/// <summary> /// copy of legacy PortalSecurity.DecryptString method. /// </summary> /// <param name="message">string to be decrypted.</param> /// <param name="passphrase">key for decryption.</param> /// <returns></returns> public override string DecryptString(string message, string passphrase) { byte[] results; var utf8 = new UTF8Encoding(); using (var hashProvider = CryptographyUtils.CreateSHA512()) { byte[] tdesKey = hashProvider.ComputeHash(utf8.GetBytes(passphrase)); byte[] trimmedBytes = new byte[24]; Buffer.BlockCopy(tdesKey, 0, trimmedBytes, 0, 24); var tdesAlgorithm = new TripleDESCryptoServiceProvider { Key = trimmedBytes, Mode = CipherMode.ECB, Padding = PaddingMode.PKCS7, }; byte[] dataToDecrypt = Convert.FromBase64String(message); try { ICryptoTransform decryptor = tdesAlgorithm.CreateDecryptor(); results = decryptor.TransformFinalBlock(dataToDecrypt, 0, dataToDecrypt.Length); } finally { // Clear the TripleDes and Hashprovider services of any sensitive information tdesAlgorithm.Clear(); hashProvider.Clear(); } } return(utf8.GetString(results)); }