如何在验证登录系统中使用rfc2898derivebytes类 [英] how to use rfc2898derivebytes class in a validation-login system
本文介绍了如何在验证登录系统中使用rfc2898derivebytes类的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在阅读一篇有关如何使用密码哈希来保护用户密码的文章,并且说使用pbkdf2算法会使哈希过程更加缓慢并且更难以破解.我已经在msdn中看到了有关rfc2829derivebytes类的示例,但 我不了解如何在我的情况下使用此类.任何人都可以举一个简单明了的示例吗?谢谢.
I am reading a article about how to use password hashing to protect user password,and it said that use pbkdf2 algorithm will make hashing process more slow and more difficult to be cracked.I have seen the example in msdn about rfc2829derivebytes class,but i don't understand how to use this class in my case.can anyone give a simple and clear example? Thanks.
推荐答案
你好,
谢谢您在这里发布.
对于您的问题,您可以参考以下代码.
For your question, you could refer to the following code.
static void Main(string[] args)
{
// Create a byte array to hold the random value.
byte[] salt1 = new byte[8];
using (RNGCryptoServiceProvider rngCsp = new RNGCryptoServiceProvider())
{
// Fill the array with a random value.
rngCsp.GetBytes(salt1);
}
string data = "welcome";
byte[] plainText1 = new System.Text.UTF8Encoding(false).GetBytes(data);
EncryptRfc(plainText1, "hello", salt1);
}
public static byte[] EncryptRfc(byte[] plainText, string password, byte[] salt)
{
var keyGen = new Rfc2898DeriveBytes(password, salt);
var key = keyGen.GetBytes(32);
var iv = keyGen.GetBytes(16);
var cipher = new RijndaelManaged { Key = key, IV = iv };
byte[] cipherText;
using (var encryptor = cipher.CreateEncryptor())
{
using (var ms = new MemoryStream())
{
using (var cs = new CryptoStream(ms, encryptor, CryptoStreamMode.Write))
{
cs.Write(plainText, 0, plainText.Length);
cs.FlushFinalBlock();
cipherText = ms.ToArray();
}
}
}
return cipherText;
}
这是理解的三个步骤.
- 从密码和密码中导出加密密钥和IV.
- 使用密钥创建加密器的新实例
- 加密明文.
最好的问候,
温迪
这篇关于如何在验证登录系统中使用rfc2898derivebytes类的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
