Пример #1
0
        public static async Task KeyVault()
        {
            IKeyVault vault = new KeyVault();

            const string MY_KEY_NAME = "StephenHauntsKey";
            string       keyId       = await vault.CreateKeyAsync(MY_KEY_NAME);

            byte[] localKey = Random.GenerateRandomNumber(32);

            // Encrypt our local key with Key Vault and Store it in the database
            byte[] encryptedKey = await vault.EncryptAsync(keyId, localKey);


            // Get our encrypted key from the database and decrypt it with the Key Vault.
            byte[] decryptedKey = await vault.DecryptAsync(keyId, encryptedKey);

            // Hash our password with a PBKDF2
            string password = "******";

            byte[] salt           = Random.GenerateRandomNumber(32);
            byte[] hashedPassword = PBKDF2.HashPassword(Encoding.ASCII.GetBytes(password), salt, 20000);

            // Now do a HMAC of the password using the key that was decrypted from the Key Vault
            byte[] protectedPassword = Hmac.ComputeHmacsha256(hashedPassword, decryptedKey);

            Console.WriteLine("Hashed Password : "******"Protected Hashed Password : "******"Key Deleted : " + keyId);
        }
Пример #2
0
        public static async Task KeyVault()
        {
            IKeyVault vault = new KeyVault();

            const string MY_KEY_NAME      = "StephenHauntsKey";
            const string ITERATIONS_VALUE = "PBKDF2Iterations";

            var keyId = await vault.CreateKeyAsync(MY_KEY_NAME);

            // Encrypt our salt with Key Vault and Store it in the database
            var salt          = SecureRandom.GenerateRandomNumber(32);
            var encryptedSalt = await vault.EncryptAsync(keyId, salt);

            var iterationsId = await vault.SetSecretAsync(ITERATIONS_VALUE, "20000");



            // Get our encrypted salt from the database and decrypt it with the Key Vault.
            var decryptedSalt = await vault.DecryptAsync(keyId, encryptedSalt);

            var iterations = int.Parse(await vault.GetSecretAsync(ITERATIONS_VALUE));

            // Hash our password with a PBKDF2
            var password = "******";

            var hashedPassword = PBKDF2.HashPassword(Encoding.UTF8.GetBytes(password), decryptedSalt, iterations);

            Console.WriteLine("Hashed Password : "******"Key Deleted : " + keyId);
        }