Reputation: 1010
How does the Enterprise Library's CryptographyManager.CompareHash method work?
I've been wondering how the CryptographyManager is able to compare a salted hash with the plain text. It has to save the salt for each hash somewhere, right? Has anyone any insight on this?
Upvotes: 2
Views: 395
Answers (2)
Reputation: 1010
So I checked out the source code and it is actually quite trivial: The salt is prepended to the actual hash value. When the hash is compared to a plaintext the salt is extracted and used to hash the plaintext. These two hash values (= salt + hash) are then compared.
Upvotes: 1
Reputation: 4107
We ship source code. Take a look at CryptographyManagerImpl.cs in the Cryptography solution. Also, you may want to review our unit tests - the ones that start with HashProvider should give you additional insight.
Upvotes: 1
Related Questions
- How does HashSet compare elements for equality?
- What's the role of GetHashCode in the IEqualityComparer<T> in .NET?
- How do I compare two hashes using SHA256Managed?
- What is the salt in Enterprise Library HashProvider ? (SaltEnabled key)
- Hashcode & equals implementation
- Does the CompareTo() method use GetHashCode()?
- How is the Equals, GetHashCode, and Compare called from the following code? (Mystery)
- Definition of GetHashCode() in C#
- How does Hash’s compare_by_identity work?
- GetHashCode for comparison and equality