| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768 |
- using System;
- using System.Security.Cryptography;
- namespace Quadarax.Foundation.Core.Business.Security
- {
- public static class PasswordHelper
- {
- public static string HashPassword(string password)
- {
- byte[] salt;
- byte[] buffer2;
- if (password == null)
- {
- throw new ArgumentNullException("password");
- }
- using (var bytes = new Rfc2898DeriveBytes(password, 0x10, 0x3e8, HashAlgorithmName.SHA256))
- {
- salt = bytes.Salt;
- buffer2 = bytes.GetBytes(0x20);
- }
- byte[] dst = new byte[0x31];
- Buffer.BlockCopy(salt, 0, dst, 1, 0x10);
- Buffer.BlockCopy(buffer2, 0, dst, 0x11, 0x20);
- return Convert.ToBase64String(dst);
- }
- public static bool VerifyHashedPassword(string hashedPassword, string password)
- {
- byte[] buffer4;
- if (hashedPassword == null)
- {
- return false;
- }
- if (password == null)
- {
- throw new ArgumentNullException("password");
- }
- byte[] src = Convert.FromBase64String(hashedPassword);
- if ((src.Length != 0x31) || (src[0] != 0))
- {
- return false;
- }
- byte[] dst = new byte[0x10];
- Buffer.BlockCopy(src, 1, dst, 0, 0x10);
- byte[] buffer3 = new byte[0x20];
- Buffer.BlockCopy(src, 0x11, buffer3, 0, 0x20);
- using (var bytes = new Rfc2898DeriveBytes(password, dst, 0x3e8, HashAlgorithmName.SHA256))
- {
- buffer4 = bytes.GetBytes(0x20);
- }
- return ByteArraysEqual(buffer3, buffer4);
- }
- private static bool ByteArraysEqual(byte[] b1, byte[] b2)
- {
- if (b1 == b2) return true;
- if (b1 == null || b2 == null) return false;
- if (b1.Length != b2.Length) return false;
- for (int i = 0; i < b1.Length; i++)
- {
- if (b1[i] != b2[i]) return false;
- }
- return true;
- }
- }
- }
|