Here is the C# sample code to verify the hash password.
Salt size is 8 which generates random bytes, 10000 time Iteration and Hash size is 20.
public static bool VerifyHashedString(string inputString, string hashedString)
{
try
{
byte[] hashBytes = Convert.FromBase64String(hashedString);
var salt = new byte[8];
Array.Copy(hashBytes, 0, salt, 0, 8);
var pbkdf2 = new Rfc2898DeriveBytes(inputString, salt, 10000);
byte[] hash = pbkdf2.GetBytes(20);
for (var i = 0; i < 20; i++)
{
if (hashBytes[i + 8] != hash[i])
{
return false;
}
}
return true;
}
catch
{
return false;
}
}
And I am using following code to verify in golang - please find the link https://github.com/anaskhan96/go-password-encoder but I am not able to match hash text
what could be the reason ?
Following are the observation Hash password length varies.
in C# KwLur0TzENvIVUmvTg0gqPUh+Jkndlu2bH7L8g==
in Golang KETc4Dp1kZzPC6pdePc5OQyDXLA=