Hello folks, I am trying to validate passwords hashed with Shiro's DefaultPasswordService in C#/.Net. Searching for a .NET library supporting SHA256 with salting and iterations I stumbled upon BouncyCastle <http://www.bouncycastle.org/csharp/>. But I just can not get it to generate the same hash as Shiro does.
I am using version BouncyCastle 1.8.1. My small test application is shown here: https://gist.github.com/anonymous/bf0266a72d5e38be0c52 It is generating the hash "hMPMCx8Q9NxPdrjaOQZYKqP0znZPPV273dhOF9Mn2Cc=". As you can see I use PKCS 5 V2.0 Scheme 2 (Pkcs5S2ParametersGenerator). I also tried PKCS 5 V2.0 Scheme 1 and PKCS 12 V1.0 (whatever the difference is) but with no success. All other ParameterGenerators that exist in BouncyCastle do not allow me to specify a salt and iterations. The Shiro command line hasher "correctly" outputs the hash "1azh0ddTrNKc5m8Hs0McIK7V2rghWmQ/fC9FteRxruE=" using the password 'test123', 500000 iterations, and the SHA256 algorithm when its given the salt it generated before as shown here: https://gist.github.com/anonymous/b8daf4668038e1f9b4b8 As you might have noticed, I am absolutely no expert in cryptography. Are there different SHA256 algorithms? If so, which one exactly is implemented in Shiro? Is anyone aware of any Shiro-compatible implementation for .NET? Should I be able to implement the hashing myself in a reasonable amount of time with the official C# cryptography classes? Thanks in advance! Best regards Alex
