/// <summary>
/// Computes a 256-bit (32-byte) hash from the specified input data.
/// </summary>
/// <remarks>
/// This method provides no guarantees as to consistency over different versions of the framework,
/// and should not be considered cryptographically secure.
/// </remarks>
/// <param name="stream">The input stream to be hashed (starts from current stream position).</param>
/// <returns>A byte array containing the hash (32 bytes).</returns>
public static byte[] ComputeHash256(Stream stream)
{
using (var sha256 = new SHA256CryptoServiceProvider2())
{
return(sha256.ComputeHash(stream));
}
}
/// <summary>
/// Computes a 256-bit (32-byte) hash from the specified input data.
/// </summary>
/// <remarks>
/// This method provides no guarantees as to consistency over different versions of the framework,
/// and should not be considered cryptographically secure.
/// </remarks>
/// <param name="bytes">The input data to be hashed.</param>
/// <param name="offset">The byte offset in <paramref name="bytes"/> from which to start hashing.</param>
/// <param name="length">The number of bytes in <paramref name="bytes"/> to hash.</param>
/// <returns>A byte array containing the hash (32 bytes).</returns>
public static byte[] ComputeHash256(byte[] bytes, int offset, int length)
{
using (var sha256 = new SHA256CryptoServiceProvider2())
{
return(sha256.ComputeHash(bytes, offset, length));
}
}
/// <summary>
/// Computes a 128-bit (16-byte) hash from the specified input data.
/// </summary>
/// <remarks>
/// This method provides no guarantees as to consistency over different versions of the framework,
/// and should not be considered cryptographically secure.
/// </remarks>
/// <param name="stream">The input stream to be hashed (starts from current stream position).</param>
/// <returns>A byte array containing the hash (16 bytes).</returns>
public static byte[] ComputeHash128(Stream stream)
{
// we don't simply use MD5 because it throws an exception if the OS has strict cryptographic policies in place (e.g. FIPS)
// note: truncation of SHA256 seems to be an accepted method of producing a shorter hash - see other overload
using (var sha256 = new SHA256CryptoServiceProvider2())
{
var hash = sha256.ComputeHash(stream);
var result = new byte[16];
Buffer.BlockCopy(hash, 0, result, 0, 16);
return(result);
}
}
/// <summary>
/// Computes a 128-bit (16-byte) hash from the specified input data.
/// </summary>
/// <remarks>
/// This method provides no guarantees as to consistency over different versions of the framework,
/// and should not be considered cryptographically secure.
/// </remarks>
/// <param name="bytes">The input data to be hashed.</param>
/// <param name="offset">The byte offset in <paramref name="bytes"/> from which to start hashing.</param>
/// <param name="length">The number of bytes in <paramref name="bytes"/> to hash.</param>
/// <returns>A byte array containing the hash (16 bytes).</returns>
public static byte[] ComputeHash128(byte[] bytes, int offset, int length)
{
// we don't simply use MD5 because it throws an exception if the OS has strict cryptographic policies in place (e.g. FIPS)
// note: truncation of SHA256 seems to be an accepted method of producing a shorter hash
// * RFC3874 describes the SHA224 algorithm, which is just a truncated SHA256 hash with a different initialization vector
// * RFC4868 describes HMAC, a scheme for origin authentication and integrity verification which incorporates truncated SHA256 hashes
// * Altman M. {A Fingerprint Method for Scientific Data Verification}. In: Sobh T Proceedings of the International Conference on Systems Computing Sciences and Software Engineering 2007. New York: Springer Netherlands; 2008. p. 311–316.
// * a discussion of truncating SHA512 to 256 at http://crypto.stackexchange.com/questions/3153/sha-256-vs-any-256-bits-of-sha-512-which-is-more-secure
using (var sha256 = new SHA256CryptoServiceProvider2())
{
var hash = sha256.ComputeHash(bytes, offset, length);
var result = new byte[16];
Buffer.BlockCopy(hash, 0, result, 0, 16);
return(result);
}
}
