[英]Simple ASP.NET password hashing class troubles
I am attempting to apply some security to a project I'm completing for college. 我正在尝试对即将完成的大学项目应用某种安全性。 This security is somewhat glancing so I'm tempted to give up, save passwords as plaintext or converted to base64, and do something more user-obvious.
这种安全性在某种程度上是一目了然的,因此我很想放弃,将密码另存为纯文本或转换为base64,然后做一些更明显的用户操作。
Before I give up, I'm asking SO. 在我放弃之前,我要问。 This is my first attempt at asking anything here so please be gentle.
这是我第一次尝试在此处提出任何问题,因此请保持谨慎。
I decided that implementing this MSDN code wouldn't be too hard. 我认为实现此MSDN代码并不难。 http://msdn.microsoft.com/en-us/library/aa545602%28v=cs.70%29.aspx
http://msdn.microsoft.com/zh-cn/library/aa545602%28v=cs.70%29.aspx
Turns out, it really is. 事实证明,确实如此。 I'm getting the error
我遇到了错误
System.FormatException: Input string was not in a correct format.
System.FormatException:输入字符串的格式不正确。
For code 对于代码
binarySaltValue[0] = byte.Parse( salt.Substring( 0, 2 ), System.Globalization.NumberStyles.HexNumber, CultureInfo.InvariantCulture.NumberFormat );
I'm going to be honest, I don't fully understand this code. 老实说,我不完全了解此代码。
If anyone can fix this or supply an idiot-proof asynchronous hashing class I'd appreciate it. 如果有人可以解决此问题或提供防白痴的异步哈希类,我将不胜感激。
( apologies for my random user name, I have no idea how that happened ) (对我的随机用户名表示歉意,我不知道这是怎么发生的)
Here's a basic method (no salt) to at least get you started. 这是至少可以帮助您入门的基本方法(无盐)。 It just "hashes" the string coming in.
它只是“哈希”输入的字符串。
private string GetHashedString(string _PW)
{
string _HashedPW = "";
SHA512 sha = new SHA512CryptoServiceProvider();
byte[] result;
StringBuilder strBuilder = new StringBuilder();
sha.ComputeHash(ASCIIEncoding.ASCII.GetBytes(_PW));
result = sha.Hash;
for (int i = 0; i < result.Length; i++)
{
strBuilder.Append(result[i].ToString("x2"));
}
_HashedPW = strBuilder.ToString();
return _HashedPW;
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.