public static string Hash(SaltShaker shaker, string password, string storedSalt)
{
string embedded = shaker.Embed(password, storedSalt);
if (hasher == null)
{
hasher = SHA512.Create();
}
byte[] data = Encoding.UTF8.GetBytes(embedded);
data = hasher.ComputeHash(data);
return(new string(Encoding.UTF8.GetChars(data)));
}
/// <summary>
/// Returns a SaltPair containing the generated salt and the hashed salted password.
/// Uses a SHA512 hasher for hashing operations
/// </summary>
/// <param name="shaker"></param>
/// <param name="password"></param>
/// <returns></returns>
public static SaltPair Hash(SaltShaker shaker, string password)
{
SaltPair embedded = shaker.Salt(password);
if (hasher == null)
{
hasher = SHA512.Create();
}
byte[] data = Encoding.UTF8.GetBytes(embedded.SaltedPayload);
data = hasher.ComputeHash(data);
return(new SaltPair(embedded.Salt, new string(Encoding.UTF8.GetChars(data))));
}
/// <summary>
/// Generates a salt value that is purely randomized and therefore must be persisted as it cannot be reliably duplicated
/// </summary>
/// <returns></returns>
public string GenerateSalt()
{
if (this.model == SaltCreationModel.NonRepeatableStrong)
{
return(SaltShaker.GenerateSalt(this.saltLength, this.minChar, this.maxChar, RandomNumberGenerator.Create(), this.suppressedChars));
}
else if (this.model == SaltCreationModel.NonRepeatable)
{
return(SaltShaker.GenerateSalt(this.saltLength, this.minChar, this.maxChar, new Random(), this.suppressedChars));
}
else
{
return(SaltShaker.GenerateSalt(this.saltLength, this.minChar, this.maxChar, new Random(this.seed), this.suppressedChars));
}
}
/// <summary>
/// Embeds the provided payload into the provided salt.
/// The embedding model is determined by the SaltEntropyModel used when creating this salt shaker
/// </summary>
/// <param name="payload"></param>
/// <param name="salt"></param>
/// <returns></returns>
public string Embed(string payload, string salt)
{
return(SaltShaker.EmbedSalt(this.embed, payload, salt));
}
/// <summary>
/// Generates a salt value based upon the value of the payload such that the same payload will generate the same salt reliably
/// </summary>
/// <param name="payload"></param>
/// <returns></returns>
public string GenerateSalt(string payload)
{
return(SaltShaker.GenerateSalt(this.saltLength, this.minChar, this.maxChar, payload, this.suppressedChars));
}
public static bool Matches(SaltShaker shaker, string password, string storedCredential, string storedSalt)
{
string cur = Hash(shaker, password, storedSalt);
return(cur.Equals(storedCredential));
}
/// <summary>
/// Performs a salt/hash/compare of a cleartext password against a stored password hash using the provided shaker for salting.
/// This assumes that the salting is properly specified in the shaker and expects that the salting is repeatable. And unrepeatable salt will always fail the compare, in this case the salt used for the storedcredential must also be passed.
/// </summary>
/// <param name="shaker"></param>
/// <param name="password"></param>
/// <param name="storedCredential"></param>
/// <returns></returns>
public static bool Matches(SaltShaker shaker, string password, string storedCredential)
{
SaltPair cur = Hash(shaker, password);
return(cur.SaltedPayload.Equals(storedCredential));
}
