PBKDF2HashService

_{Namespace: ASPSecurityKit
Assembly: ASPSecurityKit.dll}

Summary

Implements IHashService using Salted password hashing with PBKDF2-SHA1 algorithm.

Remarks

The password hash format is [iterations]:[salt]:[passwordHash]

Constructors

#ctor(securitySettings)

Summary

Initializes a new instance of the PBKDF2HashService class.

Parameters

Name	Type	Description
securitySettings	ASPSecurityKit.ISecuritySettings	The security settings.

Methods

CreateHash(password)

Summary

Creates a salted PBKDF2 hash of the password.

Returns

A hash of the password with values for salt and iterations included.

Parameters

Name	Type	Description
password	System.String	The password to hash.

ValidatePassword(password,goodHash)

Summary

Validates whether the specified password is the same as the one the given hash represents.

Returns

true if the specified password is the same as the one the given hash represents; otherwise, false.

Parameters

Name	Type	Description
password	System.String	The password to validate.
goodHash	System.String	A hash of the password to compare with.

Exceptions

Type	Description
System.ArgumentException	When goodHash isn’t in a valid format required by the hashing algorithm.

SlowEquals(a,b)

Summary

Compares two byte arrays in length-constant time. This comparison method is used so that password hashes cannot be extracted from on-line systems using a timing attack and then attacked off-line.

Returns

True if both byte arrays are equal. False otherwise.

Parameters

Name	Type	Description
a	System.Byte[]	The first byte array.
b	System.Byte[]	The second byte array.

PBKDF2(password,salt,iterations,outputBytes)

Summary

Computes the PBKDF2-SHA1 hash of a password.

Returns

A hash of the password.

Parameters

Name	Type	Description
password	System.String	The password to hash.
salt	System.Byte[]	The salt.
iterations	System.Int32	The PBKDF2 iteration count.
outputBytes	System.Int32	The length of the hash to generate, in bytes.