public static string GetDerivedPassword(string password1, string password2)
{
var rfc2898DeriveBytes = new Rfc2898DeriveBytes(password1, SALT, 1000);
var derivedBytes1 = rfc2898DeriveBytes.GetBytes(128);
rfc2898DeriveBytes = new Rfc2898DeriveBytes(password2, SALT2, 1000);
var derivedBytes2 = rfc2898DeriveBytes.GetBytes(128);
return(SHA256.GetSHA256HashAsHexString(derivedBytes1) + SHA256.GetSHA256HashAsHexString(derivedBytes2));
}
public void TestPasswordDerivates()
{
RandomNumberGenerator rng = RandomNumberGenerator.Create();
byte[] salt = new byte[32];
rng.GetBytes(salt);
string password = SHA256.GetSHA256HashAsHexString(GeneralConverters.StringToByteArray("MartinDahl"));
Rfc2898DeriveBytes pDeriveBytes = new Rfc2898DeriveBytes(password, salt, 1000);
Rfc2898DeriveBytes pDeriveBytes2 = new Rfc2898DeriveBytes(password, salt, 1000);
string a1 = GeneralConverters.ByteArrayToHexString(pDeriveBytes.GetBytes(16));
string a2 = GeneralConverters.ByteArrayToHexString(pDeriveBytes2.GetBytes(16));
Assert.IsTrue(a1 == a2, "Passwords derived was not correct");
}
