Rfc2898DeriveBytes Constructor (String, Byte(), Int32)
[ This article is for Windows Phone 8 developers. If you’re developing for Windows 10, see the latest documentation. ]
Initializes a new instance of the Rfc2898DeriveBytes class using a password, a salt, and number of iterations to derive the key.
Assembly: mscorlib (in mscorlib.dll)
'Declaration Public Sub New ( _ password As String, _ salt As Byte(), _ iterations As Integer _ )
Parameters
- password
- Type: System.String
The password used to derive the key.
- salt
- Type:
System.Byte
()
The key salt used to derive the key.
- iterations
- Type: System.Int32
The number of iterations for the operation.
| Exception | Condition |
|---|---|
| ArgumentException | The specified salt size is smaller than 8 bytes or the iteration count is less than 1. |
| ArgumentNullException | The password or salt is Nothing. |
The salt size must be 8 bytes or larger and the iteration count must be greater than zero. The minimum recommended number of iterations is 1000.
RFC 2898 includes methods for creating a key and initialization vector (IV) from a password and salt. You can use PBKDF2, a password-based key derivation function, to derive keys using a pseudo-random function that allows keys of virtually unlimited length to be generated. The Rfc2898DeriveBytes class can be used to produce a derived key from a base key and other parameters. In a password-based key derivation function, the base key is a password and the other parameters are a salt value and an iteration count.
For more information about PBKDF2, see RFC 2898, "PKCS #5: Password-Based Cryptography Specification Version 2.0," available on the Request for Comments Web site. See section 5.2, "PBKDF2," for complete details.
Security Note: |
|---|
Never hard-code a password within your source code. Hard-coded passwords can be retrieved from an assembly by using the Microsoft Intermediate Language Disassembler (Ildasm.exe), by using a hexadecimal editor, or by simply opening up the assembly in a text editor such as Notepad.exe. |
Security Note: