internal Cryptographer(NormalizedRequest request, ArtifactsContainer artifacts, Credential credential)
 {
     this.normalizedRequest = request;
     this.artifacts = artifacts;
     this.credential = credential;
     this.hasher = new Hasher(credential.Algorithm);
 }
        /// <summary>
        /// Returns true, if the HMAC calculated for the normalized representation of the timestamp data that
        /// this instance represents matches the passed in HMAC.
        /// </summary>
        internal bool IsValid(byte[] hmacToValidateAgainst)
        {
            Hasher hasher = new Hasher(credential.Algorithm);
            byte[] computedMac = hasher.ComputeHmac(this.ToString().ToBytesFromUtf8(), credential.Key);

            // Okay not to use the constant-time comparison, since the timestamp
            // HMAC validation is done in the client side
            return computedMac.SequenceEqual(hmacToValidateAgainst);
        }
        /// <summary>
        /// Returns the header parameter to be put into the HTTP WWW-Authenticate header. The field ts has the timestamp
        /// in UNIX time corresponding to the server clock and the field tsm is the MAC calculated for the normalized
        /// timestamp data using the shared symmetric key and the algorithm agreed upon.
        /// </summary>
        /// <returns></returns>
        internal string ToWwwAuthenticateHeaderParameter()
        {
            Hasher hasher = new Hasher(credential.Algorithm);

            byte[] data = this.ToString().ToBytesFromUtf8();

            string tsm = hasher.ComputeHmac(data, credential.Key).ToBase64String();

            char trailer = ',';

            StringBuilder result = new StringBuilder();
            result.AppendIfNotEmpty(TS, fresh.ToString(), trailer)
                .AppendIfNotEmpty(TSM, tsm, trailer);

            return result.ToString().Trim().Trim(trailer);
        }