// Function to decode the string
// Throws an exception if the data is corrupt
private static string TamperProofStringDecode(string value, string key)
{
string dataValue = string.Empty;
string calcHash = string.Empty;
string storedHash = string.Empty;
string strKey = null;
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(key));
try
{
dataValue = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(value.Split('-')[0]));
strKey = value.Split('-')[1];
strKey = DecodeHexString(strKey);
storedHash = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(strKey));
calcHash = System.Text.Encoding.UTF8.GetString(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(dataValue)));
if (storedHash != calcHash)
{
// Data was corrupted
// This error is immediately caught below
throw new ArgumentException("Hash value does not match");
}
}
catch
{
throw new ArgumentException(Convert.ToString((Convert.ToString("Invalid TamperProofString stored hash = ") + storedHash) + " calchash = ") + calcHash);
}
// Cleanup
mac3des.Clear();
md5.Clear();
return dataValue;
}
public void ObjectDisposed ()
{
byte[] key = CombineKeys (key1, key2, key3);
algo = new MACTripleDES (key);
algo.Clear ();
algo.ComputeHash (new byte[1]);
}
// Function to encode the string
private static string TamperProofStringEncode(string value, string Key)
{
string strKey = null;
MACTripleDES mac3des = new MACTripleDES();
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
mac3des.Key = md5.ComputeHash(System.Text.Encoding.UTF8.GetBytes(Key));
strKey = Convert.ToBase64String(mac3des.ComputeHash(System.Text.Encoding.UTF8.GetBytes(value)));
// convert key to hex because we can't have goofy characters in the query string
strKey = EncodeHexString(strKey);
// Cleanup
mac3des.Clear();
md5.Clear();
return Convert.ToString(Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(value)) + '-') + strKey;
}
