Hash Provider Configuration
You need a hash provider in order to calculate the hash value of some given data. This approach is often used for safely storing passwords in a data store: the application calculates the hash value of the provided password and stores this hash value in the database. When the user enters his password again, the system calculates the hash value of the current password and compares it to the stored hash value. When both hash values match, the user entered the correct password. Otherwise, he entered a wrong password.
The only disadvantage of this solution is that you can't recreate the password from the hash value stored in the database. So, for example, you can't email the password to the user when he forgets it. Table 2 lists the two hash providers available in the Cryptography Application Block.
|Custom Hash Provider
||This provider enables you to implement your own hash provider with your own underlying algorithm.
||This provider uses a hash provider provided by the Cryptography Application Block.
|Table 2. Hash Providers Available in Cryptography Application Block|
When you use the HashAlgorithmProvider you can use the following hash algorithms:
- HMACSHA1 Hash-based Message Authentication Code (HMAC) using the SHA1 hash algorithm
- MACTripleDES Message Authentication Code (MAC) using the Triple DES hash algorithm
- MD5CryptoServiceProvider The MD5 hash algorithm CSP
- SHA1CryptoServiceProvider The SHA1 hash algorithm CSP
- SHA1Managed The SHA1 hash algorithm CSP for input data using the managed library
- SHA256Managed The SHA246 hash algorithm CSP for input data using the managed library
- SHA384Managed The SHA384 hash algorithm CSP for input data using the managed library
- SHA512Managed The SHA512 hash algorithm CSP for input data using the managed library
You must also give the hash providers a unique name, as you do with the symmetric providers described previously.