diff --git a/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs b/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs index 2e882cefed..e27738f69e 100644 --- a/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs +++ b/Emby.Server.Implementations/Cryptography/CryptographyProvider.cs @@ -17,7 +17,7 @@ namespace Emby.Server.Implementations.Cryptography private RandomNumberGenerator _randomNumberGenerator; - private int _defaultIterations = 1000; + private const int _defaultIterations = 1000; public CryptographyProvider() { @@ -27,20 +27,20 @@ namespace Emby.Server.Implementations.Cryptography //Please note the default method of PBKDF2 is not included, it cannot be used to generate hashes cleanly as it is actually a pbkdf with sha1 _supportedHashMethods = new HashSet() { - "MD5" - ,"System.Security.Cryptography.MD5" - ,"SHA" - ,"SHA1" - ,"System.Security.Cryptography.SHA1" - ,"SHA256" - ,"SHA-256" - ,"System.Security.Cryptography.SHA256" - ,"SHA384" - ,"SHA-384" - ,"System.Security.Cryptography.SHA384" - ,"SHA512" - ,"SHA-512" - ,"System.Security.Cryptography.SHA512" + "MD5", + "System.Security.Cryptography.MD5", + "SHA", + "SHA1", + "System.Security.Cryptography.SHA1", + "SHA256", + "SHA-256", + "System.Security.Cryptography.SHA256", + "SHA384", + "SHA-384", + "System.Security.Cryptography.SHA384", + "SHA512", + "SHA-512", + "System.Security.Cryptography.SHA512" }; _randomNumberGenerator = RandomNumberGenerator.Create(); } @@ -120,7 +120,10 @@ namespace Emby.Server.Implementations.Cryptography } else { - return h.ComputeHash(bytes.Concat(salt).ToArray()); + byte[] salted = new byte[bytes.Length + salt.Length]; + Array.Copy(bytes, salted, bytes.Length); + Array.Copy(salt, 0, salted, bytes.Length, salt.Length); + return h.ComputeHash(salted); } } } diff --git a/MediaBrowser.Model/Cryptography/PasswordHash.cs b/MediaBrowser.Model/Cryptography/PasswordHash.cs index 72bdc6745e..a9d0f67446 100644 --- a/MediaBrowser.Model/Cryptography/PasswordHash.cs +++ b/MediaBrowser.Model/Cryptography/PasswordHash.cs @@ -100,14 +100,14 @@ namespace MediaBrowser.Model.Cryptography public static byte[] ConvertFromByteString(string byteString) { - List bytes = new List(); + byte[] bytes = new byte[byteString.Length / 2]; for (int i = 0; i < byteString.Length; i += 2) { // TODO: NetStandard2.1 switch this to use a span instead of a substring. - bytes.Add(Convert.ToByte(byteString.Substring(i, 2), 16)); + bytes[i / 2] = Convert.ToByte(byteString.Substring(i, 2), 16); } - return bytes.ToArray(); + return bytes; } public static string ConvertToByteString(byte[] bytes) @@ -117,18 +117,18 @@ namespace MediaBrowser.Model.Cryptography private string SerializeParameters() { - string ReturnString = string.Empty; + string returnString = string.Empty; foreach (var KVP in _parameters) { - ReturnString += $",{KVP.Key}={KVP.Value}"; + returnString += $",{KVP.Key}={KVP.Value}"; } - if ((!string.IsNullOrEmpty(ReturnString)) && ReturnString[0] == ',') + if ((!string.IsNullOrEmpty(returnString)) && returnString[0] == ',') { - ReturnString = ReturnString.Remove(0, 1); + returnString = returnString.Remove(0, 1); } - return ReturnString; + return returnString; } public override string ToString()