https://msdn.microsoft.com/en-us/library/system.security.cryptography.hmacsha256(v=vs.110).aspx

Computes a Hash-based Message Authentication Code (HMAC) by using the SHA256 hash function.

Remarks

HMACSHA256 is a type of keyed hash algorithm that is constructed from the SHA-256 hash function and used as a Hash-based Message Authentication Code (HMAC).

The HMAC process mixes a secret key with the message data, hashes the result with the hash function, mixes that hash value with the secret key again, and then applies the hash function a second time.

The output hash is 256 bits in length.

An HMAC can be used to determine whether a message sent over an insecure channel has been tampered篡改 with, provided that the sender and receiver share a secret key.

The sender computes the hash value for the original data and sends both the original data and hash value as a single message.

The receiver recalculates the hash value on the received message and checks that the computed HMAC matches the transmitted HMAC.

Any change to the data or the hash value results in a mismatch, because knowledge of the secret key is required to change the message and reproduce the correct hash value.

Therefore, if the original and computed hash values match, the message is authenticated.

HMACSHA256 accepts keys of any size, and produces a hash sequence 256 bits in length.

=================================================

属性

Key,从父类继承的

Gets or sets the key to use in the hash algorithm.

public override byte[] Key { get; set; }

This property is the key for the keyed hash algorithm.

A Hash-based Message Authentication Code (HMAC) can be used to determine whether a message sent over an insecure channel has been tampered with, provided that the sender and receiver share a secret key.

The sender computes the hash value for the original data and sends both the original data and the HMAC as a single message.

The receiver recomputes the hash value on the received message and checks that the computed hash value matches the transmitted hash value.

HMAC can be used with any iterative cryptographic hash function, such as MD5 or SHA-1, in combination with a secret shared key.

The cryptographic strength of HMAC depends on the properties of the underlying hash function.

Any change to the data or the hash value results in a mismatch, because knowledge of the secret key is required to change the message and reproduce the correct hash value.

Therefore, if the original and computed hash values match, the message is authenticated.