有没有一种方法来存储这个哈希方法的盐?我不知道该怎么做?存储哈希值
谢谢。
public void AddStudent(Student student)
{
student.StudentID = (++eCount).ToString();
student.Salt = GenerateSalt();
byte[] passwordHash = Hash(student.Password, student.Salt);
student.Password = Convert.ToBase64String(passwordHash);
student.TimeAdded = DateTime.Now;
students.Add(student);
}
这应该是你想要的。不知道这些学生在哪里被储存,但它也可能需要改变。
[DataMember(Name = "StudentID")]
public string StudentID { get; set; }
[DataMember(Name = "FirstName")]
public string FirstName { get; set; }
[DataMember(Name = "LastName")]
public string LastName { get; set; }
[DataMember(Name = "Password")]
public string Password;
[DataMember(Name = "Salt")]
public byte[] Salt;
protected RNGCryptoServiceProvider random = new RNGCryptoServiceProvider();
public byte[] GenerateSalt()
{
byte[] salt = new byte[10];
random.GetNonZeroBytes(salt);
return salt;
}
public static byte[] Hash(string value, byte[] salt)
{
return Hash(Encoding.UTF8.GetBytes(value), salt);
}
public static byte[] Hash(byte[] value, byte[] salt)
{
byte[] saltedValue = value.Concat(salt).ToArray();
return new SHA256Managed().ComputeHash(saltedValue);
}
public void AddStudent(Student student)
{
byte[] salt = GenerateSalt();
student.StudentID = (++eCount).ToString();
byte[] passwordHash = Hash(student.Password, salt);
student.Salt = salt;
student.Password = Convert.ToBase64String(passwordHash);
student.TimeAdded = DateTime.Now;
students.Add(student);
}
感谢Lordcheeto(顺便说一句,奇妙!)我已经更新了我的问题,可能的答案是否看起来正确? – 2012-04-22 21:39:39
我不认为你需要'byte [] salt = GenerateSalt();'如果数据库已经是一个字节[]? – 2012-04-22 21:41:27
@KirstyWhite据我所知,它看起来不错。是的,我只是没有想太多。 – lordcheeto 2012-04-22 21:42:24
您可以将它存储在'byte []'中。什么是实际问题? – 2012-04-22 20:27:56
在你的学生对象上创建一个新的字段盐,然后当你生成salt()时,把盐放在字段中? – Prescott 2012-04-22 20:31:54
对不起im仍然丢失 – 2012-04-22 20:36:59