using System;

using System.Security.Cryptography;

using System.Text;

​

class Program

{

    static void Main(string[] args)

    {

        // Contoh data

        string password = "Password123";

        string salt = GenerateSalt(); // Salt dalam Base64

​

        // Hash password saat registrasi

        string hashedPassword = HashWithSalt(password, salt);

        Console.WriteLine($"Salt: {salt}");

        Console.WriteLine($"Password: {password}");

        Console.WriteLine($"Hashed Password: {hashedPassword}");

​

        // Verifikasi password

        string inputPassword = "Password123"; // Simulasi password yang dimasukkan pengguna

        bool isVerified = VerifyPassword(inputPassword, salt, hashedPassword);

        Console.WriteLine($"Password Verified: {isVerified}");

    }

    public static string GenerateSalt(int size = 16)

    {

        // Membuat salt acak

        var saltBytes = new byte[size];

        using (var rng = new RNGCryptoServiceProvider())

        {

            rng.GetBytes(saltBytes);

        }

        return Convert.ToBase64String(saltBytes);

    }

​

    public static string HashWithSalt(string input, string saltBase64)

    {

        // Decode salt dari Base64

        byte[] saltBytes = Convert.FromBase64String(saltBase64);

​

        // Gabungkan password dengan salt

        byte[] passwordBytes = Encoding.UTF8.GetBytes(input);

        byte[] combinedBytes = new byte[passwordBytes.Length + saltBytes.Length];

        Buffer.BlockCopy(passwordBytes, 0, combinedBytes, 0, passwordBytes.Length);

        Buffer.BlockCopy(saltBytes, 0, combinedBytes, passwordBytes.Length, saltBytes.Length);

​

        // Hash dengan SHA-256

        using (SHA256 sha256 = SHA256.Create())

        {

            byte[] hashBytes = sha256.ComputeHash(combinedBytes);

            return BitConverter.ToString(hashBytes).Replace("-", "").ToLower();

        }

    }

​

    public static bool VerifyPassword(string inputPassword, string saltBase64, string storedHashedPassword)

    {

        // Hash password yang dimasukkan pengguna dengan salt yang sama

        string computedHash = HashWithSalt(inputPassword, saltBase64);

​

        // Bandingkan hasil hash dengan hash yang tersimpan

        return storedHashedPassword == computedHash;

    }

}

​