using System;

using System.Security.Cryptography;

public class Program

{

    private const string SALT = "{'$c),VFuXW}j&*U]d/8k^xvZ<M=zzB)s:)}WzesV6%w$Mg;\"7jS9qd5T&4FV=9B";

    private const string CHECKSUM_KEYWORD= "&checksum=";

    public static void Main()

    {

        var urlQueryString = "formId=1&productId=1&stepId=1";

        var securedUrl = CreateSecureUrl(urlQueryString);

        Console.WriteLine("SecuredUrl is: " + securedUrl);

        // Not valid Url, not step Id changed

        var validationUrl2 = "formId=1&productId=1&stepId=3&checksum=fea1788b96061394d57ca66b44fb22d40d820481";

        ValidateSecureUrl(securedUrl);

        ValidateSecureUrl(validationUrl2);

    }

    public static string CreateSecureUrl(string url)

    {

        return url + CHECKSUM_KEYWORD + CreateChecksum(url);

    }

    public static string CreateChecksum(string input)

    {

        byte[] buffer = System.Text.ASCIIEncoding.ASCII.GetBytes(input);

        using(var cryptoProvider = new SHA1CryptoServiceProvider()) 

        {

            string hash = String.Concat(Array.ConvertAll(cryptoProvider.ComputeHash(buffer), x => x.ToString("x2"))); 

            return hash;            

        }           

    }

    public static void ValidateSecureUrl(string url)

    {

        var urlWithoutChecksum = url.Substring(0, url.IndexOf(CHECKSUM_KEYWORD));

        var checksum = url.Substring(url.IndexOf(CHECKSUM_KEYWORD)+CHECKSUM_KEYWORD.Length);

        if(checksum == CreateChecksum(urlWithoutChecksum))

        {

            Console.WriteLine("This url is VALID!: " + url);

        }

        else

        {           

            Console.WriteLine("This url is NOT VALID!: " + url);            

        }

​

    }

}