amadzarak
38 lines
1.1 KiB
C#
38 lines
1.1 KiB
C#
using System.Security.Cryptography;
|
|
using System.Text;
|
|
|
|
namespace Clarity.Server.Data;
|
|
|
|
public static class BlindIndexHelper
|
|
{
|
|
// In a real environment, this "Pepper" comes from your TenantKeyProvider or Vault!
|
|
// It must NEVER change once records are written, or searches will break.
|
|
public static string Compute(string? input, byte[] staticPepper)
|
|
{
|
|
if (string.IsNullOrWhiteSpace(input)) return string.Empty;
|
|
|
|
// 1. Normalize (Remove dashes, spaces, make uppercase)
|
|
var normalized = input.Replace("-", "").Replace(" ", "").ToUpperInvariant();
|
|
|
|
// 2. Hash using HMAC-SHA256 and the static Pepper
|
|
using var hmac = new HMACSHA256(staticPepper);
|
|
var hashBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(normalized));
|
|
|
|
// 3. Return Base64 for database storage
|
|
return Convert.ToBase64String(hashBytes);
|
|
}
|
|
}
|
|
|
|
[AttributeUsage(AttributeTargets.Property)]
|
|
public class BlindIndexedAttribute : Attribute
|
|
{
|
|
public string TargetPropertyName { get; }
|
|
|
|
public BlindIndexedAttribute(string targetPropertyName)
|
|
{
|
|
TargetPropertyName = targetPropertyName;
|
|
}
|
|
}
|
|
|
|
|