Authentication through c#

[YOUR1]

Hi,

I'm working on an app in c#, but I'm stuck on the authentication part.

From what I understand (and read on #1242 (comment)) the salt is a base64 encoded hex string. You need to use that while running a BCrypt encryption.

I have the following code;

        public static string GenerateKeyFromPassphrase(string passphrase, string salt)
        {
            // EnhancedEntropy
            bool useEnhancedEntropy = false;
            // Set blowflish type and number of rounds
            string blowfishAndLogRounds = "$2a$08$";
            // Create salt decoded string
            string saltDecoded = String.Format("{0}{1}", blowfishAndLogRounds, salt);
            // Generate BCrypt string
            string BCryptKey = BCrypt.Net.BCrypt.HashPassword(passphrase, salt, useEnhancedEntropy, BCrypt.Net.HashType.None); // returns $2a$08${salt}{hash}
            string BCryptKeyHashed = ComputeSha256Hash(BCryptKey); // returns sha256(hash)
            string result = Utils.Base64UrlEncode(Encoding.UTF8.GetBytes(BCryptKeyHashed)); // returns base64 url safe encoded url
           
            return result;
        }

After the BCrypt has done running, I create a new SHA256 hash of it, and the finally I run a Base64URLEncode to finalize the process.

Apparently I'm overseeing something, as the returned result is not working (at all).

Can someone point me in the right direction?

[YOUR1]

Okay, so I think the problem lies within the given salt.

As for my understanding, the salt is a hex encoded string. That itself isn't that much of a problem; but when I try to decode that to a UTF8 string, I end up with all weird characters and stuff. Using that decoded string in the hasher, throws an exception, surprisingly.

[charlag]

Hey, if you want to have a look at alternative mplementation you can poke around here:
https://gitlab.com/charlag/tutta/-/blob/dev/SharedCode/src/commonMain/kotlin/LoginFacade.kt
crypto functions are implemented separately for JVM and Native
I suspect that you need raw bcrypt output

[charlag]

Actually probably this: https://gitlab.com/charlag/tutta/-/blob/dev/SharedCode/src/commonMain/kotlin/Cryptor.kt#L74

[YOUR1]

Awesome @charlag, I'll see if I can port it or something :-)

[charlag]

there are Bcrypt implementaions:
https://gitlab.com/charlag/tutta/-/blob/dev/SharedCode/src/androidMain/kotlin/Cryptor.kt#L228
https://gitlab.com/charlag/tutta/-/blob/dev/SharedCode/src/linuxX64Main/kotlin/com/charlag/tuta/Cryptor.kt#L117

[YOUR1]

Thanks to @charlag's links I got it to work.

Final function to generate the authverifier using Bounty Castle:

    class Crypto
    {
        public static Encoding encoding = Encoding.UTF8;
        public static byte[] SHA256(byte[] data)
        {
            Sha256Digest sha256 = new Sha256Digest();
            sha256.BlockUpdate(data, 0, data.Length);
            byte[] hash = new byte[sha256.GetDigestSize()];
            sha256.DoFinal(hash, 0);
            return hash;
        }

        public static string GenerateAuthVerifier(string password, string salt)
        {
            byte[] passwordBytes = SHA256(encoding.GetBytes(password));
            byte[] saltBytes = Convert.FromBase64String(salt);
            byte[] hash = BCrypt.Generate(passwordBytes, saltBytes, 8).Skip(0).Take(16).ToArray();
            return encoding.GetString(hash);
        }
    }

Then put body.authVerifier = Crypto.GenerateAuthVerifier(password, saltService.response.salt); somewhere you are doing the requests from.

Thanks again @charlag. I was using BCrypt.Net before Portable.BouncyCastle. I saw a BouncyCastle reference somewhere in your code and that pointed me to the right location!

[charlag]

Glad to hear it worked out!
Yup, it wants "BC" version of Bcrypt.
You don't actually have to use Bcrypt, important bit is "This mirrors how Bouncy Castle creates bcrypt hashes: with 24 byte out and without null-terminator.".