public static bool ValidateHmac(string hmacKey, byte[] bytes, byte[] hmac)
{
var validated = false;
if (bytes != null && hmac != null)
{
var calculated = CalculateHash(hmacKey, bytes);
if (calculated != null)
{
validated = SlowEquals.AreEqual(hmac, calculated);
}
}
return(validated);
}
public static bool ValidatePassword(string password, string storedHash)
{
var isValid = false;
var split = storedHash.Split(':');
//make sre we have the correct number of parts
if (split.Length == Sections)
{
//make sure the algorithm is correct
if (split[AlgorithmIndex] == "HMACSHA512")
{
if (int.TryParse(split[IterationIndex], out var iterations))
{
if (iterations > 0)
{
var salt = Convert.FromBase64String(split[SaltIndex]);
var hash = Convert.FromBase64String(split[Pbkdf2Index]);
if (int.TryParse(split[SizeIndex], out var storedHashSize))
{
//make sure the hash is the right size
if (storedHashSize == hash.Length)
{
var tmpHash = Pbkdf2(password, salt, iterations, hash.Length);
isValid = SlowEquals.AreEqual(hash, tmpHash);
}
}
}
}
}
}
return(isValid);
}
