public (string hash, string salt) HashPassword(string password, HashingPolicy policy) { var salt = new byte[policy.SaltLength]; policy.Rng.GetBytes(salt); var saltString = Convert.ToBase64String(salt); var hash = Hash(password, saltString, policy); return(hash, saltString); }
private string Hash(string password, string salt, HashingPolicy policy) { var saltBytes = Convert.FromBase64String(salt); return(Convert.ToBase64String(KeyDerivation.Pbkdf2( password: password, salt: saltBytes, prf: policy.Prf, iterationCount: policy.IterCount, numBytesRequested: policy.NumBytesRequested ))); }
public bool IsPasswordValid(string password, string hash, string salt, HashingPolicy policy) { var hashedPass = Hash(password, salt, policy); return(hashedPass.Equals(hash)); }