/// <summary> /// Takes a password and returns the password hashed and with the salt and iteration count in a PasswordHashModel. /// </summary> /// <param name="password"></param> /// <returns></returns> public static PasswordHashModel HashAndSalt(string password) { // generate a 128-bit salt using a secure PRNG byte[] salt = new byte[16]; using (RandomNumberGenerator rng = RandomNumberGenerator.Create()) { rng.GetBytes(salt); } // derive a 256-bit subkey (use HMACSHA512 with a certain number of iterations) // note: I swithced to HMACSHA512 from the docs code because a bigger number seems better byte[] hashed = KeyDerivation.Pbkdf2( password: password, salt: salt, prf: KeyDerivationPrf.HMACSHA512, iterationCount: Iterations, numBytesRequested: 32); PasswordHashModel output = new PasswordHashModel { IterationsOnHash = Iterations, Salt = salt, PasswordHash = hashed }; return(output); }
public static (bool, bool iterationsNeedsUpgrade) PasswordEqualsHash(string password, PasswordHashModel passwordHashModel) { return(PasswordEqualsHash(password, passwordHashModel.PasswordHash, passwordHashModel.Salt, passwordHashModel.IterationsOnHash)); }