/// <summary>
/// Generates a cryptographic key from a password.
/// </summary>
/// <param name="password">The password.</param>
/// <param name="keySize">The cipher key size. 256-bit is stronger, but slower.</param>
/// <returns>The cryptographic key.</returns>
public static byte[] GenerateKey(string password, KeySize keySize) {
// Create a salt to help prevent rainbow table attacks
var salt = Hash.Pbkdf2(password, Hash.Sha512(password + password.Length), Settings.HashIterations);
// Generate a key from the password and salt
return Hash.Pbkdf2(password, salt, Settings.HashIterations, (int)keySize / 8);
}
/// <summary>
/// Generates a SHA-512 hash from the provided password, and derives two
/// 256-bit keys from the hash.
/// </summary>
/// <param name="password">The password to hash.</param>
/// <returns>A pair of 256-bit keys.</returns>
public static AeKeyRing Generate(string password)
{
// Generate 512-bit hash from password
var hash = Hash.Sha512(password);
// Split hash into two 256-bit keys
return(new AeKeyRing {
CipherKey = hash.Substring(0, KeyLength),
MacKey = Encoding.UTF8.GetBytes(hash.Substring(KeyLength, KeyLength))
});
}
