/// <summary>
/// copy of legacy PortalSecurity.DecryptString method.
/// </summary>
/// <param name="message">string to be decrypted.</param>
/// <param name="passphrase">key for decryption.</param>
/// <returns></returns>
public override string DecryptString(string message, string passphrase)
{
byte[] results;
var utf8 = new UTF8Encoding();
using (var hashProvider = CryptographyUtils.CreateSHA512())
{
byte[] tdesKey = hashProvider.ComputeHash(utf8.GetBytes(passphrase));
byte[] trimmedBytes = new byte[24];
Buffer.BlockCopy(tdesKey, 0, trimmedBytes, 0, 24);
var tdesAlgorithm = new TripleDESCryptoServiceProvider
{
Key = trimmedBytes,
Mode = CipherMode.ECB,
Padding = PaddingMode.PKCS7,
};
byte[] dataToDecrypt = Convert.FromBase64String(message);
try
{
ICryptoTransform decryptor = tdesAlgorithm.CreateDecryptor();
results = decryptor.TransformFinalBlock(dataToDecrypt, 0, dataToDecrypt.Length);
}
finally
{
// Clear the TripleDes and Hashprovider services of any sensitive information
tdesAlgorithm.Clear();
hashProvider.Clear();
}
}
return(utf8.GetString(results));
}
