I have been using HMAC-SHA256 to encrypt Userdata(username and password),in my console client.When i pass the token generated from encryption to the serverside it must decrypt the token to validate.
For test purpose i am trying encryption as well as decryption in same class in console application.Can someone Help me out how to decrypt the token generated by encrypt method?
Console.WriteLine("Enter Username:");
string username = Console.ReadLine();
Console.WriteLine("Enter Password:");
string password = Console.ReadLine();
string data = string.Join(",", username, password);
string hmactoken = HMACSHA256Class.Encrypt(username, password,data);
public class HMACSHA256Class
{
static string hashLeft = "";
static string hashRight = "";
public static string Encrypt(string uname,string password,string data)
{
using (HMAC hmac = HMACSHA256.Create(_alg))
{
hmac.Key = Encoding.UTF8.GetBytes(GetHashedPassword(password));
hmac.ComputeHash(Encoding.UTF8.GetBytes(data));
hashLeft = Convert.ToBase64String(hmac.Hash);
hashRight = uname;
string hash = string.Join(",", hashLeft, hashRight);
return Convert.ToBase64String(Encoding.UTF8.GetBytes(hash));
}
}
}
public static string GetHashedPassword(string password)
{
string key = string.Join(",", new string[] { password, _salt });
using (HMAC hmac = HMACSHA256.Create(_alg))
{
hmac.Key = Encoding.UTF8.GetBytes(_salt);
hmac.ComputeHash(Encoding.UTF8.GetBytes(key));
return Convert.ToBase64String(hmac.Hash);
}
}
It will be a great help for me if anyone can resolve this
What I have tried:
I tried the building following code,I have went half way to decrypt the token.
public static string Decrypt(string token)
{
string hash = Encoding.UTF8.GetString(Convert.FromBase64String(token));
string[] parts = hash.Split(new char[] { ',' });
string a = "null";
if (parts.Length == 2)
{
string hashLeft = parts[1];
string hashRight = parts[0];
GetPassword(hashRight);
}
return a;
}
}
public static string GetPassword(string hashedpwd)
{
byte[] b = Encoding.UTF8.GetBytes(hashedpwd);
string key = Convert.ToBase64String(b);
return "sa";
}