I am trying to create an authentication server with login and password credentials and I used this tutorial that gave me the following PasswordHash class. This works great when I use the Verify method with a string but I do not want to send the password unencrypted through UDP for security reasons but when I test the hashes directly by feeding it the byte array it returns false (as shown below the class).
public sealed class PasswordHash
{
const int SaltSize = 16, HashSize = 20, HashIter = 10000;
readonly byte[] _salt, _hash;
private PasswordHash() { }
public PasswordHash(string password)
{
new RNGCryptoServiceProvider().GetBytes(_salt = new byte[SaltSize]);
_hash = new Rfc2898DeriveBytes(password, _salt, HashIter).GetBytes(HashSize);
}
public PasswordHash(byte[] hashBytes)
{
Array.Copy(hashBytes, 0, _salt = new byte[SaltSize], 0, SaltSize);
Array.Copy(hashBytes, SaltSize, _hash = new byte[HashSize], 0, HashSize);
}
public PasswordHash(byte[] salt, byte[] hash)
{
Array.Copy(salt, 0, _salt = new byte[SaltSize], 0, SaltSize);
Array.Copy(hash, 0, _hash = new byte[HashSize], 0, HashSize);
}
public byte[] ToArray()
{
byte[] hashBytes = new byte[SaltSize + HashSize];
Array.Copy(_salt, 0, hashBytes, 0, SaltSize);
Array.Copy(_hash, 0, hashBytes, SaltSize, HashSize);
return hashBytes;
}
public byte[] Salt { get { return (byte[])_salt.Clone(); } }
public byte[] Hash { get { return (byte[])_hash.Clone(); } }
public bool Verify(string password)
{
byte[] test = new Rfc2898DeriveBytes(password, _salt, HashIter).GetBytes(HashSize);
for (int i = 0; i < HashSize; i++)
if (test[i] != _hash[i])
return false;
return true;
}
public bool Verify(byte[] passwordHash)
{
for (int i = 0; i < HashSize; i++)
if (passwordHash[i] != _hash[i])
return false;
return true;
}
}
I tested it by using:
bool test = new PasswordHash("test123").Verify("test123"); //TRUE
bool test2 = new PasswordHash("test123").Verify(newPasswordHash("test123").ToArray()); //FALSE
So as Nissim pointed out, they don't match because the salt is randomly generated every time I call new PasswordHash(). Is there anyway to bypass the salt that's added to the byte[]?
Each time you call the PasswordHash's constructor it creates a new salt, hence in the following example:
byte[] pass1 = new HashPassword("abc").ToArray();
byte[] pass2 = new HashPassword("abc").ToArray();
pass1 is different than pass2
Related
I need to make a connection to an API using a complicated authentication process that I don't understand.
I know it involves multiple steps and I have tried to mimic it, but I find the documentation to be very confusing...
The idea is that I make a request to an endpoint which will return a token to me that I need to use to make a websocket connection.
I did get a code sample which is in Python that I don't know the syntax of, but I can use it as a guide to convert it to C#-syntax.
This is the Python code sample:
import time, base64, hashlib, hmac, urllib.request, json
api_nonce = bytes(str(int(time.time()*1000)), "utf-8")
api_request = urllib.request.Request("https://www.website.com/getToken", b"nonce=%s" % api_nonce)
api_request.add_header("API-Key", "API_PUBLIC_KEY")
api_request.add_header("API-Sign", base64.b64encode(hmac.new(base64.b64decode("API_PRIVATE_KEY"), b"/getToken" + hashlib.sha256(api_nonce + b"nonce=%s" % api_nonce).digest(), hashlib.sha512).digest()))
print(json.loads(urllib.request.urlopen(api_request).read())['result']['token'])
So I have tried to convert this into C# and this is the code I got so far:
static string apiPublicKey = "API_PUBLIC_KEY";
static string apiPrivateKey = "API_PRIVATE_KEY";
static string endPoint = "https://www.website.com/getToken";
private void authenticate()
{
using (var client = new HttpClient())
{
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
// CREATE THE URI
string uri = "/getToken";
// CREATE THE NONCE
/// NONCE = unique identifier which must increase in value with each API call
/// in this case we will be using the epoch time
DateTime baseTime = new DateTime(1970, 1, 1, 0, 0, 0);
TimeSpan epoch = CurrentTime - baseTime;
Int64 nonce = Convert.ToInt64(epoch.TotalMilliseconds);
// CREATE THE DATA
string data = string.Format("nonce={0}", nonce);
// CALCULATE THE SHA256 OF THE NONCE
string sha256 = SHA256_Hash(data);
// DECODE THE PRIVATE KEY
byte[] apiSecret = Convert.FromBase64String(apiPrivateKey);
// HERE IS THE HMAC CALCULATION
}
}
public static String SHA256_Hash(string value)
{
StringBuilder Sb = new StringBuilder();
using (var hash = SHA256.Create())
{
Encoding enc = Encoding.UTF8;
Byte[] result = hash.ComputeHash(enc.GetBytes(value));
foreach (Byte b in result)
Sb.Append(b.ToString("x2"));
}
return Sb.ToString();
}
So the next part is where I'm really struggling. There needs to be some HMAC-calculation that needs to be done but I'm completely lost there.
The main task here is to reverse the API-Sign SHA-512 HMAC calculation. Use DateTimeOffset.Now.ToUnixTimeMilliseconds to get the API nonce, it will return a Unix timestamp milliseconds value. Then it all boils down concating byte arrays and generating the hashes. I'm using a hardcoded api_nonce time just to demonstrate the result; you'll have to uncomment string ApiNonce = DateTimeOffset.Now.ToUnixTimeMilliseconds to get the current Unix timestamp milliseconds each time the API-Sign key is calculated.
Python API-Sign generation:
import time, base64, hashlib, hmac, urllib.request, json
# Hardcoce API_PRIVATE_KEY base 64 value
API_PRIVATE_KEY = base64.encodebytes(b"some_api_key_1234")
# time_use = time.time()
# Hardcode the time so we can confirm the same result to C#
time_use = 1586096626.919
api_nonce = bytes(str(int(time_use*1000)), "utf-8")
print("API nonce: %s" % api_nonce)
api_request = urllib.request.Request("https://www.website.com/getToken", b"nonce=%s" % api_nonce)
api_request.add_header("API-Key", "API_PUBLIC_KEY_1234")
print("API_PRIVATE_KEY: %s" % API_PRIVATE_KEY)
h256Dig = hashlib.sha256(api_nonce + b"nonce=%s" % api_nonce).digest()
api_sign = base64.b64encode(hmac.new(base64.b64decode(API_PRIVATE_KEY), b"/getToken" + h256Dig, hashlib.sha512).digest())
# api_request.add_header("API-Sign", api_sign)
# print(json.loads(urllib.request.urlopen(api_request).read())['result']['token'])
print("API-Sign: %s" % api_sign)
Will output:
API nonce: b'1586096626919'
API_PRIVATE_KEY: b'c29tZV9hcGlfa2V5XzEyMzQ=\n'
API-Sign: b'wOsXlzd3jOP/+Xa3AJbfg/OM8wLvJgHATtXjycf5EA3tclU36hnKAMMIu0yifznGL7yhBCYEwIiEclzWvOgCgg=='
C# API-Sign generation:
static string apiPublicKey = "API_PUBLIC_KEY";
// Hardcoce API_PRIVATE_KEY base 64 value
static string apiPrivateKey = Base64EncodeString("some_api_key_1234");
static string endPoint = "https://www.website.com/getToken";
public static void Main()
{
Console.WriteLine("API-Sign: '{0}'", GenApiSign());
}
static private string GenApiSign()
{
// string ApiNonce = DateTimeOffset.Now.ToUnixTimeMilliseconds().ToString();
// Hardcode the time so we can confirm the same result with Python
string ApiNonce = "1586096626919";
Console.WriteLine("API nonce: {0}", ApiNonce);
Console.WriteLine("API_PRIVATE_KEY: '{0}'", apiPrivateKey);
byte[] ApiNonceBytes = Encoding.Default.GetBytes(ApiNonce);
byte[] h256Dig = GenerateSHA256(CombineBytes(ApiNonceBytes, Encoding.Default.GetBytes("nonce="), ApiNonceBytes));
byte[] h256Token = CombineBytes(Encoding.Default.GetBytes("/getToken"), h256Dig);
string ApiSign = Base64Encode(GenerateSHA512(Base64Decode(apiPrivateKey), h256Token));
return ApiSign;
}
// Helper functions ___________________________________________________
public static byte[] CombineBytes(byte[] first, byte[] second)
{
byte[] ret = new byte[first.Length + second.Length];
Buffer.BlockCopy(first, 0, ret, 0, first.Length);
Buffer.BlockCopy(second, 0, ret, first.Length, second.Length);
return ret;
}
public static byte[] CombineBytes(byte[] first, byte[] second, byte[] third)
{
byte[] ret = new byte[first.Length + second.Length + third.Length];
Buffer.BlockCopy(first, 0, ret, 0, first.Length);
Buffer.BlockCopy(second, 0, ret, first.Length, second.Length);
Buffer.BlockCopy(third, 0, ret, first.Length + second.Length,
third.Length);
return ret;
}
public static byte[] GenerateSHA256(byte[] bytes)
{
SHA256 sha256 = SHA256Managed.Create();
return sha256.ComputeHash(bytes);
}
public static byte[] GenerateSHA512(byte[] key, byte[] bytes)
{
var hash = new HMACSHA512(key);
var result = hash.ComputeHash(bytes);
hash.Dispose();
return result;
}
public static string Base64EncodeString(string plainText)
{
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText);
return System.Convert.ToBase64String(plainTextBytes);
}
public static string Base64Encode(byte[] bytes)
{
return System.Convert.ToBase64String(bytes);
}
public static byte[] Base64Decode(string base64EncodedData)
{
var base64EncodedBytes = System.Convert.FromBase64String(base64EncodedData);
return base64EncodedBytes;
}
Will output:
API nonce: 1586096626919
API_PRIVATE_KEY: 'c29tZV9hcGlfa2V5XzEyMzQ='
API-Sign: 'wOsXlzd3jOP/+Xa3AJbfg/OM8wLvJgHATtXjycf5EA3tclU36hnKAMMIu0yifznGL7yhBCYEwIiEclzWvOgCgg=='
You can see it working and the result in this .NET Fiddle.
I saw multiple questions about password hashing and salt but they all seem to fail for me. I use this function to hash/salt it and then put it to database:
public string HashPassword(string password)
{
byte[] salt;
new RNGCryptoServiceProvider().GetBytes(salt = new byte[16]);
var pbkdf2 = new Rfc2898DeriveBytes(PasswordTextbox.Password, salt, 10000);
byte[] hash = pbkdf2.GetBytes(20);
byte[] hashBytes = new byte[36];
Array.Copy(salt, 0, hashBytes, 0, 16);
Array.Copy(hash, 0, hashBytes, 16, 20);
string savedPasswordHash = Convert.ToBase64String(hashBytes);
return savedPasswordHash;
}
and then I try to compare it with user input using this function:
public static void UnhashPassword(string hashedPassword, string hashedPasswordFromDatabase)
{
byte[] hashBytes = Convert.FromBase64String(hashedPasswordFromDatabase);
byte[] salt = new byte[16];
Array.Copy(hashBytes, 0, salt, 0, 16);
var pbkdf2 = new Rfc2898DeriveBytes(hashedPassword, salt, 10000);
byte[] hash = pbkdf2.GetBytes(20);
for (int i = 0; i < 20; i++)
if (hashBytes[i + 16] != hash[i])
throw new UnauthorizedAccessException();
}
the second function always throws exception. Not sure what is the reason since this answer seemed to work for everybody in other question.
Without a good Minimal, Complete, and Verifiable code example that reliably reproduces the problem, it's impossible to say for sure what is wrong. However, the following code example does work exactly as expected (i.e. the value of result is true after it's been initialized by the call to ValidatePassword():
static void Main(string[] args)
{
string password = "password";
string hashedPassword = HashPassword(password);
bool result = ValidatePassword(password, hashedPassword);
}
static string HashPassword(string password)
{
byte[] salt;
new RNGCryptoServiceProvider().GetBytes(salt = new byte[16]);
var pbkdf2 = new Rfc2898DeriveBytes(password, salt, 10000);
byte[] hash = pbkdf2.GetBytes(20);
byte[] hashBytes = new byte[36];
Array.Copy(salt, 0, hashBytes, 0, 16);
Array.Copy(hash, 0, hashBytes, 16, 20);
string savedPasswordHash = Convert.ToBase64String(hashBytes);
return savedPasswordHash;
}
static bool ValidatePassword(string password, string hashedPasswordFromDatabase)
{
byte[] hashBytes = Convert.FromBase64String(hashedPasswordFromDatabase);
byte[] salt = new byte[16];
Array.Copy(hashBytes, 0, salt, 0, 16);
var pbkdf2 = new Rfc2898DeriveBytes(password, salt, 10000);
byte[] hash = pbkdf2.GetBytes(20);
for (int i = 0; i < 20; i++)
{
if (hashBytes[i + 16] != hash[i])
{
return false;
}
}
return true;
}
The only material change between the above and your original code is that the HashPassword() method uses the password value passed in, rather than PasswordTextbox.Password.
Based on that observation, I can only surmise that in your own scenario, you are not really hashing the same password as you are validating later. Whether this is because PasswordTextbox.Password never did have the right password, or you are passing a different password later, I can't say.
If the above code example does not adequately point you in the right direction so that you can get your code working, please improve your question so that it includes a good MCVE.
I used SHA1 for hashing passwords on my site. I'm trying to move to ASP.NET Identity. I found how I can verify the old passwords (ASP.NET Identity default Password Hasher, how does it work and is it secure?):
public class CustomPasswordHasher : IPasswordHasher
{
//....
public static bool VerifyHashedPassword(string hashedPassword, string password)
{
byte[] buffer4;
if (hashedPassword == null)
{
return false;
}
if (password == null)
{
throw new ArgumentNullException("password");
}
// Old hash verification
using (SHA1Managed sha1 = new SHA1Managed())
{
var hash = sha1.ComputeHash(Encoding.UTF8.GetBytes(password));
var sb = new StringBuilder(hash.Length * 2);
foreach (byte b in hash)
{
sb.Append(b.ToString("x2"));
}
if(hashedPassword == sb.ToString()) return true;
else return false;
}
// Identity hash verification
byte[] src = Convert.FromBase64String(hashedPassword);
if ((src.Length != 0x31) || (src[0] != 0))
{
return false;
}
byte[] dst = new byte[0x10];
Buffer.BlockCopy(src, 1, dst, 0, 0x10);
byte[] buffer3 = new byte[0x20];
Buffer.BlockCopy(src, 0x11, buffer3, 0, 0x20);
using (Rfc2898DeriveBytes bytes = new Rfc2898DeriveBytes(password, dst, 0x3e8))
{
buffer4 = bytes.GetBytes(0x20);
}
return ByteArraysEqual(buffer3, buffer4);
}
//....
}
In my custom ApplicationUserManager, I set the PasswordHasher property:
//....
manager.PasswordHasher = new CustomPasswordHasher();
//....
Now, I would like delete the old hash(sha1) and save the new hash.How I can do it?
Thanks in advance!
You can't do that until user tries to login - you only have SHA1 hash. And from SHA1 you can't convert to other hashing algorithm.
But when user logs in you have their password in memory and can work with it to generate a new hash. Here some pseudo-code:
public void Login(String username, String password)
{
if(DoesOldHashMatch(username, password)){
var newHash = NewHasher.GetPasswordHash(password);
UpdateUserPasswordHash(username, newHash);
SetLoginCookie(username);
return;
}
if(NewHashMatch(username, password))
{
SetLoginCookie(username);
}
}
I don't know if this is the correct place to ask, but I am having an issue hashing passwords for MySql Backend. I am running mosquitto 1.4.3 broker and I have the mosquitto-auth-plugin working on the same server. But I want to move the auth-plugin to a new server. So I created a admin program in C# to add users and access controls however I cant seem to the get the correct hash code for the password.
Has anyone implemented this or is there some resoucres available to create the correct hash?
I have tried this Hash It Right
private const int SaltByteLength = 12;
private const int DerivedKeyLength = 24;
public string CreatePasswordHash(string password)
{
var salt = GenerateRandomSalt();
var iterationCount = GetIterationCount();
var hashValue = GenerateHashValue(password, salt, iterationCount);
var iterationCountBtyeArr = BitConverter.GetBytes(iterationCount);
var valueToSave = new byte[SaltByteLength + DerivedKeyLength + iterationCountBtyeArr.Length];
Buffer.BlockCopy(salt, 0, valueToSave, 0, SaltByteLength);
Buffer.BlockCopy(hashValue, 0, valueToSave, SaltByteLength, DerivedKeyLength);
Buffer.BlockCopy(iterationCountBtyeArr, 0, valueToSave, salt.Length + hashValue.Length, iterationCountBtyeArr.Length);
return Convert.ToBase64String(valueToSave);
}
private int GetIterationCount()
{
return 901;
}
private static byte[] GenerateRandomSalt()
{
var csprng = new RNGCryptoServiceProvider();
var salt = new byte[SaltByteLength];
csprng.GetBytes(salt);
return salt;
}
private static byte[] GenerateHashValue(string password, byte[] salt, int iterationCount)
{
byte[] hashValue;
var valueToHash = string.IsNullOrEmpty(password) ? string.Empty : password;
using (var pbkdf2 = new Rfc2898DeriveBytes(valueToHash, salt, iterationCount))
{
hashValue = pbkdf2.GetBytes(DerivedKeyLength);
}
return hashValue;
}
will this make it easier for you?
using System;
using System.IO;
using System.Security.Cryptography;
using System.Text;
class Class1
{
static void Main(string[] args)
{
byte[] HashValue;
string MessageString = "This is the original message!";
//Create a new instance of the UnicodeEncoding class to
//convert the string into an array of Unicode bytes.
UnicodeEncoding UE = new UnicodeEncoding();
//Convert the string into an array of bytes.
byte[] MessageBytes = UE.GetBytes(MessageString);
//Create a new instance of the SHA1Managed class to create
//the hash value.
SHA1Managed SHhash = new SHA1Managed();
//Create the hash value from the array of bytes.
HashValue = SHhash.ComputeHash(MessageBytes);
//Display the hash value to the console.
foreach(byte b in HashValue)
{
Console.Write("{0} ", b);
}
}
I want to encrypt String with SessionKey. Below is sample code I am using, but I am not getting the correct encrypted answer.
string = test;
SessionKey = "ThisIsASecretKey";
For encryption, I am using the method below:
byte[] array = Encoding.ASCII.GetBytes("ThisIsASecretKey");
byte[] array1 = Encoding.ASCII.GetBytes("test");
byte[] reult = encryptUsingSessionKey(array, array1);
public byte[] encryptUsingSessionKey(byte[] skey,byte[] data)
{
Org.BouncyCastle.Crypto.Paddings.PaddedBufferedBlockCipher cipher = new Org.BouncyCastle.Crypto.Paddings.PaddedBufferedBlockCipher(new AesEngine(), new Pkcs7Padding());
cipher.Init(true, new Org.BouncyCastle.Crypto.Parameters.KeyParameter(skey));
int outputSize = cipher.GetOutputSize(data.Length);
byte[] tempOP = new byte[outputSize];
int processLen = cipher.ProcessBytes(data, 0, data.Length, tempOP, 0);
int outputLen = cipher.DoFinal(tempOP, processLen);
byte[] result = new byte[processLen + outputLen];
tempOP.CopyTo(result, 0);
// tempOP.CopyTo(tempOP,0,result,0,result.Length);
return result;
}
After encryption, I am getting
jZî|ðçê`u0aC
but the correct answer would be
ƒ_jZî|ðç_ê‹\`u0aC