如何在C＃中实现pbkdf2_sha256 [英] How to implement pbkdf2_sha256 in C#

问题描述

我创建了一个网站，在登录时我使用pbkdf2_sha256进行密码散列。我也用过盐。我想制作一个简单的软件只是为了体验，我想使用网站保存的相同凭据登录c＃软件。我见过Rfc2898DeriveBytes我想它只需要2个参数（密码，整数为盐）。但是我在网站上指定的迭代怎么样？



任何人，请指导我如何在c＃（WPF）应用程序中登录并使用pbkdf2_sha256创建一个哈希并验证密码。



我见过PBKDF2.Net NuGet包和BouncyCastle NuGet包，但我没有得到如何使用它我得到了很多我从某些网站复制的语法错误。



i也用过

I have made a website, in which on login I am using pbkdf2_sha256 for password hashing. I have used salt also. I want to make a simple software just for the experience, I want to login into the c# software using same credentials as saved by the website. I have seen Rfc2898DeriveBytes I guess it only takes 2 arguments (password, salt in integer). But what about iterations I have specified on the website?

Anyone, please guide me how to make a login in c# (WPF) application and use pbkdf2_sha256 to create a hash and to verify the password.

I have seen PBKDF2.Net NuGet package and BouncyCastle NuGet Package, but i am not getting how to use them i am getting a lot of error in syntax what ever i have copied from some sites.

i have also used

var salt = "FbSnXHPo12gb";
var password = "geheim";
var interactions = 12000;


using (var hmac = new HMACSHA256())
{
    var df = new Pbkdf2(hmac, password, salt, interactions);
    Console.WriteLine(Convert.ToBase64String(df.GetBytes(32)));
}

请帮帮我



我尝试过：

please help me

What I have tried:

using System.Security.Cryptography;
using System.Configuration;
using Org.BouncyCastle.Crypto;
using Org.BouncyCastle.Crypto.Engines;
using Org.BouncyCastle.Crypto.Generators;
using Org.BouncyCastle.Crypto.Modes;
using Org.BouncyCastle.Crypto.Parameters;
using Org.BouncyCastle.Security;

namespace login
{

    /// <summary>
    /// Interaction logic for MainWindow.xaml
    /// </summary>
    public partial class MainWindow : Window
    {

        public MainWindow()
        {
            InitializeComponent();
        }

        

        private void test_Click(object sender, RoutedEventArgs e)
        {
            int iterations = 100000; // The number of times to encrypt the password - change this
            int saltByteSize = 64; // the salt size - change this
            int hashByteSize = 128; // the final hash - change this

            BouncyCastleHashing mainHashingLib = new BouncyCastleHashing();

            var password = "password"; // That's really secure! :)

            byte[] saltBytes = mainHashingLib.CreateSalt(saltByteSize);
            string saltString = Convert.ToBase64String(saltBytes);

            string pwdHash = mainHashingLib.PBKDF2_SHA256_GetHash(password, saltString, iterations, hashByteSize);

            var isValid = mainHashingLib.ValidatePassword(password, saltBytes, iterations, hashByteSize, Convert.FromBase64String(pwdHash));
        }
    }
}

推荐答案

谷歌搜索众神是你的朋友......这个搜索： BouncyCastle文档Pbkdf2 c＃ [ ^ ]找到了这个可接受的解决方案：如何在C＃/ Bouncy Castle中创建PBKDF2-SHA256密码哈希 - Stack Overflow [ ^ ]

Google Search gods are your friend... This search: BouncyCastle documentation Pbkdf2 c#[^] found this accepted solution: How to create a PBKDF2-SHA256 password hash in C# / Bouncy Castle - Stack Overflow[^]

请查看这些链接，它们是我认为的好选择，因此提供了丰富的信息，第二个是直接链接到我以前实施的类库。





https://crackstation.net/hashing-security.htm





https://github.com/defuse/password-hashing/blob/master/PasswordStorage.cs

Please have a look at those links, they are good alternatives I think and so informative, the second one is a direct link to the class library I used to implement .


https://crackstation.net/hashing-security.htm


https://github.com/defuse/password-hashing/blob/master/PasswordStorage.cs

这篇关于如何在C＃中实现pbkdf2_sha256的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！