public static DataProtectionParams CreateParams(string password) { var salt = new byte[16]; using (var random = new RNGCryptoServiceProvider()) { random.GetBytes(salt); } var prms = new DataProtectionParams() { Salt = Convert.ToBase64String(salt) }; var pbkdf2 = new Rfc2898DeriveBytes( Encoding.UTF8.GetBytes(password), Convert.FromBase64String(prms.Salt), prms.IterationCount, new HashAlgorithmName(prms.HashAlgorithmName)); byte[] key = pbkdf2.GetBytes(KEY_LEN); var encrypted = CryptoHelper.Encrypt(Encoding.UTF8.GetBytes(MAGIC), key, out byte[] iv); var verificationCode = new byte[iv.Length + VERIFY_CODE_LEN]; Array.Copy(encrypted, 0, verificationCode, 0, VERIFY_CODE_LEN); Array.Copy(iv, 0, verificationCode, VERIFY_CODE_LEN, iv.Length); prms.VerificationCode = Convert.ToBase64String(verificationCode); return(prms); }
public DataProtectionKey(int keyId, DataProtectionParams prms) { KeyId = keyId; _prms = prms; }