private static bool VerifyPasswordHash(string password, byte[] storedHash, byte[] storedSalt)
{
if (password == null)
{
throw new ArgumentNullException("password");
}
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentException("Value cannot be empty or whitespace only string.", "password");
}
////if (storedHash.Length != 64) throw new ArgumentException("Invalid length of password hash (64 bytes expected).", "passwordHash");
//if (storedSalt.Length != 128) throw new ArgumentException("Invalid length of password salt (128 bytes expected).", "passwordHash");
//using (var hmac = new System.Security.Cryptography.HMACSHA512(storedSalt))
//{
// var computedHash = hmac.ComputeHash(System.Text.Encoding.UTF8.GetBytes(password));
// for (int i = 0; i < computedHash.Length; i++)
// {
// if (computedHash[i] != storedHash[i]) return false;
// }
//}
GostCrypto.Gost34102012Signer signer = new GostCrypto.Gost34102012Signer(new BigInteger(storedSalt));
return(signer.SignIsValid(password, Encoding.UTF8.GetString(storedHash)));
}
