How to generate a hash with a secret key
I am going to share something that we needed recently and
I understand it is pretty useful in many scenarios.
Scenario:
To generate a hash using a secret key
so as to add a new level of security, avoiding that
someone gets into the middle and tamper the information
being sent by regenerating the same hash again.
This is what is known as MAC (Message
Authentication Code). In essence, the result is an
encrypted hash.
Method
There are several mechanisms to generate this (HMACMD5 ,
HMACSHA1, etc.). Currently, Microsoft is recommending the
use of SHA256, hence, I chose HMACSHA256.
Code
Here I am sharing the relevant parts of the code that
allows doing this:
using
System.Security.Cryptography;
…
public
string GetMACHash(string
textToHash)
{
// secret key shared by sender
and receiver.
byte[] secretkey =
new
Byte[64];
string key =
null;
string result =
null;
//get secret key
key =
"MySecretKey";
//esto podemos invocar a un metodo que traiga este
valor de la registry por ejemplo
secretkey = System.Text.UTF8Encoding.UTF8.GetBytes(key);
// Initialize the keyed hash object.
HMACSHA256
myhmacsha256 = new
HMACSHA256(secretkey);
// Compute the hash of the text.
byte[] bytedText =
System.Text.UTF8Encoding.UTF8.GetBytes(textToHash);
byte[] hashValue =
myhmacsha256.ComputeHash(bytedText);
//Base-64 Encode the results and strip off ending '==',
if it exists
result =
Convert.ToBase64String(hashValue).TrimEnd("=".ToCharArray());
//set response
return result;
}
References
Here is a good article that talks about
MACs.
http://dotnetslackers.com/articles/security/Hashing_MACs_and_Digital_Signatures_in_NET.aspx
Here is the information about HMACSHA256 class
http://msdn.microsoft.com/en-us/library/system.security.cryptography.hmacsha256.aspx