/// <summary> /// Validates the password against the existing hash. /// </summary> /// <param name="password">The password. This cannot be null.</param> /// <param name="encodedHash">The encoded hash. This cannot be empty or null.</param> /// <returns></returns> /// <exception cref="ArgumentNullException"> /// <paramref name="password"/> cannot be null. <paramref name="encodedHash"/> cannot be empty or null. /// </exception> public static bool ValidatePassword(string password, string encodedHash) { if (password == null) { throw new ArgumentNullException(nameof(password)); } if (string.IsNullOrEmpty(encodedHash)) { throw new ArgumentNullException(nameof(encodedHash)); } int actualVersion; byte[] actualSalt; byte[] actualHash; bool result = false; if (TryDecodeSaltedHash(encodedHash, out actualVersion, out actualSalt, out actualHash)) { HashSettings hashSettings = HashSettings.GetHashSettings(actualVersion); byte[] expectedHash = CreateSaltedHash(password, actualSalt, hashSettings.IterationsCount, actualHash.Length); result = CompareHashes(expectedHash, actualHash); } return(result); }
/// <summary> /// Creates the salted hash using the default <see cref="HashSettings"/>. /// </summary> /// <param name="input">The input.</param> /// <returns></returns> /// <exception cref="ArgumentNullException"> /// <paramref name="input"/> cannot be null. /// </exception> public static string CreateEncodedSaltedHash(string input) { if (string.IsNullOrEmpty(input)) { throw new ArgumentNullException(nameof(input)); } // Get the current hash settings HashSettings hashSettings = HashSettings.GetHashSettings( ); return(CreateEncodedSaltedHash(input, hashSettings)); }