/// <summary> /// Generates a cryptographic key from a password. /// </summary> /// <param name="password">The password.</param> /// <param name="keySize">The cipher key size. 256-bit is stronger, but slower.</param> /// <returns>The cryptographic key.</returns> public static byte[] GenerateKey(string password, KeySize keySize) { // Create a salt to help prevent rainbow table attacks var salt = Hash.Pbkdf2(password, Hash.Sha512(password + password.Length), Settings.HashIterations); // Generate a key from the password and salt return Hash.Pbkdf2(password, salt, Settings.HashIterations, (int)keySize / 8); }
/// <summary> /// Generates a SHA-512 hash from the provided password, and derives two /// 256-bit keys from the hash. /// </summary> /// <param name="password">The password to hash.</param> /// <returns>A pair of 256-bit keys.</returns> public static AeKeyRing Generate(string password) { // Generate 512-bit hash from password var hash = Hash.Sha512(password); // Split hash into two 256-bit keys return(new AeKeyRing { CipherKey = hash.Substring(0, KeyLength), MacKey = Encoding.UTF8.GetBytes(hash.Substring(KeyLength, KeyLength)) }); }