Class SiteSecurity

Helper class to create secure hashes over custom data using the site secret

Inheritance
System.Object
SiteSecurity
Implements
Inherited Members
System.Object.ToString()
System.Object.Equals(System.Object)
System.Object.Equals(System.Object, System.Object)
System.Object.ReferenceEquals(System.Object, System.Object)
System.Object.GetHashCode()
System.Object.GetType()
System.Object.MemberwiseClone()
Namespace: EPiServer.Security
Assembly: EPiServer.Cms.AspNet.dll
Version: 11.20.7
Syntax
public class SiteSecurity : IHashHandler

Constructors

SiteSecurity()

Declaration
public SiteSecurity()

Properties

SiteSecret

The site secret which is highly sensitive information

Declaration
public static byte[] SiteSecret { get; }
Property Value
Type Description
System.Byte[]
Remarks

Only use this value for cryptograhpic functions. This method is cached.

Methods

ForEachSiteSecret(SiteSecurity.SiteSecretDelegate)

Iterate over all site secrets that are stored in the database

Declaration
public static void ForEachSiteSecret(SiteSecurity.SiteSecretDelegate handleSiteSecret)
Parameters
Type Name Description
SiteSecurity.SiteSecretDelegate handleSiteSecret

A delegate to you handler which will be called for every site secret that has been stored. This method is not cached.

GenerateHash(Byte[])

Generate a SHA256 hash based on the input using the site secret

Declaration
public static byte[] GenerateHash(byte[] input)
Parameters
Type Name Description
System.Byte[] input

The data that should be signed

Returns
Type Description
System.Byte[]

A 256 bit array (32 bytes)

GenerateStringHash(Byte[])

Generate a SHA256 hash based on the input using the site secret

Declaration
public static string GenerateStringHash(byte[] input)
Parameters
Type Name Description
System.Byte[] input

The data that should be signed

Returns
Type Description
System.String

A 256 bit array (32 bytes)

VerifyHash(Byte[], Byte[])

Verify a SHA256 hash based on the input using the site secret

Declaration
public static bool VerifyHash(byte[] input, byte[] hash)
Parameters
Type Name Description
System.Byte[] input

The data that should be verified

System.Byte[] hash

The hash to compare with.

Returns
Type Description
System.Boolean

True if the hash is valid

VerifyHash(Byte[], String)

Verify a SHA256 hash based on the input using the site secret

Declaration
public static bool VerifyHash(byte[] input, string hash)
Parameters
Type Name Description
System.Byte[] input

The data that should be verified

System.String hash

The hash to compare with.

Returns
Type Description
System.Boolean

True if the hash is valid

Explicit Interface Implementations

IHashHandler.GenerateStringHash(Byte[])

Declaration
string IHashHandler.GenerateStringHash(byte[] input)
Parameters
Type Name Description
System.Byte[] input
Returns
Type Description
System.String

IHashHandler.VerifyHash(Byte[], String)

Declaration
bool IHashHandler.VerifyHash(byte[] input, string hash)
Parameters
Type Name Description
System.Byte[] input
System.String hash
Returns
Type Description
System.Boolean

Implements

Extension Methods