I use Rfc2898DeriveBytes to hash password for asp.net login
public void HashPassword(string password, string salt = null)
{
byte[] saltB = (salt == null) ? GenSalt() : Convert.FromBase64String(salt);
if (salt == null) salt = Convert.ToBase64String(saltB);
// test // salt.length is 172
}
internal byte[] GenSalt()
{
RNGCryptoServiceProvider p = new RNGCryptoServiceProvider();
byte[] b = new byte[128];
p.GetBytes(b);
return b;
}I set the byte array to size 128, but after performed the ToBase64String, the size is 172.
I expecting it to be 128.
how should I rectify this?