Sample code for 30+ languages & platforms
PureBasic

Duplicate .NET's Rfc2898DeriveBytes Functionality

See more Encryption Examples

Demonstrates how to duplicate the results produced by .NET's System.Security.Cryptography.Rfc2898DeriveBytes class.

Chilkat PureBasic Downloads

PureBasic
IncludeFile "CkCrypt2.pb"

Procedure ChilkatExample()

    ; This example assumes Chilkat Crypt2 to have been previously unlocked.
    ; See Unlock Crypt2 for sample code.

    ; This example demonstrates how to duplicate the results produced
    ; by .NET's System.Security.Cryptography.Rfc2898DeriveBytes class.

    ; For example, here is C# code that transforms a password string into
    ; bytes that can be used as a secret key for symmetric encryption (such as AES, blowfish, 3DES, etc.)
    ; 
    ;     Rfc2898DeriveBytes deriveBytes = new Rfc2898DeriveBytes("secret", System.Text.Encoding.UTF8.GetBytes("saltsalt123"), numIterations);
    ;     byte[] secretKeyBytes = deriveBytes.GetBytes(numBytes);

    ; (The Rfc2898DeriveBytes computation is really just the PBKDF2 algorithm with SHA-1 hashing.)
    ; In Chilkat, this is what we do to match...

    ; First, let's get a test vector with known results.  Both Chilkat AND Microsoft should produce
    ; the same results.  RFC 6070 has some PBKDF2 HMAC-SHA1 Test Vectors.  Here is one of them:

    ;      Input:
    ;        P = "passwordPASSWORDpassword" (24 octets)
    ;        S = "saltSALTsaltSALTsaltSALTsaltSALTsalt" (36 octets)
    ;        c = 4096
    ;        dkLen = 25
    ; 
    ;      Output:
    ;        DK = 3d 2e ec 4f e4 1c 84 9b
    ;             80 c8 d8 36 62 c0 e4 4a
    ;             8b 29 1a 96 4c f2 f0 70
    ;             38                      (25 octets)
    ; 
    ; 

    crypt.i = CkCrypt2::ckCreate()
    If crypt.i = 0
        Debug "Failed to create object."
        ProcedureReturn
    EndIf

    salt.s = "saltSALTsaltSALTsaltSALTsaltSALTsalt"
    ; Given that the salt is really binary data (can be any random bunch of bytes),
    ; we must pass the exact hex string representation of the salt bytes.
    ; In this case, we're getting the utf-8 byte representation of our salt string,
    ; which is identical to the us-ascii byte representation because there are no 8bit chars..
    saltHex.s = CkCrypt2::ckEncodeString(crypt,salt,"utf-8","hex")

    ; Duplicate the test vector as shown above.
    dkHex.s = CkCrypt2::ckPbkdf2(crypt,"passwordPASSWORDpassword","utf-8","sha1",saltHex,4096,25 * 8,"hex")
    Debug dkHex


    CkCrypt2::ckDispose(crypt)


    ProcedureReturn
EndProcedure