Rfc2898DeriveBytes Constructor (String^, Int32)

 
System_CAPS_noteNote

The .NET API Reference documentation has a new home. Visit the .NET API Browser on docs.microsoft.com to see the new experience.

Initializes a new instance of the Rfc2898DeriveBytes class using the password and salt size to derive the key.

Namespace:   System.Security.Cryptography
Assembly:  mscorlib (in mscorlib.dll)

public:
Rfc2898DeriveBytes(
	String^ password,
	int saltSize
)

Parameters

password
Type: System::String^

The password used to derive the key.

saltSize
Type: System::Int32

The size of the random salt that you want the class to generate.

Exception Condition
ArgumentException

The specified salt size is smaller than 8 bytes.

ArgumentNullException

The password or salt is null.

The salt size must be 8 bytes or larger.

RFC 2898 includes methods for creating a key and initialization vector (IV) from a password and salt. You can use PBKDF2, a password-based key derivation function, to derive keys using a pseudo-random function that allows keys of virtually unlimited length to be generated. The Rfc2898DeriveBytes class can be used to produce a derived key from a base key and other parameters. In a password-based key derivation function, the base key is a password and the other parameters are a salt value and an iteration count.

For more information about PBKDF2, see RFC 2898, "PKCS #5: Password-Based Cryptography Specification Version 2.0," available on the Request for Comments Web site. See section 5.2, "PBKDF2," for complete details.

System_CAPS_security Security Note

Never hard-code a password within your source code. Hard-coded passwords can be retrieved from an assembly by using the Ildasm.exe (IL Disassembler), by using a hexadecimal editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

.NET Framework
Available since 2.0
Return to top
Show: