Class SecurityHelper

Namespace

CMS.Helpers

Assembly

CMS.Helpers.dll

Contains methods for ensuring security

public static class SecurityHelper

Inheritance

object

SecurityHelper

Methods

GetPBKDF2Hash(string)

Returns PBKDF2 hash for password. System.Security.Cryptography.Rfc2898DeriveBytes implements PBKDF2 with HMACSHA1 (hard coded in the class).

[Obsolete("Method is deprecated and will be use removed in next version. Use custom implementation instead.")]
public static string GetPBKDF2Hash(string password)

Parameters

password string

Password to be hashed.

Returns

string

Base64 encoded hash containing iteration count, salt and derived sub-key.

Remarks

Use this method for generating password hashes only. Because this method is by design CPU consuming it generally is not suitable for hashing arbitrary input data. The performance/security relation can be adjusted by modifying the CMS.Helpers.SecurityHelper.Pbkdf2IterationsCount property.

Exceptions

ArgumentNullException

Thrown when password is null.

GetSHA2Hash(string)

Returns SHA2 hash for input data.

public static string GetSHA2Hash(string inputData)

Parameters

inputData string

Data to by hashed.

Returns

string

VerifyPBKDF2Hash(string, string)

Returns true in case given password matches given PBKDF2 hash.

[Obsolete("Method is deprecated and will be use removed in next version. Use custom implementation instead.")]
public static bool VerifyPBKDF2Hash(string password, string hash)

Parameters

password string

Password to be hashed and compared with hash.

hash string

Hash to compare hashed password with.

Returns

bool

True for hashes generated using CMS.Helpers.SecurityHelper.GetPBKDF2Hash method (for given password).

Exceptions

ArgumentNullException

Thrown when password or hash are null.