private void CreatePasswordHash(string password, out byte[] password_hash, out byte[] password_salt) { using (var hmac = new System.Security.Cryptography.HMACSHA256()) { password_salt = hmac.Key; password_hash = hmac.ComputeHas(System.Text.Encoding.UTF8.GetBytes(password)); } }
public async Task <bool> VerifyPasswordHash(string password, byte[] password_hash, byte[] password_salt) { using (var hmac = new System.Security.Cryptography.HMACSHA256(password_salt)) { var computedHash = hmac.ComputeHas(System.Text.Encoding.UTF8.GetBytes(password)); for (int i = 0; i < computedHash.Length; i++) { if (computedHash[i] != password_hash[i]) { return(false); } } } }