Winsomnia/MireaBackend
1
0
Fork 0
Code Pull Requests Actions Projects Releases Activity

Add hashing and other security features #12

Merged
Wesser merged 45 commits from feat/add-security into feat/add-setup 2024-05-29 06:42:47 +03:00
Conversation 0 Commits 45 Files Changed 22 +29 -22
2 changed files with 29 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files
Showing only changes of commit d05ba5349f - Show all commits

28
Security/Services/GeneratorKey.cs Normal file
View File

@ -0,0 +1,28 @@
using System;
using System.Buffers.Text;
using System.Text;
namespace Mirea.Api.Security.Services;
public static class GeneratorKey
{
public static ReadOnlySpan<byte> GenerateBytes(int size)
{
var key = new byte[size];
using var rng = System.Security.Cryptography.RandomNumberGenerator.Create();
rng.GetNonZeroBytes(key);
return key;
}
public static string GenerateBase64(int size) =>
Convert.ToBase64String(GenerateBytes(size));
public static string GenerateString(int size)
{
var randomBytes = GenerateBytes(size);
Span<byte> utf8Bytes = new byte[Base64.GetMaxEncodedToUtf8Length(randomBytes.Length)];
Base64.EncodeToUtf8(randomBytes, utf8Bytes, out _, out _);
return Encoding.UTF8.GetString(utf8Bytes);
}
}

23
Security/Services/PasswordHashService.cs
View File

@ -1,6 +1,5 @@
using Konscious.Security.Cryptography; using Konscious.Security.Cryptography;
using System; using System;
using System.Buffers.Text;
using System.Text; using System.Text;
namespace Mirea.Api.Security.Services; namespace Mirea.Api.Security.Services;
@ -41,29 +40,9 @@ public class PasswordHashService
return result == 0; return result == 0;
} }
public static ReadOnlySpan<byte> GenerateRandomKeyBytes(int size)
{
var key = new byte[size];
using var rng = System.Security.Cryptography.RandomNumberGenerator.Create();
rng.GetNonZeroBytes(key);
return key;
}
public static string GenerateRandomKeyStringBase64(int size) =>
Convert.ToBase64String(GenerateRandomKeyBytes(size));
public static string GenerateRandomKeyString(int size)
{
var randomBytes = GenerateRandomKeyBytes(size);
Span<byte> utf8Bytes = new byte[Base64.GetMaxEncodedToUtf8Length(randomBytes.Length)];
Base64.EncodeToUtf8(randomBytes, utf8Bytes, out _, out _);
return Encoding.UTF8.GetString(utf8Bytes);
}
public (string Salt, string Hash) HashPassword(string password) public (string Salt, string Hash) HashPassword(string password)
{ {
var salt = GenerateRandomKeyBytes(SaltSize); var salt = GeneratorKey.GenerateBytes(SaltSize);
var hash = HashPassword(password, salt); var hash = HashPassword(password, salt);
return (Convert.ToBase64String(salt), Convert.ToBase64String(hash)); return (Convert.ToBase64String(salt), Convert.ToBase64String(hash));