My too-simple-to-be-true PBKDF2 one-way encryption and password checking
Configurables: the iteration count, salt size, and hash size lengths are hard-coded....
PBKDF2.cs
public static string Hash(string password)
{
using (var deriveBytes = new Rfc2898DeriveBytes(password, 16, 1000))
{
return Convert.ToBase64String(new byte[1].Concat(deriveBytes.Salt).Concat(deriveBytes.GetBytes(32)).ToArray());
}
}
public static bool CheckHash(string hashBase64, string password)
{
var hash = Convert.FromBase64String(hashBase64);
using (var deriveBytes = new Rfc2898DeriveBytes(password, hash.Skip(1).Take(16).ToArray(), 1000))
{
return hash.Skip(1).Skip(16).Take(32).SequenceEqual(deriveBytes.GetBytes(32));
}
}