public KeyDerivationParameters(KeyDerivationPrf derivationFunction, IterationCount iterationCount, SaltLength saltLength, KeyLength keyLength) { DerivationFunction = derivationFunction; IterationCount = iterationCount; SaltLength = saltLength; KeyLength = keyLength; }
private byte[] GenerateSaltBytes(SaltLength length = SaltLength.SaltLong) { var salt = length == SaltLength.SaltLong ? PasswordHash.ScryptGenerateSalt() : PasswordHash.ArgonGenerateSalt(); return(salt); }
/// <summary> /// GenerateSalt - Creating salt of hashing message /// </summary> /// <param name="length">Length of hash possible: SaltLong - 32, SaltShort - 16</param> /// <returns>Salt as string</returns> public string GenerateSalt(SaltLength length = SaltLength.SaltLong) { var salt = length == SaltLength.SaltLong ? PasswordHash.ScryptGenerateSalt() : PasswordHash.ArgonGenerateSalt(); return(salt.EncodeByteArray()); }
public void GenerateHashAndSalt_ThenCheckingOtherPassword_ReturnsFalse() { // Arrange var iterationCount = 10_000; var saltLength = 16; var keyLength = 64; var parameters = new KeyDerivationParameters(KeyDerivationPrf.HMACSHA512, IterationCount.From(iterationCount), SaltLength.From(saltLength), KeyLength.From(keyLength)); var rng = Substitute.For <ICryptoRng>(); rng.GetRandomBytes(Arg.Any <int>()).Returns(args => new byte[args.Arg <int>()]); var service = new PasswordService(parameters, rng); var password = PlaintextPassword.From("somePass"); var otherPass = PlaintextPassword.From("otherPass"); // Act var hash = service.GeneratePasswordHashAndSalt(password); var checkResult = service.CheckIfPasswordMatchesHash(otherPass, hash); // Assert Assert.IsFalse(checkResult); }
public void GenerateHashAndSalt_ReturnsHash_WithNumberOfBytesEqualToKeyLengthParameter() { // Arrange var iterationCount = 10_000; var saltLength = 16; var keyLength = 64; var parameters = new KeyDerivationParameters(KeyDerivationPrf.HMACSHA512, IterationCount.From(iterationCount), SaltLength.From(saltLength), KeyLength.From(keyLength)); var rng = Substitute.For <ICryptoRng>(); rng.GetRandomBytes(Arg.Any <int>()).Returns(args => new byte[args.Arg <int>()]); var service = new PasswordService(parameters, rng); // Act var hash = service.GeneratePasswordHashAndSalt(PlaintextPassword.From("somePassword")); // Assert Assert.AreEqual(keyLength, Convert.FromBase64String(hash.Base64PasswordHash.Value).Length); }