public byte[] HashPassword(string password, ISecureRandomGenerator secureRandomGenerator)
{
var passwordBytes = Encoding.UTF8.GetBytes(password);
var salt = secureRandomGenerator.GenerateBytes(32);
var iv = secureRandomGenerator.GenerateBytes(16);
var cipher = Aes.Create();
cipher.KeySize = 256;
cipher.Padding = PaddingMode.PKCS7;
cipher.Mode = CipherMode.CBC;
cipher.Key = salt;
cipher.IV = iv;
var encryptor = cipher.CreateEncryptor();
var subKey = encryptor.TransformFinalBlock(passwordBytes, 0, passwordBytes.Length);
var outputBytes = new byte[9 + salt.Length + iv.Length + subKey.Length];
outputBytes[0] = FormatMarkers.Aes256;
BufferUtil.WriteNetworkByteOrder(outputBytes, 1, (uint)cipher.Padding);
BufferUtil.WriteNetworkByteOrder(outputBytes, 5, (uint)cipher.Mode);
BufferUtil.BlockFill(salt, outputBytes, 9);
BufferUtil.BlockFill(iv, outputBytes, 9 + salt.Length);
BufferUtil.BlockFill(subKey, outputBytes, 9 + salt.Length + iv.Length);
return(outputBytes);
}
private static byte[] HashPasswordByPkbdf2(string password, ISecureRandomGenerator secureRandomGenerator, KeyDerivationPrf keyDerivationPrf, int iterCount, uint saltSize, int numBytesRequested)
{
var salt = secureRandomGenerator.GenerateBytes(saltSize);
var subkey = KeyDerivation.Pbkdf2(password, salt, keyDerivationPrf, iterCount, numBytesRequested);
var outputBytes = new byte[13 + salt.Length + subkey.Length];
outputBytes[0] = FormatMarkers.Pbkdf2; // format marker
BufferUtil.WriteNetworkByteOrder(outputBytes, 1, (uint)keyDerivationPrf);
BufferUtil.WriteNetworkByteOrder(outputBytes, 5, (uint)iterCount);
BufferUtil.WriteNetworkByteOrder(outputBytes, 9, (uint)saltSize);
Buffer.BlockCopy(salt, 0, outputBytes, 13, salt.Length);
Buffer.BlockCopy(subkey, 0, outputBytes, 13 + (int)saltSize, subkey.Length);
return(outputBytes);
}