public string Unseal(string sealedString, string password, IronConfig config)
{
var macBase = MacBase.FromSealedString(sealedString);
if (!string.IsNullOrEmpty(macBase.Expiration))
{
CheckExpirationDate(macBase.Expiration, config);
}
var normalizedPassword = NormalizePassword(password);
var decryptOptions = config.EncryptionConfig;
decryptOptions.Salt = macBase.HmacSalt;
var mac = HmacWithPassword(normalizedPassword.Integrity, decryptOptions, macBase.ToShortString());
if (mac.Digest != macBase.Hmac)
{
throw new IronUnsealErrorException("Bad HMAC value");
}
var encryptedUnBase64 = Util.Base64UrlDecode(macBase.EncryptedB64);
decryptOptions.Iv = Util.Base64UrlDecode(macBase.EncryptionIv);
decryptOptions.Salt = macBase.EncryptionSalt;
var decrypted = Decrypt(normalizedPassword.Encryption, decryptOptions, encryptedUnBase64);
return(decrypted.DecryptedResult);
}
