0
我得到这个登记表从哪里获得用户电子邮件地址和密码,并使用SHA512SHA512散列凭证失败的验证
public Boolean IsRegistered(String email, String pass)
{
SHA512 shaM = new SHA512Managed();
if (pass.Length > 0 && email.Length > 0)
{
byte[] data = Encoding.UTF8.GetBytes(pass);
String encryptedpass = Encoding.UTF8.GetString(shaM.ComputeHash(data));
using (ModelContainer db = new ModelContainer())
{
//User usr = db.UserSet.Where(u => u.PasswordDigest == encryptedpass && u.Email == email).First();
int matches = (from u in bd.UserSet
where u.PasswordDigest == encryptedpass&& u.Email == email
select new
{
Id = u.Id
}
).Count();
if (matches > 0)
{
return true;
}
}
}
return false;
}
我每次都用这个方法在用户登录在散列密码,它就像一个魅力(我猜), 事情是当我提示用户更改他/她的密码,我似乎无法验证旧的这里是我的尝试
我做了以下检查用户数据MyAccount表单的构造函数
User user;.
public MyAccount()
{
InitializeComponent();
try
{
using (ModelContainer db = new ModelContainer())
{
user = (from u in db.UserSet where u.Id == 2 select u).First();
txtName.Text = user.Name;
txtEmail.Text = user.Email;
}
}
catch (Exception x)
{
ErrorAlert error = new ErrorAlert("Error: " + x.Message);
error.Owner = getParentWindow();
error.ShowDialog();
}
}
然后我验证它的形式button_click
using (ModelContainer db = new ModelContainer())
{
SHA512 shaM = new SHA512Managed();
string oldpass = Encoding.UTF8.GetString(shaM.ComputeHash(Encoding.UTF8.GetBytes(ptxtOldPassword.Password)));
shaM.Dispose();
db.UserSet.Attach(user);
Regex rgx = new Regex(@"\A[\w+\-.][email protected][a-z\d\-.]+\.[a-z]+\z");
if (rgx.IsMatch(txtEmail.Text))
{
if (oldpass == user.PasswordDigest)
{
if (ptxtNewPassword.Password.Equals(ptxtNewPassword2.Password))
{
string newpass = Encoding.UTF8.GetString(shaM.ComputeHash(Encoding.UTF8.GetBytes(ptxtNewPassword.Password)));
user.Name = txtName.Text;
user.Email = txtEmail.Text;
user.PasswordDigest = newpass;
db.SaveChanges();
}
else
{
ErrorAlert error = new ErrorAlert("Passwords do not match");
error.Owner = getParentWindow();
error.ShowDialog();
}
当我与一个数据库comapare旧密码输入用户不匹配,因为他们是我所使用equals进行尝试,没有串运气我以为==会工作,但我错了,我看着其他答案,发现这个Sha512 not returning equal in c# hash validation可悲的是它不适合我,我需要了解为什么我的第一次验证工作和第二不 所以任何帮助是首选Have a nice day
呃......试图将SHA512字节数据解码为一个UTF-8字符串只是要求麻烦...... SHA512哈希如何存储在数据库中? – elgonzo
@elgonzo他们存储为字符串,而不是utf-8字符串,但你可能是对的 – SoulBlack
在我看来,你似乎并不理解我指向的问题。问题不是UTF-8字符串与非UTF-8字符串。由于任意字节数据可能包含对给定文本编码无效的字节(或字节序列),或者表示某些不可打印的字符,这些字符可能会导致进一步的字符串处理混乱,所以不能始终成功地将任意字节数据解码为字符串。 (1/2) – elgonzo