/// <summary>
/// Gets the SHA512 of the password.
/// </summary>
/// <param name="password">the password to hash.</param>
/// <param name="hashProvider">The hash provider.</param>
/// <returns>The computed hash.</returns>
private static byte[] GetHash(
SecureString password,
SHA512 hashProvider)
{
byte[] encodedText = password.ToEncodedClearText();
try
{
return hashProvider.ComputeHash(encodedText);
}
finally
{
encodedText.Zero();
}
}
/// <summary>
/// Gets the hash given the account id and secret.
/// </summary>
/// <param name="body">The raw body of the token.</param>
/// <param name="secret">the secret for computing the hash.</param>
/// <returns>the hash value.</returns>
protected static byte[] GetHash(byte[] body, SecureString secret)
{
byte[] key = secret.ToEncodedClearText(Encoding.UTF8);
try
{
using (HMACSHA256 sha = new HMACSHA256(key))
{
return sha.ComputeHash(body);
}
}
finally
{
key.Zero();
}
}
/// <summary>
/// Encrypts a secure string with the given certificate.
/// </summary>
/// <param name="userData">the user data to encrypt.</param>
/// <param name="certificate">the certificate for encryption.</param>
/// <returns>the encrypted data.</returns>
public static byte[] Protect(SecureString userData, X509Certificate2 certificate)
{
if (userData == null)
{
throw new ArgumentNullException("userData");
}
if (certificate == null)
{
throw new ArgumentNullException("certificate");
}
byte[] clearText = userData.ToEncodedClearText();
try
{
return Protect(clearText, certificate);
}
finally
{
clearText.Zero();
}
}
