GetBytes(str);
return PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash));
}
else
{
//the password has no salt and should be called with the older method for safety
// the password has no salt and should be called with the older method for safety
return PasswordHash.ConvertToByteString(_cryptographyProvider.ComputeHash(passwordHash.Id, Encoding.UTF8.GetBytes(str)));
}
}

2
Emby.Server.Implementations/Library/UserManager.cs
View File

@@ -75,7 +75,7 @@ namespace Emby.Server.Implementations.Library
private readonly Func<IDtoService> _dtoServiceFactory;
private readonly IServerApplicationHost _appHost;
private readonly IFileSystem _fileSystem;
private IAuthenticationProvider[] _authenticationProviders;
private DefaultAuthenticationProvider _defaultAuthenticationProvider;