PasswordDeriveBytes Class
Derives a key from a password using an extension of the PBKDF1 algorithm.
Assembly: mscorlib (in mscorlib.dll)
System.Security.Cryptography::DeriveBytes
System.Security.Cryptography::PasswordDeriveBytes
| Name | Description | |
|---|---|---|
![]() | PasswordDeriveBytes(array<Byte>^, array<Byte>^) | Initializes a new instance of the PasswordDeriveBytes class specifying the password and key salt to use to derive the key. |
![]() | PasswordDeriveBytes(array<Byte>^, array<Byte>^, CspParameters^) | Initializes a new instance of the PasswordDeriveBytes class specifying the password, key salt, and cryptographic service provider (CSP) to use to derive the key. |
![]() | PasswordDeriveBytes(array<Byte>^, array<Byte>^, String^, Int32) | Initializes a new instance of the PasswordDeriveBytes class specifying the password, key salt, hash name, and iterations to use to derive the key. |
![]() | PasswordDeriveBytes(array<Byte>^, array<Byte>^, String^, Int32, CspParameters^) | Initializes a new instance of the PasswordDeriveBytes class specifying the password, key salt, hash name, iterations, and cryptographic service provider (CSP) to use to derive the key. |
![]() | PasswordDeriveBytes(String^, array<Byte>^) | Initializes a new instance of the PasswordDeriveBytes class with the password and key salt to use to derive the key. |
![]() | PasswordDeriveBytes(String^, array<Byte>^, CspParameters^) | Initializes a new instance of the PasswordDeriveBytes class with the password, key salt, and cryptographic service provider (CSP) parameters to use to derive the key. |
![]() | PasswordDeriveBytes(String^, array<Byte>^, String^, Int32) | Initializes a new instance of the PasswordDeriveBytes class with the password, key salt, hash name, and number of iterations to use to derive the key. |
![]() | PasswordDeriveBytes(String^, array<Byte>^, String^, Int32, CspParameters^) | Initializes a new instance of the PasswordDeriveBytes class with the password, key salt, hash name, number of iterations, and cryptographic service provider (CSP) parameters to use to derive the key. |
| Name | Description | |
|---|---|---|
![]() | HashName | Gets or sets the name of the hash algorithm for the operation. |
![]() | IterationCount | Gets or sets the number of iterations for the operation. |
![]() | Salt | Gets or sets the key salt value for the operation. |
| Name | Description | |
|---|---|---|
![]() | CryptDeriveKey(String^, String^, Int32, array<Byte>^) | Derives a cryptographic key from the PasswordDeriveBytes object. |
![]() | Dispose() | When overridden in a derived class, releases all resources used by the current instance of the DeriveBytes class.(Inherited from DeriveBytes.) |
![]() | Dispose(Boolean) | Releases the unmanaged resources used by the PasswordDeriveBytes class and optionally releases the managed resources.(Overrides DeriveBytes::Dispose(Boolean).) |
![]() | Equals(Object^) | Determines whether the specified object is equal to the current object.(Inherited from Object.) |
![]() | Finalize() | Allows an object to try to free resources and perform other cleanup operations before it is reclaimed by garbage collection.(Inherited from Object.) |
![]() | GetBytes(Int32) | Obsolete. Returns pseudo-random key bytes.(Overrides DeriveBytes::GetBytes(Int32).) |
![]() | GetHashCode() | Serves as the default hash function. (Inherited from Object.) |
![]() | GetType() | |
![]() | MemberwiseClone() | |
![]() | Reset() | Resets the state of the operation.(Overrides DeriveBytes::Reset().) |
![]() | ToString() | Returns a string that represents the current object.(Inherited from Object.) |
This class uses an extension of the PBKDF1 algorithm defined in the PKCS#5 v2.0 standard to derive bytes suitable for use as key material from a password. The standard is documented in IETF RRC 2898.
Security Note
|
|---|
Never hard-code a password within your source code. Hard coded passwords can be retrieved from an assembly using the Ildasm.exe (IL Disassembler) tool, a hex editor, or by simply opening up the assembly in a text editor like notepad.exe. |
The following code example creates a key from a password using the PasswordDeriveBytes class.
using namespace System; using namespace System::Security::Cryptography; using namespace System::Text; // Generates a random salt value of the specified length. array<Byte>^ CreateRandomSalt(int length) { // Create a buffer array<Byte>^ randomBytes; if (length >= 1) { randomBytes = gcnew array <Byte>(length); } else { randomBytes = gcnew array <Byte>(1); } // Create a new RNGCryptoServiceProvider. RNGCryptoServiceProvider^ cryptoRNGProvider = gcnew RNGCryptoServiceProvider(); // Fill the buffer with random bytes. cryptoRNGProvider->GetBytes(randomBytes); // return the bytes. return randomBytes; } // Clears the bytes in a buffer so they can't later be read from memory. void ClearBytes(array<Byte>^ buffer) { // Check arguments. if (buffer == nullptr) { throw gcnew ArgumentNullException("buffer"); } // Set each byte in the buffer to 0. for (int x = 0; x <= buffer->Length - 1; x++) { buffer[x] = 0; } } int main(array<String^>^ args) { // Get a password from the user. Console::WriteLine("Enter a password to produce a key:"); // Security Note: Never hard-code a password within your // source code. Hard-coded passwords can be retrieved // from a compiled assembly. array<Byte>^ password = Encoding::Unicode->GetBytes(Console::ReadLine()); array<Byte>^ randomSalt = CreateRandomSalt(7); // Create a TripleDESCryptoServiceProvider object. TripleDESCryptoServiceProvider^ cryptoDESProvider = gcnew TripleDESCryptoServiceProvider(); try { Console::WriteLine("Creating a key with PasswordDeriveBytes..."); // Create a PasswordDeriveBytes object and then create // a TripleDES key from the password and salt. PasswordDeriveBytes^ passwordDeriveBytes = gcnew PasswordDeriveBytes (password->ToString(), randomSalt); // Create the key and set it to the Key property // of the TripleDESCryptoServiceProvider object. cryptoDESProvider->Key = passwordDeriveBytes->CryptDeriveKey ("TripleDES", "SHA1", 192, cryptoDESProvider->IV); Console::WriteLine("Operation complete."); } catch (Exception^ ex) { Console::WriteLine(ex->Message); } finally { // Clear the buffers ClearBytes(password); ClearBytes(randomSalt); // Clear the key. cryptoDESProvider->Clear(); } Console::ReadLine(); }
Available since 1.1
Any public static ( Shared in Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.



