C# Class App.Security.PasswordHash

An utility class for salted password hashing with PBKDF2-SHA1

Show file Open project: kriasoft/site-sdk

Public Methods

Method	Description
Create ( string password ) : PasswordHash	Creates a salted PBKDF2 hash of the password.
Validate ( string password, byte hash, byte salt ) : bool	Validates a password against given hash and salt.

Private Methods

Method	Description
Equals ( byte a, byte b ) : bool	Compares two byte arrays in length-constant time. This comparison method is used so that password hashes cannot be extracted from on-line systems using a timing attack and then attacked off-line.
PBKDF2 ( string password, byte salt, int iterations, int outputBytes ) : byte[]	Computes the PBKDF2-SHA1 hash of a password.
PasswordHash ( byte hash, byte salt ) : System.Security.Cryptography	Initializes a new instance of the PasswordHash class.

Method Details

Create() public static method

Creates a salted PBKDF2 hash of the password.

public static Create ( string password ) : PasswordHash
password	string	The password to hash.
return	PasswordHash

Validate() public static method

Validates a password against given hash and salt.

public static Validate ( string password, byte hash, byte salt ) : bool
password	string	The password to check.
hash	byte	A hash of the correct password.
salt	byte	A salt of the correct password.
return	bool