Switch to Crypto from DataProtection

2014-06-12 13:33:19 -07:00 · 2014-06-12 13:33:19 -07:00 · a3991400bc
parent af66fe1611
commit a3991400bc
2 changed files with 16 additions and 10 deletions
--- a/src/Microsoft.AspNet.Identity/Crypto.cs
+++ b/src/Microsoft.AspNet.Identity/Crypto.cs
@ -3,8 +3,7 @@

 using System;
 using System.Runtime.CompilerServices;
-using System.Text;
-using Microsoft.AspNet.Security.DataProtection;
+using System.Security.Cryptography;

 namespace Microsoft.AspNet.Identity
 {
@ -32,10 +31,14 @@ namespace Microsoft.AspNet.Identity
            }

            // Produce a version 0 (see comment above) text hash.
-            var salt = new byte[SaltSize];
-            CryptRand.FillBuffer(new ArraySegment<byte>(salt));
-            var passwordBytes = Encoding.UTF8.GetBytes(password);
-            var subkey = PBKDF2.DeriveKey("SHA1", passwordBytes, salt, Pbkdf2IterCount, Pbkdf2SubkeyLength);
+            byte[] salt;
+            byte[] subkey;
+            using (var deriveBytes = new Rfc2898DeriveBytes(password, SaltSize, Pbkdf2IterCount))
+            {
+                salt = deriveBytes.Salt;
+                subkey = deriveBytes.GetBytes(Pbkdf2SubkeyLength);
+            }
+
            var outputBytes = new byte[1 + SaltSize + Pbkdf2SubkeyLength];
            Buffer.BlockCopy(salt, 0, outputBytes, 1, SaltSize);
            Buffer.BlockCopy(subkey, 0, outputBytes, 1 + SaltSize, Pbkdf2SubkeyLength);
@ -65,8 +68,12 @@ namespace Microsoft.AspNet.Identity
            Buffer.BlockCopy(hashedPasswordBytes, 1, salt, 0, SaltSize);
            var storedSubkey = new byte[Pbkdf2SubkeyLength];
            Buffer.BlockCopy(hashedPasswordBytes, 1 + SaltSize, storedSubkey, 0, Pbkdf2SubkeyLength);
-            var passwordBytes = Encoding.UTF8.GetBytes(password);
-            var generatedSubkey = PBKDF2.DeriveKey("SHA1", passwordBytes, salt, Pbkdf2IterCount, Pbkdf2SubkeyLength);
+
+            byte[] generatedSubkey;
+            using (var deriveBytes = new Rfc2898DeriveBytes(password, salt, Pbkdf2IterCount))
+            {
+                generatedSubkey = deriveBytes.GetBytes(Pbkdf2SubkeyLength);
+            }
            return ByteArraysEqual(storedSubkey, generatedSubkey);
        }

--- a/src/Microsoft.AspNet.Identity/project.json
+++ b/src/Microsoft.AspNet.Identity/project.json
@ -1,8 +1,6 @@
 {
  "version": "0.1-alpha-*",
  "dependencies": {
-    "Microsoft.AspNet.HttpFeature" : "0.1-alpha-*",
-    "Microsoft.AspNet.Security.DataProtection" : "0.1-alpha-*",
    "Microsoft.Framework.ConfigurationModel": "0.1-alpha-*",
    "Microsoft.Framework.DependencyInjection" : "0.1-alpha-*",
    "Microsoft.Framework.OptionsModel": "0.1-alpha-*",
@ -26,6 +24,7 @@
        "System.Runtime": "4.0.20.0",
        "System.Runtime.Extensions": "4.0.10.0",
        "System.Security.Principal": "4.0.0.0",
+        "System.Security.Cryptography.DeriveBytes": "4.0.0.0",
        "System.Text.Encoding": "4.0.20.0",
        "System.Threading.Tasks": "4.0.10.0"
      }