一 散列数据 代码如下:
private static string CalculateSHA512Hash(string input)
{
byte[] inputBytes = Encoding.UTF8.GetBytes(input);
SHA512Managed sha512 = new SHA512Managed();
byte[] outputBytes = sha512.ComputeHash(inputBytes);
return Convert.ToBase64String(outputBytes);
}
原始散列对于彩虹表来说也存在漏洞,在彩虹表中,表内的每一条记录都是一串明文对应一种加密算法生成的一串密文。加盐就是指在密码中加入一个盐,这样可以提高密码散列的安全性。修改后的代码如下:
private static string CalculateSHA512Hash(string input,string salt)
{
byte[] saltBytes = Convert.FromBase64String(salt);
byte[] inputBytes = Encoding.UTF8.GetBytes(input);
byte[] inputWithSaltBytes = new byte[saltBytes.Length + inputBytes.Length];
Array.Copy(inputBytes, 0, inputWithSaltBytes, 0, inputBytes.Length);
Array.Copy(saltBytes, 0, inputWithSaltBytes, inputBytes.Length, saltBytes.Length);
SHA512Managed sha512 = new SHA512Managed();
byte[] outputBytes = sha512.ComputeHash(inputWithSaltBytes);
return Convert.ToBase64String(outputBytes);
}
private static string GetSalt(int minSaltSize, int maxSaltSize)
{
Random random = new Random();
int saltSize = random.Next(minSaltSize, maxSaltSize);
byte[] saltBytes = new byte[saltSize];
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
rng.GetNonZeroBytes(saltBytes);
return Convert.ToBase64String(saltBytes);
}
二 对称加密
private static string Encrypt(string input, byte[] key, byte[] iv)
{
byte[] inputBytes = Encoding.UTF8.GetBytes(input);
RijndaelManaged rijndael = new RijndaelManaged();
ICryptoTransform transform = rijndael.CreateEncryptor(key, iv);
byte[] encrytData = null;
using (MemoryStream outputStream = new MemoryStream())
{
using (CryptoStream inputStream = new CryptoStream(outputStream, transform, CryptoStreamMode.Write))
{