public bool VerifyPasswordHash(string password, EncryptedPasswordObject encryptedPassword)
{
if (password == null)
throw new ArgumentNullException($"Parameter {nameof(password)} cannot be null");
if (string.IsNullOrWhiteSpace(password))
throw new ArgumentException($"Parameter {nameof(password)} cannot be empty or only contain whitespace.");
if (encryptedPassword.Hash.Length != 64)
throw new ArgumentException("Invalid length of password hash (64 bytes expected).", "passwordHash");
if (encryptedPassword.Salt.Length != 128)
throw new ArgumentException("Invalid length of password salt (128 bytes expected).", "passwordHash");
using (var hmac = new HMACSHA512(encryptedPassword.Salt))
{
var computedHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(password));
for (int i = 0; i < computedHash.Length; i++)
{
if (computedHash[i] != encryptedPassword.Hash[i]) return false;
}
}
return true;
}
public EncryptedPasswordObject CreatePasswordHash(string password)
{
if (password == null)
throw new ArgumentNullException($"Parameter {nameof(password)} cannot be null");
if (string.IsNullOrWhiteSpace(password))
throw new ArgumentException($"Parameter {nameof(password)} cannot be empty or only contain whitespace.");
EncryptedPasswordObject encryptedPassword = new EncryptedPasswordObject();
using (var hmac = new HMACSHA512())
{
encryptedPassword.Salt = hmac.Key;
encryptedPassword.Hash = hmac.ComputeHash(Encoding.UTF8.GetBytes(password));
}
return encryptedPassword;
}
