The method below stores the password in two fields, a binary[16]
and a binary[64]
, respectively the salt and the password itself.
private byte[] CreateSalt()
{
var salt = new byte[16];
using (var provider = new System.Security.Cryptography.RNGCryptoServiceProvider())
{
provider.GetBytes(salt);
}
return salt;
}
public async void SalvarSenha(dynamic dto)
{
var temp = new System.Security.Cryptography.HMACSHA512() { Key = Encoding.UTF8.GetBytes(dto.Password) };
var salt = this.CreateSalt();
var password = Pbkdf2.ComputeDerivedKey(temp, salt, UInt16.MaxValue, temp.HashSize / 8);
}
To make the above code work, you need to add the following Nuget:
CryptSharp (Official Version)