using System;

using System.Security.Cryptography;

using System.Linq;

using System.Collections.Generic;

using System.Text;

public class Program

{

    public static void Main()

    {

        var encodedPassword = SecurityHelper.EncodePassword("password", "{MD5}27hLPwlepgtEBGDuh9hxp1BA4X0w", MembershipPasswordFormat.Hashed);

        Console.WriteLine(encodedPassword);

    }

}

​

​

  /// <summary>Třída pro podporu ochrany hesel v konfiguraci.</summary>

  public static class SecurityHelper

  {

    /// <summary>Převede heslo na základě nastavených parametrů.</summary>

    /// <param name="enteredPassword">Vstupní heslo v otevřeném tvaru</param>

    /// <param name="passwordHashFromDb">Heslo načtené z DB v hashovaném tvaru</param>

    /// <param name="passwordFormat">Typ zabezpečení hesla</param>

    /// <returns>Zabezpečené heslo</returns>

    internal static string EncodePassword(

      string enteredPassword,

      string passwordHashFromDb,

      MembershipPasswordFormat passwordFormat)

    {

      string digestLabel = SecurityHelper.GetDigestLabel(passwordHashFromDb);

      if (passwordFormat == MembershipPasswordFormat.Clear || string.IsNullOrEmpty(digestLabel))

        return enteredPassword;

      if (passwordFormat != MembershipPasswordFormat.Hashed)

        throw new Exception("UnsuportedPasswordFormat");

      byte[] salt = SecurityHelper.GetSalt(SecurityHelper.GetPassword(passwordHashFromDb), digestLabel);

      return SecurityHelper.Crypt(enteredPassword, salt, digestLabel);

    }

​

    /// <summary>

    /// This method takes as input hash form of password as it is stored

    /// in the database and returns only the label of the message digest

    /// algorithm used to crypt the password (for example "MD5" or "SHA-1")

    /// If the label is not present in the string, the null is returned

    /// (this is for backward compatibility with entitlements original MD5)

    /// </summary>

    /// <param name="passwordHash">Hashed password</param>

    /// <returns>label of the message digest algorithm</returns>

    internal static string GetDigestLabel(string passwordHash)

    {

      int num1 = passwordHash.IndexOf('{');

      int num2 = passwordHash.IndexOf('}');

      return num1 != -1 || num2 != -1 ? passwordHash.Substring(num1 + 1, num2 - 1) : (string) null;

    }

​

    /// <summary>

    /// Crypt the plaintext password with the one way message digest algorithm. Random salt can be added to

    /// force the same passwords to look different in the database

    /// </summary>

    /// <param name="plaintext">plaintext input of password string</param>

    /// <param name="saltBytes">byte array of random salt to use to store the password</param>

    /// <param name="algorithm">message digest to use ("MD5", "SHA-1")</param>

    /// <returns>base64 encoded password hash with salt example "{SHA}qRfIqNPYO6aFiai6g1NgmczyfTEAiKr/"</returns>

    internal static string Crypt(string plaintext, byte[] saltBytes, string algorithm)

    {

      HashAlgorithm hashAlgorithm = SecurityHelper.GetHashAlgorithm(algorithm);

      byte[] bytes = Encoding.UTF8.GetBytes(plaintext);

      byte[] buffer = new byte[bytes.Length + saltBytes.Length];

      for (int index = 0; index < bytes.Length; ++index)

        buffer[index] = bytes[index];

      for (int index = 0; index < saltBytes.Length; ++index)

        buffer[bytes.Length + index] = saltBytes[index];

      byte[] hash = hashAlgorithm.ComputeHash(buffer);

      byte[] inArray = new byte[hash.Length + saltBytes.Length];

      for (int index = 0; index < hash.Length; ++index)

        inArray[index] = hash[index];

      for (int index = 0; index < saltBytes.Length; ++index)

        inArray[hash.Length + index] = saltBytes[index];

      string base64String = Convert.ToBase64String(inArray);

      return "{" + algorithm + "}" + base64String;

    }

​

    /// <summary>Return the salt part of the password hash</summary>

    /// <param name="passwordHash"></param>

    /// <param name="algorithm"></param>

    /// <returns></returns>

    internal static byte[] GetSalt(string passwordHash, string algorithm)

    {

      HashAlgorithm hashAlgorithm = SecurityHelper.GetHashAlgorithm(algorithm);

      byte[] numArray = Convert.FromBase64String(passwordHash);

      int num = hashAlgorithm.HashSize / 8;

      if (numArray.Length <= num)

        return (byte[]) null;

      byte[] salt = new byte[numArray.Length - num];

      for (int index = 0; index < salt.Length; ++index)

        salt[index] = numArray[num + index];

      return salt;

    }

​

    /// <summary>Vrátí objekt s hash algotitmem</summary>

    /// <param name="algorithmLabel">Název algoritmu</param>

    /// <returns>Objekt s hash algotitmem</returns>

    private static HashAlgorithm GetHashAlgorithm(string algorithmLabel)

    {

      switch (algorithmLabel)

      {

        case "MD5":

          return HashAlgorithm.Create("MD5");

        default:

          throw new CryptographicException("HashAlgorithm not found!");

      }

    }

​

    /// <summary>

    /// Return the password hash without the label of the message digest

    /// </summary>

    /// <param name="passwordHash"></param>

    /// <returns></returns>

    internal static string GetPassword(string passwordHash)

    {

      int num = passwordHash.IndexOf('}');

      return num != -1 ? passwordHash.Substring(num + 1) : passwordHash;

    }

  }

​

  public enum MembershipPasswordFormat

  {

    /// <summary>Passwords are not encrypted.</summary>

    Clear,

    /// <summary>Passwords are encrypted one-way using the SHA1 hashing algorithm.</summary>

    Hashed,

    /// <summary>Passwords are encrypted using the encryption settings determined by the machineKey Element (ASP.NET Settings Schema) element configuration.</summary>

    Encrypted,

  }

​

​