public static string GetDerivedPassword(string password1, string password2) { var rfc2898DeriveBytes = new Rfc2898DeriveBytes(password1, SALT, 1000); var derivedBytes1 = rfc2898DeriveBytes.GetBytes(128); rfc2898DeriveBytes = new Rfc2898DeriveBytes(password2, SALT2, 1000); var derivedBytes2 = rfc2898DeriveBytes.GetBytes(128); return(SHA256.GetSHA256HashAsHexString(derivedBytes1) + SHA256.GetSHA256HashAsHexString(derivedBytes2)); }
public void TestPasswordDerivates() { RandomNumberGenerator rng = RandomNumberGenerator.Create(); byte[] salt = new byte[32]; rng.GetBytes(salt); string password = SHA256.GetSHA256HashAsHexString(GeneralConverters.StringToByteArray("MartinDahl")); Rfc2898DeriveBytes pDeriveBytes = new Rfc2898DeriveBytes(password, salt, 1000); Rfc2898DeriveBytes pDeriveBytes2 = new Rfc2898DeriveBytes(password, salt, 1000); string a1 = GeneralConverters.ByteArrayToHexString(pDeriveBytes.GetBytes(16)); string a2 = GeneralConverters.ByteArrayToHexString(pDeriveBytes2.GetBytes(16)); Assert.IsTrue(a1 == a2, "Passwords derived was not correct"); }