【发布时间】:2018-01-22 23:33:30
【问题描述】:
您好,我想复制在 asp.net 身份中完成的密码散列,这样,由 asp.net 身份散列的密码的结果值和由 Chilkat 散列的密码相同。这可能吗?
在 C# asp.net 中,我们使用 Rfc2898DeriveBytes 为我们执行 pbkdf2。我怎样才能在 Chilkat 中做同样的事情?
private const int PBKDF2IterCount = 1000; // default for Rfc2898DeriveBytes
private const int PBKDF2SubkeyLength = 256 / 8; // 256 bits
private const int SaltSize = 128 / 8; // 128 bits
//[ComVisible(true)]
public string HashPassword(string password)
{
if (password == null)
{
throw new ArgumentNullException("password cannot be null");
}
// Produce a version 0 (see comment above) text hash.
byte[] salt;
byte[] subkey;
using (var deriveBytes = new Rfc2898DeriveBytes(password, SaltSize, PBKDF2IterCount))
{
salt = deriveBytes.Salt;
subkey = deriveBytes.GetBytes(PBKDF2SubkeyLength);
}
var outputBytes = new byte[1 + SaltSize + PBKDF2SubkeyLength];
Buffer.BlockCopy(salt, 0, outputBytes, 1, SaltSize);
Buffer.BlockCopy(subkey, 0, outputBytes, 1 + SaltSize, PBKDF2SubkeyLength);
return Convert.ToBase64String(outputBytes);
}
目前,我在 Chilkat 使用的参数是:
Function EncryptChilkat(sPassword As String) As String
Dim crypt As New ChilkatCrypt2
Dim success As Long
success = crypt.UnlockComponent("ACHIEV.CR1082018_dCrRA3zr4e1M ")
If (success <> 1) Then
Debug.Print crypt.LastErrorText
Exit Function
End If
Dim hexKey As String
Dim pw As String
pw = "pwd"
Dim pwCharset As String
pwCharset = "base64"
' Hash algorithms may be: sha1, md2, md5, etc.
Dim hashAlg As String
hashAlg = "HMCSHA1"
' The salt should be 8 bytes:
Dim saltHex As String
saltHex = "78578E5A5D63CB06"
Dim iterationCount As Long
iterationCount = 1000
' Derive a 128-bit key from the password.
Dim outputBitLen As Long
outputBitLen = 128
' The derived key is returned as a hex or base64 encoded string.
' (Note: The salt argument must be a string that also uses
' the same encoding.)
Dim enc As String
enc = "base64"
hexKey = crypt.Pbkdf2(pw, pwCharset, hashAlg, saltHex, iterationCount, outputBitLen, enc)
EncryptChilkat = hexKey
End Function
【问题讨论】: