Export (0) Print
Expand All

PasswordDeriveBytes Constructor (Byte[], Byte[])

Initializes a new instance of the PasswordDeriveBytes class specifying the password and key salt to use to derive the key.

Namespace:  System.Security.Cryptography
Assembly:  mscorlib (in mscorlib.dll)

public PasswordDeriveBytes(
	byte[] password,
	byte[] salt
)

Parameters

password
Type: System.Byte[]

The password to derive the key for.

salt
Type: System.Byte[]

The key salt to use to derive the key.

Security noteSecurity Note

Never hard code a password within your source code. Hard-coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler), a hex editor, or by simply opening up the assembly in a text editor such as Notepad.exe.

The following code example creates a key from a password using the PasswordDeriveBytes class.

using System;
using System.Security.Cryptography;
using System.Text;

public class PasswordDerivedBytesExample
{

    public static void Main(String[] args)
    {

        // Get a password from the user.
        Console.WriteLine("Enter a password to produce a key:");

        byte[] pwd = Encoding.Unicode.GetBytes(Console.ReadLine());

        byte[] salt = CreateRandomSalt(7);

        // Create a TripleDESCryptoServiceProvider object.
        TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider();

        try
        {
            Console.WriteLine("Creating a key with PasswordDeriveBytes...");

            // Create a PasswordDeriveBytes object and then create 
            // a TripleDES key from the password and salt.
            PasswordDeriveBytes pdb = new PasswordDeriveBytes(pwd, salt);


            // Create the key and set it to the Key property 
            // of the TripleDESCryptoServiceProvider object.
            tdes.Key = pdb.CryptDeriveKey("TripleDES", "SHA1", 192, tdes.IV);


            Console.WriteLine("Operation complete.");
        }
        catch (Exception e)
        {
            Console.WriteLine(e.Message);
        }
        finally
        {
            // Clear the buffers
            ClearBytes(pwd);
            ClearBytes(salt);

            // Clear the key.
            tdes.Clear();
        }

        Console.ReadLine();
    }

    ////////////////////////////////////////////////////////// 
    // Helper methods: 
    // CreateRandomSalt: Generates a random salt value of the 
    //                   specified length. 
    // 
    // ClearBytes: Clear the bytes in a buffer so they can't 
    //             later be read from memory. 
    ////////////////////////////////////////////////////////// 

    public static byte[] CreateRandomSalt(int length)
    {
        // Create a buffer 
        byte[] randBytes;

        if (length >= 1)
        {
            randBytes = new byte[length];
        }
        else
        {
            randBytes = new byte[1];
        }

        // Create a new RNGCryptoServiceProvider.
        RNGCryptoServiceProvider rand = new RNGCryptoServiceProvider();

        // Fill the buffer with random bytes.
        rand.GetBytes(randBytes);

        // return the bytes. 
        return randBytes;
    }

    public static void ClearBytes(byte[] buffer)
    {
        // Check arguments. 
        if (buffer == null)
        {
            throw new ArgumentException("buffer");
        }

        // Set each byte in the buffer to 0. 
        for (int x = 0; x < buffer.Length; x++)
        {
            buffer[x] = 0;
        }
    }
}

.NET Framework

Supported in: 4.6, 4.5, 4, 3.5, 3.0, 2.0

.NET Framework Client Profile

Supported in: 4, 3.5 SP1
Show:
© 2015 Microsoft