public static string ToPasswordHashString(PasswordData data)
{
var hashString = Convert.ToBase64String(data.Hash);
var saltString = Convert.ToBase64String(data.Salt);
var result = $"{hashString}:{saltString}:{data.IterationCount}";
return(result);
}
public static PasswordData CreatePasswordData(string text, int derivedKeyLength, int saltLength, int iterationCount)
{
if (text == null)
{
throw new ArgumentNullException(nameof(text));
}
var saltBytes = GetRandomSaltBytes(saltLength);
var passwordHashBytes = GetdPasswordHashBytes(text, derivedKeyLength, saltBytes, iterationCount);
var password = new PasswordData
{
Hash = passwordHashBytes,
Salt = saltBytes,
IterationCount = iterationCount
};
return(password);
}
public static bool ValidatePassword(string passwordText, PasswordData password)
{
if (passwordText == null)
{
throw new ArgumentNullException(nameof(passwordText));
}
if (password == null)
{
throw new ArgumentNullException(nameof(password));
}
var passwordTextHash = GetdPasswordHashBytes(
passwordText,
password.Hash.Length,
password.Salt,
password.IterationCount);
var result = ConstantTimeCompare(password.Hash, passwordTextHash);
return(result);
}
public static PasswordData FromPasswordHashString(string passwordHashString)
{
var tokens = passwordHashString.Split(':');
if (tokens.Length != 3)
{
throw new Exception("invalid password hash string, expected 3 tokens");
}
var hashString = tokens[0];
var hash = Convert.FromBase64String(hashString);
var saltString = tokens[1];
var salt = Convert.FromBase64String(saltString);
var iterationCount = int.Parse(tokens[2]);
var data = new PasswordData
{
Hash = hash,
Salt = salt,
IterationCount = iterationCount
};
return(data);
}
