Password Hashing Scheme V1: Generates 'salted' Password Hashes with the Scrypt Key Stretching Algorithm. More...
Public Member Functions | |
| void | GetNewPasswordSaltAndHash (out string APassword, out string ASalt, out string APasswordHash) |
| Generates a new secure random password. More... | |
| byte[] | GetNewPasswordSalt () |
| Generates a new password Salt. More... | |
| string | GetNewPasswordSaltString () |
| Generates a new password Salt. More... | |
| string | GetPasswordHash (string APassword, byte[] ASalt) |
| Not implemented! More... | |
| string | GetPasswordHash (string APassword, string ASalt) |
| Generates a Password Hash using the 'Scrypt' Key Stretching Algorithm (which is provided through the libsodium-net libaray ['Sodium' namespace]). More... | |
Detailed Description
Password Hashing Scheme V1: Generates 'salted' Password Hashes with the Scrypt Key Stretching Algorithm.
BEWARE / DO NOT USE ANYMORE: In this scheme the Scrypt password hash was created with a Salt that was inadvertently 'weakened' by the fact that a conversion of a byte array to ASCII was done (thereby reducing the resulting available byte value representations from 256 to 128)- therefore --> Automatic migration to TPasswordHashingScheme_V2 as soon as a user logs in once with TPasswordHashingScheme_V1 aims to mitigate this.
The Scrypt hash function is used through the libsodium-net library. The 'password hash strength' is set to PasswordHash.Strength.Medium. IMPORTANT: The name of the Class MUST end with '_V' followed by 1 (gets evaluated in Method 'GetPasswordSchemeVersionNumber' of Class TPasswordHelper)!!!
Member Function Documentation
◆ GetNewPasswordSalt()
|
inline |
Generates a new password Salt.
- Returns
- New password Salt as a byte array.
Implements Ict.Common.IPasswordHashingScheme.
◆ GetNewPasswordSaltAndHash()
|
inline |
Generates a new secure random password.
- Parameters
-
APassword Secure random password. ASalt The Salt that was used in the creation of the Password Hash. APasswordHash Password Hash.
Implements Ict.Common.IPasswordHashingScheme.
◆ GetNewPasswordSaltString()
|
inline |
Generates a new password Salt.
- Returns
- New password Salt as a String.
◆ GetPasswordHash() [1/2]
|
inline |
Not implemented!
- Parameters
-
APassword N/A! ASalt N/A!
- Returns
- N/A!
Implements Ict.Common.IPasswordHashingScheme.
◆ GetPasswordHash() [2/2]
|
inline |
Generates a Password Hash using the 'Scrypt' Key Stretching Algorithm (which is provided through the libsodium-net libaray ['Sodium' namespace]).
IMPORTANT: Changing the way 'Salt' is generated and/or changing the 'Password Hash Strength limit' that gets passed to the PasswordHash.ScryptHashBinary Method (here: PasswordHash.Strength.Medium) invalidates existing passwords, ie. users will no longer be able to log on with their passwords once this is done!
If those parameters should ever be changed then the Ict.Tools.PasswordResetter.exe application can be used to assign new, random passwords that are created 'in the new way' and users will need to log on once with that password, then they will immediately need to enter a new password. This will then be stored 'in the new way' and users will be able to log on as they used to do from then onwards - with the new password of their choice.
- Parameters
-
APassword Password. ASalt Salt. Must have been created with GetNewPasswordSalt!!!
- Returns
- Password Hash created with the 'Scrypt' Key Stretching Algorithm.
The documentation for this class was generated from the following file:
- csharp/ICT/Common/PasswordHashingSchemeV1.cs
