/// <summary>
/// Transform any arbitrary input string into a secure and unintelligible hash (string).
/// - Simple and quick
/// - Low level security
/// - NOT to be used for sensitive data such as passwords. Instead use the method method HashPassword.
/// </summary>
/// <param name="text">The input string to hash</param>
/// <param name="salt">A string containing 16 or more random characters. The salt should be saved together with the hash. Only use each salt once (read: generate a new salt every time you hash)</param>
/// <param name="algorithm">The algorithm that should perform the hashing operation</param>
/// <returns>A HashResult object that contains the results of the hashing proces. Call .ToString() to convert the object into a single hash string</returns>
/// <remarks>Not to be used for sensitive data such as passwords</remarks>
public static HashResult Hash(string text, string salt, EnmHashingAlgorithm algorithm = EnmHashingAlgorithm.SHA512)
{
if (String.IsNullOrEmpty(text))
return null;
if (salt == null || salt.Length < SALT_LENGTH)
throw new ArgumentException("Must be atleast " + SALT_LENGTH.ToString() + " characters in length", "salt");
var textBytes = ASCIIEncoding.ASCII.GetBytes(text);
var saltBytes = ASCIIEncoding.ASCII.GetBytes(salt);
return Hash(textBytes, saltBytes, algorithm.SHA());
}
/// <summary>
/// Transform any arbitrary input string into a secure and unintelligible hash (string).
/// This method is a keyed hashing method which is a lot more secure then the regular hashing methods
/// - The generated keyed hash can be used to verify the authenticity of a message
/// - NOT to be used for securing passwords, instead use the provided method HashPassword.
/// </summary>
/// <param name="text">The input string to hash</param>
/// <param name="salt">A string containing 16 or more random characters. The salt should be saved together with the hash. Only use each salt once (read: generate a new salt every time you hash)</param>
/// <param name="algorithm">The hashing algorithm to use for the hashing proces</param>
/// <param name="key">The secret key to be used to generate the hash. T</param>
/// <returns>A HashResult object that contains the results of the hashing proces. Call .ToString() to convert the object into a single hash string</returns>
/// <remarks>Not to be used for sensitive data such as passwords</remarks>
public static HashResult HashWithAuthentication(string text, string salt, EnmHashingAlgorithm algorithm, string key)
{
if (text == null || text.Length == 0)
return null;
if (salt == null || salt.Length < SALT_LENGTH)
throw new ArgumentException("Must be atleast " + SALT_LENGTH.ToString() + " characters in length", "salt");
if (key == null || key.Length < MIN_SECRETKEY_LENGTH)
throw new ArgumentException("Must be atleast " + MIN_SECRETKEY_LENGTH.ToString() + " characters in length", "key");
var textBytes = Encoding.ASCII.GetBytes(text);
var saltBytes = Encoding.ASCII.GetBytes(salt);
var keyBytes = Encoding.ASCII.GetBytes(key);
return HashWithAuthentication(textBytes, saltBytes, keyBytes, algorithm);
}
static HashResult HashWithAuthentication(byte[] text, byte[] salt, byte[] key, EnmHashingAlgorithm algorithm)
{
if (text == null || text.Length == 0)
return null;
if (salt == null || salt.Length < SALT_LENGTH)
throw new ArgumentException("Must be atleast " + SALT_LENGTH.ToString() + " characters in length", "salt");
if (key == null || key.Length < MIN_SECRETKEY_LENGTH)
throw new ArgumentException("Must be atleast " + MIN_SECRETKEY_LENGTH.ToString() + " characters in length", "masterKey");
// Tussenstap: Genereer nu o.b.v. de (master)key en de salt een nieuwe afgeleide sleutel waarmee we gaan hashen: de zogenaamde hashKey.
// Dit doen we zodat je de key niet kan herleiden uit de hash die we straks gaan genereren.
byte[] hashkeyBytes; // De hashkey. Hiermee gaan we zometeen hashen
using (var hkdf = new HKDF(SecurityDrivenDotNet.HMACFactories.HMACSHA512, key, salt))
hashkeyBytes = hkdf.GetBytes(64);
// Magic: Transformeer de data, met behulp van de sleutel, naar een onleesbare maar voorspelbare hash.
var hash = new HMAC2(algorithm.Factory(), hashkeyBytes).ComputeHash(text);
// Retourneer het resultaat als een BASE-64 encoded string
return new HashResult(algorithm.ToString(), Convert.ToBase64String(salt), Convert.ToBase64String(hash));
}
