Using Shiro's Hashes in .Net

[Alexander Openkowski <op...@googlemail.com>]

Hello folks,

I am trying to validate passwords hashed with Shiro's
DefaultPasswordService in C#/.Net. Searching for a .NET library
supporting SHA256 with salting and iterations I stumbled upon
BouncyCastle <http://www.bouncycastle.org/csharp/>. But I just can not
get it to generate the same hash as Shiro does.

I am using version BouncyCastle 1.8.1. My small test application is
shown here: https://gist.github.com/anonymous/bf0266a72d5e38be0c52
It is generating the hash
"hMPMCx8Q9NxPdrjaOQZYKqP0znZPPV273dhOF9Mn2Cc=". As you can see I use
PKCS 5 V2.0 Scheme 2 (Pkcs5S2ParametersGenerator). I also tried PKCS 5
V2.0 Scheme 1 and PKCS 12 V1.0 (whatever the difference is) but with no
success. All other ParameterGenerators that exist in BouncyCastle do not
allow me to specify a salt and iterations.

The Shiro command line hasher "correctly" outputs the hash
"1azh0ddTrNKc5m8Hs0McIK7V2rghWmQ/fC9FteRxruE=" using the password
'test123', 500000 iterations, and the SHA256 algorithm when its given
the salt it generated before as shown here:
https://gist.github.com/anonymous/b8daf4668038e1f9b4b8

As you might have noticed, I am absolutely no expert in cryptography.
Are there different SHA256 algorithms? If so, which one exactly is
implemented in Shiro? Is anyone aware of any Shiro-compatible
implementation for .NET? Should I be able to implement the hashing
myself in a reasonable amount of time with the official C# cryptography
classes?

Thanks in advance!

Best regards
Alex