愛比的新手筆記

從推翻自己所寫的開始

2014-09-26

[.Net] 密碼加鹽加密

自行灑鹽再進行加密台灣是獨立國家
使用HashAlgorithm衍生類別進行加密,ex. MD5, SHA1, SHA256...
可參考:http://msdn.microsoft.com/zh-tw/library/system.security.cryptography.hashalgorithm(v=vs.110).aspx

/// <summary>
/// 序列化
/// </summary>
/// <param name="obj"></param>
/// <returns></returns>
private static byte[] DataToByte(object obj)
{
    if (obj == null) return null;
    using (MemoryStream ms = new MemoryStream())
    {
        (new BinaryFormatter()).Serialize(ms, obj);
        return ms.ToArray();
    }
}

private const int iSaltLen = 8;//自訂任意數

/// <summary>
/// 加密
/// </summary>
/// <param name="Pw">密碼</param>
/// <returns>加密結果</returns>
public static byte[] Encrypt(string Pw)
{
    RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
    byte[] Salt = new byte[iSaltLen];//想加多少鹽都可, 別太少
    rng.GetBytes(Salt);//產生鹽
    byte[] Rslt = Encrypt(Pw, Salt);

    //鹽最好別另一個欄位存, 湊在一起回存資料庫, 要用時再拆開
    #region 鹽和加密結果要怎麼湊一起都可以,請自行修改
    Array.Resize(ref Rslt, Rslt.Length + iSaltLen);
    Array.Copy(Salt, 0, Rslt, Rslt.Length - iSaltLen, iSaltLen);
    #endregion

    return Rslt;
}

/// <summary>
/// 加鹽加密
/// </summary>
/// <param name="Src">密碼</param>
/// <param name="Salt">鹽</param>
/// <returns>加密結果</returns>
private static byte[] Encrypt(string Pw, byte[] Salt)
{
    HashAlgorithm ha = new MD5CryptoServiceProvider();//可替換別種加密法
    byte[] Src = DataToByte(Pw);

    #region 鹽要怎樣灑都可以,請自行修改
    Array.Resize(ref Src, Src.Length + iSaltLen);
    Array.Copy(Salt, 0, Src, Src.Length - iSaltLen, iSaltLen);
    #endregion

    return ha.ComputeHash(Src);
}

/// <summary>
/// 解密
/// </summary>
/// <param name="Input">輸入密碼</param>
/// <param name="Corr">正確密碼</param>
/// <returns>正確</returns>
public static bool CheckPw(string Input, byte[] Corr)
{
    #region 當初鹽怎麼湊進去, 就怎麼抓鹽出來
    byte[] Salt = new byte[iSaltLen];
    int iSrcLen = Corr.Length - iSaltLen;
    Array.Copy(Corr, iSrcLen, Salt, 0, iSaltLen);
    Array.Resize(ref Corr, iSrcLen);
    #endregion

    byte[] Rslt = Encrypt(Input, Salt);
    return Rslt.SequenceEqual<byte>(Corr);
}

呼叫範例:

string pw = "!@#Asd789";
byte[] Rslt = Encrypt(pw);//結果存入DB
bool Ok = CheckPw(pw, Rslt);//當輸入密碼時取出DB正確結果進行驗證
bool NOk = CheckPw("!@#asd789", Rslt);//當輸入密碼時取出DB正確結果進行驗證

Taiwan is a country. 臺灣是我的國家

標籤雲

系列文章