private (string passwordToken, PasswordSalts passwordSalts, PasswordBasedBackup passwordBasedBackup) GeneratePasswordToken(string password, byte[] seed) { var passwordSalt = Scrypt.GenerateSalt(); var passwordHash = Scrypt.Hash(password, passwordSalt); //var passwordHkdfKey = crypto.hkdf.importHkdfKeyFromString(passwordHash) var passwordTokenSalt = Hkdf.GenerateSalt(); var passwordToken = Hkdf.GetPasswordToken(/*passwordHkdfKey*/ passwordHash, passwordTokenSalt); var passwordBasedEncryptionKeySalt = Hkdf.GenerateSalt(); var passwordBasedEncryptionKey = AesGcmUtils.GetPasswordBasedEncryptionKey(passwordHash, passwordBasedEncryptionKeySalt); var passwordEncryptedSeed = AesGcmUtils.Encrypt(passwordBasedEncryptionKey, seed); var passwordSalts = new PasswordSalts { PasswordSalt = Convert.ToBase64String(passwordSalt), PasswordTokenSalt = Convert.ToBase64String(passwordTokenSalt), }; var passwordBasedBackup = new PasswordBasedBackup { PasswordBasedEncryptionKeySalt = Convert.ToBase64String(passwordBasedEncryptionKeySalt), PasswordEncryptedSeed = Convert.ToBase64String(passwordEncryptedSeed), }; return(passwordToken, passwordSalts, passwordBasedBackup); }