|
@@ -12,6 +12,10 @@ namespace iiie.Authentication.Business.JWT
|
12
|
12
|
private const int SALT_INDEX = 1;
|
13
|
13
|
private const int PBKDF2_INDEX = 2;
|
14
|
14
|
|
|
15
|
+ private const int SALT_BYTE_SIZE = 24;
|
|
16
|
+ private const int HASH_BYTE_SIZE = 42;
|
|
17
|
+ private const int PBKDF2_ITERATIONS = 2048;
|
|
18
|
+
|
15
|
19
|
/// <summary>
|
16
|
20
|
/// Crée un hash à partir du password
|
17
|
21
|
/// </summary>
|
|
@@ -21,14 +25,13 @@ namespace iiie.Authentication.Business.JWT
|
21
|
25
|
{
|
22
|
26
|
// génaration du SALT aléatoire
|
23
|
27
|
RNGCryptoServiceProvider csprng = new RNGCryptoServiceProvider();
|
24
|
|
- byte[] salt = new byte[1024];
|
|
28
|
+ byte[] salt = new byte[SALT_BYTE_SIZE];
|
25
|
29
|
csprng.GetBytes(salt);
|
26
|
30
|
|
27
|
31
|
// hash le password et création de la chaine avec les paramêtres
|
28
|
|
- byte[] hash = PBKDF2(password, salt, 42, 1024);
|
29
|
|
- return 42 + ":" +
|
|
32
|
+ byte[] hash = PBKDF2(password, salt, PBKDF2_ITERATIONS, HASH_BYTE_SIZE);
|
|
33
|
+ return PBKDF2_ITERATIONS + ":" +
|
30
|
34
|
Convert.ToBase64String(salt) + ":" + Convert.ToBase64String(hash);
|
31
|
|
- return "";
|
32
|
35
|
}
|
33
|
36
|
|
34
|
37
|
/// <summary>
|