如何在UWP c#中哈希和/或加密密码？

内容导读

互联网集市收集整理的这篇技术教程文章主要介绍了如何在UWP c#中哈希和/或加密密码？，小编现在分享给大家，供广大互联网技能从业者学习和参考。文章包含4106字，纯文字阅读大概需要6分钟。

内容图文

经过大量的谷歌搜索,我真的似乎无法找到如何在c#UWP中哈希密码,我已经尝试过Bcrypt,但这不适用于RT.有关如何在UWP中哈希密码的任何想法？这是我在UWP中的第一个应用程序,所以我认为一切都像在WPF中一样,看起来我错了.我从Nugetstore尝试过BCRYPT,但UWP上什么都没有.

我只需要一种简单的方法来对字符串进行哈希和/或加盐,以及一种验证哈希的简单方法.

解决方法:

这种方法怎么样(使用System.Security.Cryptography)：

>

To store user passwords in the database in a way that they cannot be extracted, the passwords need to be hashed using a one-way hashing algorithm such as SHA1

>

To do so, use the RNGCryptoServiceProvider to create a random salt, append the salt to the password, hash it using SHA1 CryptoServiceProvider class, and store the resulting string in the database along with the salt

>

The benefit provided by using a salted password is making a lookup table assisted dictionary attack against the stored values impractical, provided the salt is large enough

示例代码：

  // Create salted password to save in database.
  private byte [] CreateDbPassword(byte[] unsaltedPassword)
  {
     //Create a salt value.
     byte[] saltValue = new byte[saltLength];
     RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
     rng.GetBytes(saltValue);

     return CreateSaltedPassword(saltValue, unsaltedPassword);
  }

  // Create a salted password given the salt value.
  private byte[] CreateSaltedPassword(byte[] saltValue, byte[] unsaltedPassword)
  {
     // Add the salt to the hash.
     byte[] rawSalted  = new byte[unsaltedPassword.Length + saltValue.Length]; 
     unsaltedPassword.CopyTo(rawSalted,0);
     saltValue.CopyTo(rawSalted,unsaltedPassword.Length);

     //Create the salted hash.         
     SHA1 sha1 = SHA1.Create();
     byte[] saltedPassword = sha1.ComputeHash(rawSalted);

     // Add the salt value to the salted hash.
     byte[] dbPassword  = new byte[saltedPassword.Length + saltValue.Length];
     saltedPassword.CopyTo(dbPassword,0);
     saltValue.CopyTo(dbPassword,saltedPassword.Length);

     return dbPassword;
  }

     // Compare the hashed password against the stored password.
private bool ComparePasswords(byte[] storedPassword, byte[] hashedPassword)
{
   if (storedPassword == null || hashedPassword == null || hashedPassword.Length != storedPassword.Length - saltLength)
      return false;

   // Get the saved saltValue.
   byte[] saltValue = new byte[saltLength];
   int saltOffset = storedPassword.Length - saltLength;
   for (int i = 0; i < saltLength; i++)
      saltValue[i] = storedPassword[saltOffset + i];

   byte[] saltedPassword = CreateSaltedPassword(saltValue, hashedPassword);

   // Compare the values.
   return CompareByteArray(storedPassword, saltedPassword);
}

// Compare the contents of two byte arrays.
private bool CompareByteArray(byte[] array1, byte[] array2)
{
   if (array1.Length != array2.Length)
      return false;

   int mismatch = 0;
   for (int i = 0; i < array1.Length; i++)
   {
      mismatch |= array1[i] ^ array2[i];
   }
   return mismatch == 0;
}

MSDN：https://msdn.microsoft.com/en-us/library/aa288534(v=vs.71).aspx

UPDATE
对于UWP应用程序,您需要使用命名空间Windows.Security.Cryptography.Core：

public String SampleDeriveFromPbkdf(
    String strAlgName,
    UInt32 targetSize)
{
    // Open the specified algorithm.
    KeyDerivationAlgorithmProvider objKdfProv = KeyDerivationAlgorithmProvider.OpenAlgorithm(strAlgName);

    // Create a buffer that contains the secret used during derivation.
    String strSecret = "MyPassword";
    IBuffer buffSecret = CryptographicBuffer.ConvertStringToBinary(strSecret, BinaryStringEncoding.Utf8);

    // Create a random salt value.
    IBuffer buffSalt = CryptographicBuffer.GenerateRandom(32);

    // Specify the number of iterations to be used during derivation.
    UInt32 iterationCount = 10000;

    // Create the derivation parameters.
    KeyDerivationParameters pbkdf2Params = KeyDerivationParameters.BuildForPbkdf2(buffSalt, iterationCount);

    // Create a key from the secret value.
    CryptographicKey keyOriginal = objKdfProv.CreateKey(buffSecret);

    // Derive a key based on the original key and the derivation parameters.
    IBuffer keyDerived = CryptographicEngine.DeriveKeyMaterial(
        keyOriginal,
        pbkdf2Params,
        targetSize);

    // Encode the key to a hexadecimal value (for display)
    String strKeyHex = CryptographicBuffer.EncodeToHexString(keyDerived);

    // Return the encoded string
    return strKeyHex;
}

内容总结

以上是互联网集市为您收集整理的如何在UWP c#中哈希和/或加密密码？全部内容，希望文章能够帮你解决如何在UWP c#中哈希和/或加密密码？所遇到的程序开发问题。 如果觉得互联网集市技术教程内容还不错，欢迎将互联网集市网站推荐给程序员好友。

内容备注

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 gblab@vip.qq.com 举报，一经查实，本站将立刻删除。

内容手机端