Exemplo n.º 1
0
        /// <summary>
        /// Create hash string.
        /// </summary>
        /// <param name="plainTextString"></param>
        /// <returns></returns>
        public String CreateHash(String plainTextString)
        {
            try
            {
                Byte[] saltBytes;
                Byte[] hashedTextBytes;
                Byte[] finalHash = new Byte[200];

                new RNGCryptoServiceProvider().GetBytes(saltBytes = new Byte[SaltByteLength]);

                Rfc2898DeriveBytes hashProvider = new Rfc2898DeriveBytes(plainTextString, saltBytes, HashIterations);
                hashedTextBytes = hashProvider.GetBytes(PasswordByteLength);

                Array.Copy(saltBytes, 0, finalHash, 0, SaltByteLength);
                Array.Copy(hashedTextBytes, 0, finalHash, SaltByteLength, PasswordByteLength);

                return(Convert.ToBase64String(finalHash));
            }
            catch (Exception exception)
            {
                CryptographyException cryptoException = new CryptographyException("Hasher create exception!", exception);
                cryptoException.Data.Add("PlainTextString", plainTextString);
                throw cryptoException;
            }
        }
Exemplo n.º 2
0
        /// <summary>
        /// Verify hash against plain text value.
        /// </summary>
        /// <param name="plainTextString"></param>
        /// <param name="hashedString"></param>
        /// <returns></returns>
        public Boolean VerifyHash(String plainTextString, String hashedString)
        {
            try
            {
                Byte[] saltBytes         = new Byte[SaltByteLength];
                Byte[] originalHashBytes = new Byte[PasswordByteLength];
                Byte[] hashedTextBytes   = Convert.FromBase64String(hashedString);
                Byte[] compareHash;

                Array.Copy(hashedTextBytes, 0, saltBytes, 0, SaltByteLength);
                Array.Copy(hashedTextBytes, SaltByteLength, originalHashBytes, 0, PasswordByteLength);

                Rfc2898DeriveBytes hashProvider = new Rfc2898DeriveBytes(plainTextString, saltBytes, HashIterations);
                compareHash = hashProvider.GetBytes(PasswordByteLength);

                Boolean isCorrect = true;

                for (Int32 i = 0; i < 20; ++i)
                {
                    if (originalHashBytes[i + 4] != compareHash[i + 4])
                    {
                        isCorrect = false;
                        break;
                    }
                }

                return(isCorrect);
            }
            catch (Exception exception)
            {
                CryptographyException cryptoException = new CryptographyException("Hasher verify exception!", exception);
                cryptoException.Data.Add("PlainTextString", plainTextString);
                cryptoException.Data.Add("HashedString", hashedString);
                throw cryptoException;
            }
        }