public static async Task KeyVault()
{
IKeyVault vault = new KeyVault();
const string MY_KEY_NAME = "StephenHauntsKey";
string keyId = await vault.CreateKeyAsync(MY_KEY_NAME);
byte[] localKey = Random.GenerateRandomNumber(32);
// Encrypt our local key with Key Vault and Store it in the database
byte[] encryptedKey = await vault.EncryptAsync(keyId, localKey);
// Get our encrypted key from the database and decrypt it with the Key Vault.
byte[] decryptedKey = await vault.DecryptAsync(keyId, encryptedKey);
// Hash our password with a PBKDF2
string password = "******";
byte[] salt = Random.GenerateRandomNumber(32);
byte[] hashedPassword = PBKDF2.HashPassword(Encoding.ASCII.GetBytes(password), salt, 20000);
// Now do a HMAC of the password using the key that was decrypted from the Key Vault
byte[] protectedPassword = Hmac.ComputeHmacsha256(hashedPassword, decryptedKey);
Console.WriteLine("Hashed Password : "******"Protected Hashed Password : "******"Key Deleted : " + keyId);
}
public static async Task KeyVault()
{
IKeyVault vault = new KeyVault();
const string MY_KEY_NAME = "StephenHauntsKey";
const string ITERATIONS_VALUE = "PBKDF2Iterations";
var keyId = await vault.CreateKeyAsync(MY_KEY_NAME);
// Encrypt our salt with Key Vault and Store it in the database
var salt = SecureRandom.GenerateRandomNumber(32);
var encryptedSalt = await vault.EncryptAsync(keyId, salt);
var iterationsId = await vault.SetSecretAsync(ITERATIONS_VALUE, "20000");
// Get our encrypted salt from the database and decrypt it with the Key Vault.
var decryptedSalt = await vault.DecryptAsync(keyId, encryptedSalt);
var iterations = int.Parse(await vault.GetSecretAsync(ITERATIONS_VALUE));
// Hash our password with a PBKDF2
var password = "******";
var hashedPassword = PBKDF2.HashPassword(Encoding.UTF8.GetBytes(password), decryptedSalt, iterations);
Console.WriteLine("Hashed Password : "******"Key Deleted : " + keyId);
}