我目前正在开发一个基于Visual Studio C#的Windows表单项目。然而,我对SHA256 + salted的工作原理感到困惑。我在网上找到了一些示例,但无法理解如何调用此函数。
我希望在连接到数据库(Microsoft Access 2010)的登录表单中调用此函数。
- How do I call this function by a click of a button and reading the
password from a
Textbox
? - How do i display out the hash value in a
Messagebox.Show
method? (For my testing purpose) Is it possible to compare two text (hashed and salted) and giving a positive result?
public static string sha256encrypt(string phrase, string UserName) { string salt = CreateSalt(UserName); string saltAndPwd = String.Concat(phrase, salt); UTF8Encoding encoder = new UTF8Encoding(); SHA256Managed sha256hasher = new SHA256Managed(); byte[] hashedDataBytes = sha256hasher.ComputeHash(encoder.GetBytes(saltAndPwd)); string hashedPwd = String.Concat(byteArrayToString(hashedDataBytes), salt); return hashedPwd; } public static string byteArrayToString(byte[] inputArray) { StringBuilder output = new StringBuilder(""); for (int i = 0; i < inputArray.Length; i++) { output.Append(inputArray[i].ToString("X2")); } return output.ToString(); } private static string CreateSalt(string UserName) { string username = UserName; byte[] userBytes; string salt; userBytes = ASCIIEncoding.ASCII.GetBytes(username); long XORED = 0x00; foreach (int x in userBytes) XORED = XORED ^ x; Random rand = new Random(Convert.ToInt32(XORED)); salt = rand.Next().ToString(); salt += rand.Next().ToString(); salt += rand.Next().ToString(); salt += rand.Next().ToString(); return salt; }
如何使用盐值创建SHA256哈希?
shavalue = (sha256encrypt("password", "username");
saltedandhashtext = CreateSalt(shavalue);
Rfc2898DeriveBytes
,它使用一个拉伸哈希函数并可以自动创建一个盐值。 - CodesInChaos