public static bool ValidatePassword(HashedPassword password, string request) { using (var hmac = new HMACSHA512(password.Salt)) { var hash = hmac.ComputeHash(_enc.GetBytes(request)); return(hash.SequenceEqual(password.Password)); } }
public static HashedPassword HashPassword(string password) { var result = new HashedPassword { Salt = new byte[64] }; using (var rng = new RNGCryptoServiceProvider()) { rng.GetNonZeroBytes(result.Salt); } using (var hmac = new HMACSHA512(result.Salt)) { result.Password = hmac.ComputeHash(_enc.GetBytes(password)); } return(result); }