-
Notifications
You must be signed in to change notification settings - Fork 2
/
HashingHelper.cs
47 lines (45 loc) · 1.77 KB
/
HashingHelper.cs
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
using System;
using System.Collections.Generic;
using System.Text;
namespace CarRental.Core.Utilities.Security.Hashing
{
public class HashingHelper
{
/// <summary>
/// Creates password hash and password salt by using System.Security.Cryptography.HMACSHA512.
/// </summary>
/// <param name="password"></param>
/// <param name="passwordHash"></param>
/// <param name="passwordSalt"></param>
public static void CreatePasswordHash(string password, out byte[] passwordHash, out byte[] passwordSalt)
{
using (var hmac = new System.Security.Cryptography.HMACSHA512())
{
passwordSalt = hmac.Key;
passwordHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(password));
}
}
/// <summary>
/// It verifies the password hash by using the System.Security.Cryptography.HMACSHA512 with the given password.
/// </summary>
/// <param name="password"></param>
/// <param name="passwordHash"></param>
/// <param name="passwordSalt"></param>
/// <returns>Returns true if the password hash verified else returns false.</returns>
public static bool VerifyPasswordHash(string password, byte[] passwordHash, byte[] passwordSalt)
{
using (var hmac = new System.Security.Cryptography.HMACSHA512(passwordSalt))
{
var computedHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(password));
for (int i = 0; i < computedHash.Length; i++)
{
if (computedHash[i] != passwordHash[i])
{
return false;
}
}
}
return true;
}
}
}