比较C＃和ColdFusion之间的密码散列（CFMX_COMPAT） [英] Compare password hashes between C# and ColdFusion (CFMX_COMPAT)

问题描述

我有一个存储在表中的密码哈希，并通过以下冷拼脚本放在那里 -

I have a password hash that is stored in a table and is put there by the following coldfusion script-

#Hash(Encrypt(Form.UserPassword,GetSiteVars.EnCode))#

我试图添加一些外部功能在ac＃应用程序内。我想能够利用已经存在的数据，以便我可以验证用户。有没有人知道如何在c＃中复制上述冷灌输代码？

I am trying to add some outside functionality within a c# application. I would like to be able to take advantage of the data that already exists so that I can authenticate users. Does anyone know how I can replicate the above coldfusion code in c#?

感谢任何想法。

推荐答案

我会在下面留下原始回答内容以供参考，但应注意这不是对原始问题的有效回答。

I'll leave the original answer content below for historical reference, but it should be noted that this is NOT a working answer to the original question.

相反，请参阅2011年1月@Terrapin在此主题中排名最高的答案。我希望OP看到这一点，并可以更改接受的答案。 Heck，我甚至会标记这些mods，看看是否可以做到这一点。

Instead, see the top-voted answer in this thread, by @Terrapin in January 2011. I hope the OP sees this and can change the accepted answer. Heck, I'll even flag the mods to see if anything can be done about this.

由Edward Smith和后续评论czuroski，这里是我的解决方案。

To build on the answer by Edward Smith, and the follow-up comments by czuroski, here is my solution.

首先，你需要一个XOR函数在C＃ a href =http://www.eggheadcafe.com/tutorials/aspnet/8b53894c-a889-4914-8c46-122980cc44ae/simple-xor-encryption.aspx =nofollow noreferrer>此处并修改

First, you need an XOR function in C#, which I've taken from here and modified slightly.

using System;
using System.Collections.Generic;
using System.Text;

namespace SimpleXOREncryption
{    
    public static class EncryptorDecryptor
    {
        public static string EncryptDecrypt(string textToEncrypt, int key)
        {            
            StringBuilder inSb = new StringBuilder(textToEncrypt);
            StringBuilder outSb = new StringBuilder(textToEncrypt.Length);
            char c;
            for (int i = 0; i < textToEncrypt.Length; i++)
            {
                c = inSb[i];
                c = (char)(c ^ key);
                outSb.Append(c);
            }
            return outSb.ToString();
        }   
    }
}

XOR和base-64编码。在你有那个字符串后，MD5哈希它。结果应该与原始代码片段的结果匹配：

Then, take the result of the XOR and base-64 encode it. After you have that string, MD5 hash it. The result should match the result from the original code snippet:

#Hash(Encrypt(Form.UserPassword,GetSiteVars.EnCode))#

这篇关于比较C＃和ColdFusion之间的密码散列（CFMX_COMPAT）的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！