Class SecurityHelper
A class that contains methods for managing secure data processing and cryptography.
Namespace: CapyKit.Helpers
Assembly: CapyKit.dll
Syntax
public class SecurityHelper
Methods
CompareHashedPassword(Password, string, byte[], IPasswordAlgorithm, params object[])
Compares an unencrypted password with a stored, encrypted existingPassword.
This method uses the specified algorithm to retrieve the hashed version
of the password and then compares it with the existingPassword.
Declaration
public static bool CompareHashedPassword(Password existingPassword, string password, byte[] salt, IPasswordAlgorithm algorithm, params object[] args)
Parameters
| Type | Name | Description |
|---|---|---|
| Password | existingPassword | The existing, encrypted password. |
| string | password | The unencrypted password to be compared. |
| byte[] | salt | The salt value used in password hashing. |
| IPasswordAlgorithm | algorithm | The password hashing algorithm. |
| object[] | args | Additional arguments required for constructing the password algorithm instance. |
Returns
| Type | Description |
|---|---|
| bool |
CompareHashedPassword<T>(Password, string, byte[], params object[])
Compares an unencrypted password with a stored, encrypted existingPassword.
This method uses the specified password algorithm type T to retrieve the hashed version
of the password and then compares it with the existingPassword.
Declaration
public static bool CompareHashedPassword<T>(Password existingPassword, string password, byte[] salt, params object[] args)
Parameters
| Type | Name | Description |
|---|---|---|
| Password | existingPassword | The existing, encrypted password. |
| string | password | The unencrypted password to be compared. |
| byte[] | salt | The salt value used in password hashing. |
| object[] | args | Additional arguments required for constructing the password algorithm instance. |
Returns
| Type | Description |
|---|---|
| bool |
Type Parameters
| Name | Description |
|---|---|
| T | The type of the password hashing algorithm. |
CompareSessionID(string, string)
Compares two session identifiers.
Declaration
public static bool CompareSessionID(string first, string second)
Parameters
| Type | Name | Description |
|---|---|---|
| string | first | The first session identifier. |
| string | second | The second session identifier. |
Returns
| Type | Description |
|---|---|
| bool |
GetPassword<T>(string, byte[], params object[])
Retrieves a Password object using the specified password, salt, and optional constructor arguments.
Declaration
public static Password GetPassword<T>(string password, byte[] salt, params object[] args) where T : IPasswordAlgorithm
Parameters
| Type | Name | Description |
|---|---|---|
| string | password | The plaintext password to be hashed. |
| byte[] | salt | A random value used as an additional input to the one-way function that hashes data, a password or passphrase. This is used to make each output different for the same input thus adding security. |
| object[] | args | Optional constructor arguments for the IPasswordAlgorithm implementation instance. |
Returns
| Type | Description |
|---|---|
| Password | A new Password object with the given password and salt, as well as an instance
of |
Type Parameters
| Name | Description |
|---|---|
| T | The type of IPasswordAlgorithm implementation to use. |
Remarks
This method uses reflection to find a constructor for the specified password algorithm type (T).
It emits an error event if a suitable constructor is not found or if there is an error invoking the constructor.
GetPassword<T>(string, params object[])
Retrieves a Password object using the specified password and generates a random salt value. Then it uses that salt to call the overloaded GetPassword<T>(string, byte[], params object[]) method with the given password and the generated salt as arguments.
Declaration
public static Password GetPassword<T>(string password, params object[] args)
Parameters
| Type | Name | Description |
|---|---|---|
| string | password | The plaintext password to be hashed. |
| object[] | args | Optional constructor arguments for the IPasswordAlgorithm implementation instance. |
Returns
| Type | Description |
|---|---|
| Password | A new Password object with the given password and a randomly generated salt, as well as an
instance of |
Type Parameters
| Name | Description |
|---|---|
| T | The type of IPasswordAlgorithm implementation to use. |
See Also
GetRandomPassword(int, params ValidCharacterCollection[])
Gets a cryptographically strong random password.
Declaration
public static string GetRandomPassword(int length, params ValidCharacterCollection[] validCharacters)
Parameters
| Type | Name | Description |
|---|---|---|
| int | length | The length of the password to generate. |
| ValidCharacterCollection[] | validCharacters | An array of ValidCharacterCollection enumeration values representing the desired character sets. |
Returns
| Type | Description |
|---|---|
| string | The password. |
GetRandomString(int)
A convenience method to generate a random string of the specified length using all character sets.
Declaration
public static string GetRandomString(int length)
Parameters
| Type | Name | Description |
|---|---|---|
| int | length | The desired length of the generated random string. |
Returns
| Type | Description |
|---|---|
| string |
See Also
GetRandomString(int, params ValidCharacterCollection[])
Gets a cryptographically strong random string using the character values found in VALID_CHARACTERS.
Declaration
public static string GetRandomString(int length, params ValidCharacterCollection[] validChars)
Parameters
| Type | Name | Description |
|---|---|---|
| int | length | The length of the string to create. |
| ValidCharacterCollection[] | validChars |
Returns
| Type | Description |
|---|---|
| string | The random string. |
GetSalt(int)
Generates a random byte array that can act as a salt.
Declaration
public static byte[] GetSalt(int length = 32)
Parameters
| Type | Name | Description |
|---|---|---|
| int | length | (Optional) The desired length of the generated byte array. |
Returns
| Type | Description |
|---|---|
| byte[] | An array of byte. |
Remarks
A default length of CapyKit.Helpers.SecurityHelper.SALT_SIZE is provided as a sane default. Larger values can be used for increased entropy.
Pbkdf2(string)
Generates a new Password object using the PBKDF2 algorithm with the provided password.
This overload of the method generates a random salt value for added security.
Declaration
public static Password Pbkdf2(string password)
Parameters
| Type | Name | Description |
|---|---|---|
| string | password | The clear text password to be hashed. |
Returns
| Type | Description |
|---|---|
| Password | A new Password object containing the hashed password and a randomly generated salt. |
Remarks
This method uses the PBKDF2 (Password-Based Key Derivation Function 2) algorithm to generate a new password hash. The algorithm iteratively applies a pseudorandom function to the password and salt, which increases the security of the resulting hash. In this overload, a random salt value is generated using GetRandomBytes(int) method.
Pbkdf2(string, byte[])
Generates a new Password object using the PBKDF2 algorithm with the provided password
and salt.
Declaration
public static Password Pbkdf2(string password, byte[] salt)
Parameters
| Type | Name | Description |
|---|---|---|
| string | password | The clear text password to be hashed. |
| byte[] | salt | A random value used to add an additional layer of security to the generated hash. |
Returns
| Type | Description |
|---|---|
| Password | A new Password object containing the hashed password and salt. |
Remarks
This method uses the PBKDF2 (Password-Based Key Derivation Function 2) algorithm to generate a new password hash. The algorithm iteratively applies a pseudorandom function to the password and salt, which increases the security of the resulting hash.