Rfc2898 / PBKDF2在C＃中以SHA256作为摘要 [英] Rfc2898 / PBKDF2 with SHA256 as digest in c#

问题描述

我想在c＃中使用Rfc2898派生密钥。我还需要将SHA256用作Rfc2898的摘要。我找到了 Rfc2898DeriveBytes 类，但是它使用SHA-1，但我看不到任何使它使用不同摘要的方法。

I want to use Rfc2898 in c# to derive a key. I also need to use SHA256 as Digest for Rfc2898. I found the class Rfc2898DeriveBytes, but it uses SHA-1 and I don't see a way to make it use a different digest.

是否可以在C＃中以SHA256作为摘要使用Rfc2898（没有从头开始实现）？

Is there a way to use Rfc2898 in c# with SHA256 as digest (short of implementing it from scratch)?

推荐答案

请参阅Bruno Garcia的答案。

See Bruno Garcia's answer.

Carsten：请接受该答案，而不是这个答案。

Carsten: Please accept that answer rather than this one.

在我开始回答时，Rfc2898DeriveBytes不可配置为使用其他哈希函数。但是与此同时，它已经得到改进。请参阅Bruno Garcia的答案。以下函数可用于生成用户提供的密码的哈希版本，以存储在数据库中以进行身份​​验证。

At the time I started this answer, Rfc2898DeriveBytes was not configurable to use a different hash function. In the meantime, though, it has been improved; see Bruno Garcia's answer. The following function can be used to generate a hashed version of a user-provided password to store in a database for authentication purposes.

对于较早.NET框架的用户，此仍然有用：

For users of older .NET frameworks, this is still useful:

// NOTE: The iteration count should
// be as high as possible without causing
// unreasonable delay.  Note also that the password
// and salt are byte arrays, not strings.  After use,
// the password and salt should be cleared (with Array.Clear)

public static byte[] PBKDF2Sha256GetBytes(int dklen, byte[] password, byte[] salt, int iterationCount){
    using(var hmac=new System.Security.Cryptography.HMACSHA256(password)){
        int hashLength=hmac.HashSize/8;
        if((hmac.HashSize&7)!=0)
            hashLength++;
        int keyLength=dklen/hashLength;
        if((long)dklen>(0xFFFFFFFFL*hashLength) || dklen<0)
            throw new ArgumentOutOfRangeException("dklen");
        if(dklen%hashLength!=0)
            keyLength++;
        byte[] extendedkey=new byte[salt.Length+4];
        Buffer.BlockCopy(salt,0,extendedkey,0,salt.Length);
        using(var ms=new System.IO.MemoryStream()){
            for(int i=0;i<keyLength;i++){
                extendedkey[salt.Length]=(byte)(((i+1)>>24)&0xFF);
                extendedkey[salt.Length+1]=(byte)(((i+1)>>16)&0xFF);
                extendedkey[salt.Length+2]=(byte)(((i+1)>>8)&0xFF);
                extendedkey[salt.Length+3]=(byte)(((i+1))&0xFF);
                byte[] u=hmac.ComputeHash(extendedkey);
                Array.Clear(extendedkey,salt.Length,4);
                byte[] f=u;
                for(int j=1;j<iterationCount;j++){
                    u=hmac.ComputeHash(u);
                    for(int k=0;k<f.Length;k++){
                        f[k]^=u[k];
                    }
                }
                ms.Write(f,0,f.Length);
                Array.Clear(u,0,u.Length);
                Array.Clear(f,0,f.Length);
            }
            byte[] dk=new byte[dklen];
            ms.Position=0;
            ms.Read(dk,0,dklen);
            ms.Position=0;
            for(long i=0;i<ms.Length;i++){
                ms.WriteByte(0);
            }
            Array.Clear(extendedkey,0,extendedkey.Length);
            return dk;
        }
    }

这篇关于Rfc2898 / PBKDF2在C＃中以SHA256作为摘要的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！