对于Scrypt和Cryptsharp示例代码 [英] Example code for Scrypt and Cryptsharp

问题描述

我已经找遍了谷歌和我找不到Scrypt使用的代码示例（散列密码）使用 Cryptsharp 库。

I have searched all over Google and I can't find a code sample of Scrypt usage (for hashing a password) using the Cryptsharp library.

能否请您对散列密码提供了一个样本？

Can you please provide a sample for hashing the password?

推荐答案

这只是一个呼叫所以我将引导您完成参数：

It's only a single call so I'll walk you through the parameters:

1. 键：这是你的密码，请使用UTF-8编码（没有字节顺序标记），您的密码编码成字节数组;


2. 盐：安全随机的字符串字节存储与scrypt函数的结果，16个字节应该是充足的;


3. 费用：给定的建议是262144，但你可能希望增加该值，如果您的服务器能够处理额外的负载;


4. 块大小：看成本，给出的建议是8;


5. 平行：除非你想用多线程尝试我会记住这1;


6. maxThreads ：一般空将很好地做;


7. derivedKeyLength ：嗯，这取决于，密码128应该是充足的，虽然，这是不可能的，你的密码有安全的超过128位

1. key: this is your password, use UTF-8 encoding (without byte order mark) to encode your password into a byte array;
2. salt: a string of secure random bytes stored with the result of the scrypt function, 16 bytes should be ample;
3. cost: the given suggestion is 262144, but you may want to increase that value if your server can handle the additional load;
4. blockSize: see cost, the given suggestion is 8;
5. parallel: I would keep this to 1 unless you want to experiment with multi-threading;
6. maxThreads: in general null will do nicely;
7. derivedKeyLength: well, that depends, for passwords 128 should be ample though, it's unlikely that your password has more than 128 bits of security.

您应该存储至少盐和结果。你可能想，如果你想将它们存储为字符串使用基地64编码

You should store at least the salt and result. You may want to use base 64 encoding if you want to store them as strings.

我建议你保存一个额外的一段数据：基于版本的密码密钥派生方案（PBKDF）。再说了，将其设置为 1 使用scrypt，利用给定的密钥编码，盐尺寸，成本等的块大小在这种情况下，你以后可以升级你的计划（你需要用户提供他/她的密码，要做到这一点，所以你将不得不这样做在线，所以你最终将有多个方案在同一时间运行）。

I would recommend you to store one additional piece of data: a version of your password based key derivation scheme (PBKDF). Say, set it to 1 for using scrypt, using the given key encoding, salt size, cost, blocksize etc. In that case you can upgrade your scheme later on (you need the user to supply his/her password to do this, so you will have to do this online, so you will end up having multiple schemes operational at the same time).

请注意您可能链PBKDF函数调用，所以你可以使用原来的PBKDF输出，并使用它作为下一个PBKDF输入。在这种情况下，用户不必提供密码（这暗示从CodesInChaos采取另一个问题）。

Note that you may chain PBKDF function calls, so you could use the original PBKDF output and use that as input for the next PBKDF. In that case the user doesn't have to supply the password (this hint was taken from CodesInChaos on another question).

这篇关于对于Scrypt和Cryptsharp示例代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！