登录加密测验

来源：互联网发布：淘宝卖家使用尺码编辑：程序博客网时间：2024/05/21 19:37

刚学ADO.NET,见数据库中的登录密码类的字段是明文，只觉不妥，便随心加了这个。好耍好耍，大家有何建议，望告知小白。。。

private static string salt;

private void btn_Encrypte_Click(object sender, EventArgs e)

{

//only MD5

if (radioBtn_MD5.Checked == true)

{

MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();

byte[] ByteString = System.Text.Encoding.ASCII.GetBytes(txt_Input.Text);

ByteString = md5.ComputeHash(ByteString);

string FinalString = null;

foreach (byte bt in ByteString)

{

FinalString += bt.ToString("x2");

}

txt_EncrypteOutput.Text = FinalString.ToString();

}

if (radioBtn_SHA512Hash.Checked == true)

{

byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(txt_Input.Text);

SHA512Managed sha512 = new SHA512Managed();

byte[] outputBytes = sha512.ComputeHash(inputBytes);

txt_EncrypteOutput.Text = Convert.ToBase64String(outputBytes);

}

//plus salt

if(radioBtn_SHA512HashPlusSalt.Checked==true)

{

salt=GetSalt(64,128);

CaculateSHA512Hash(this.txt_Input.Text,salt);

}

private void CaculateSHA512Hash(string input,string salt)

{

input = txt_Input.Text;

byte[] saltBytes = Convert.FromBase64String(salt);

byte[] inputBytes = Encoding.UTF8.GetBytes(input);

byte[] inputWithSaltBytes = new byte[saltBytes.Length + inputBytes.Length];

Array.Copy(inputBytes, 0, inputWithSaltBytes, 0, inputBytes.Length);

Array.Copy(saltBytes, 0, inputWithSaltBytes, inputBytes.Length,saltBytes.Length);

SHA512Managed sha512 = new SHA512Managed();

byte[] outputBytes = sha512.ComputeHash(inputWithSaltBytes);

txt_EncrypteOutput.Text = Convert.ToBase64String(outputBytes);

}

private static string GetSalt(int minSaltSize,int maxSaltSize)

{

Random random = new Random();

int saltSize = random.Next(minSaltSize, maxSaltSize);

byte[] saltBytes = new byte[saltSize];

RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();

rng.GetNonZeroBytes(saltBytes);

return Convert.ToBase64String(saltBytes);

}

0 0