private (string passwordToken, PasswordSalts passwordSalts, PasswordBasedBackup passwordBasedBackup) GeneratePasswordToken(string password, byte[] seed)
{
var passwordSalt = Scrypt.GenerateSalt();
var passwordHash = Scrypt.Hash(password, passwordSalt);
//var passwordHkdfKey = crypto.hkdf.importHkdfKeyFromString(passwordHash)
var passwordTokenSalt = Hkdf.GenerateSalt();
var passwordToken = Hkdf.GetPasswordToken(/*passwordHkdfKey*/ passwordHash, passwordTokenSalt);
var passwordBasedEncryptionKeySalt = Hkdf.GenerateSalt();
var passwordBasedEncryptionKey = AesGcmUtils.GetPasswordBasedEncryptionKey(passwordHash, passwordBasedEncryptionKeySalt);
var passwordEncryptedSeed = AesGcmUtils.Encrypt(passwordBasedEncryptionKey, seed);
var passwordSalts = new PasswordSalts
{
PasswordSalt = Convert.ToBase64String(passwordSalt),
PasswordTokenSalt = Convert.ToBase64String(passwordTokenSalt),
};
var passwordBasedBackup = new PasswordBasedBackup
{
PasswordBasedEncryptionKeySalt = Convert.ToBase64String(passwordBasedEncryptionKeySalt),
PasswordEncryptedSeed = Convert.ToBase64String(passwordEncryptedSeed),
};
return(passwordToken, passwordSalts, passwordBasedBackup);
}
