C#ASP.NET Core 2哈希算法
[英]C# ASP.NET Core 2 HashAlgorithm
问题描述
I have an ASP.Net MVC project which works fine when using HashAlgorithm , but I am trying to replicate this same project in ASP.Net Core2 and I am getting the following error: 
我有一个ASP.Net MVC项目,该项目在使用HashAlgorithm时可以正常工作,但是我试图在ASP.Net Core2中复制相同的项目,并且出现以下错误:
System.PlatformNotSupportedException HResult=0x80131539 Message=Operation is not supported on this platform.
My code: 我的代码:
public static string GeneratePassword(int saltlength) //length of salt
{
const string chars = "abcdefghijkmnopqrstuvwxyzABCDEFGHJKLMNOPQRSTUVWXYZ0123456789";
var randNum = new Random();
var passwordSalt = new char[saltlength];
for (var i = 0; i <= saltlength - 1; i++) {
passwordSalt[i] = chars[Convert.ToInt32((chars.Length) * randNum.NextDouble())];
}
return new string(passwordSalt);
}
public static string EncodePassword(string pass, string salt) //encrypt password
{
byte[] bytes = Encoding.Unicode.GetBytes(pass);
byte[] src = Encoding.Unicode.GetBytes(salt);
byte[] dst = new byte[src.Length + bytes.Length];
Buffer.BlockCopy(src, 0, dst, 0, src.Length);
Buffer.BlockCopy(bytes, 0, dst, src.Length, bytes.Length);
HashAlgorithm algorithm = HashAlgorithm.Create("MD5");
if (algorithm != null) {
byte[] inArray = algorithm.ComputeHash(dst);
var encodedPassword = Convert.ToBase64String(inArray);
return encodedPassword;
}
return pass;
}
Any suggestion on how to fix this error? 关于如何解决此错误的任何建议?
3 个解决方案
解决方案1
3 2018-08-03 06:26:58
There is a github issue for this problem which provides a workaround: 这个问题有一个github问题 ,它提供了一种解决方法:
Workaround is to call
(HashAlgorithm)CryptoConfig.CreateFromName(string), though calling CryptoConfig directly is generally discouraged.(HashAlgorithm)CryptoConfig.CreateFromName(string),尽管通常不建议直接调用CryptoConfig。
解决方案2
2 2018-08-05 03:36:00
To create an MD5 hash object, use MD5.Create() . 要创建MD5哈希对象,请使用MD5.Create() 。 The only reason to use CryptoConfig or HashAlgorithm.Create(String) is when handling dynamic needs. 使用CryptoConfig或HashAlgorithm.Create(String)的唯一原因是在处理动态需求时。
解决方案3
1 2018-08-03 08:03:03
As pointed out in other answers it's not a good idea to use MD5 as a hashing algorithm for passwords because it is too easy to crack. 正如在其他答案中指出的那样,将MD5用作密码的哈希算法不是一个好主意,因为它很容易破解。 And while saying MD5 is insecure in general is not entirely correct, it is insecure for password hashing. 虽然说MD5通常是不安全的,但这并不是完全正确的,但是对于密码哈希来说,这是不安全的。
Basically a problem with simple hashing like that it is too cheap to run one iteration. 基本上是简单哈希的问题,例如运行一次迭代太便宜了。 That's why something named Key Derivation Function used for that purpose. 这就是为什么为此目的使用名为“ Key Derivation Function ”的东西的原因。 The idea is that you need a CPU intensive algorithm (with multiple iterations) to do the hashing. 这个想法是,您需要CPU密集型算法(具有多次迭代)来进行哈希处理。 While it's quite transparent for one user (let's say eg 100 milliseconds), it's too expensive to crack. 虽然对于一个用户来说是相当透明的(例如100毫秒),但破解成本太高。
.Net has built in Rfc2898DerivedBytes for that. .Net Rfc2898DerivedBytes内置了Rfc2898DerivedBytes 。 It's not the easiest class to use, so I have made a little library on top of this class: SimpleHashing.Net . 它不是最容易使用的类,因此我在该类之上做了一个小库: SimpleHashing.Net 。
You can either use it directly or just use the code if you need .Net Standard. 您可以直接使用它,也可以根据需要使用代码。 Did not have time to compile it as Standard yet. 还没有时间将其编译为Standard。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.