首先提供一个帮助类,可直接粘贴使用
using System.Security.Cryptography;
namespace Core.Utils;
/// <summary>
/// 提供常用加解密方法
/// </summary>
public class HashCrypto
{
private static readonly RandomNumberGenerator Rng = RandomNumberGenerator.Create();
/// <summary>
/// SHA512 encrypt
/// </summary>
/// <param name="value"></param>
/// <param name="salt"></param>
/// <returns></returns>
public static string GeneratePwd(string value, string salt)
{
Rfc2898DeriveBytes encrpty = new(value, Encoding.UTF8.GetBytes(salt), 100, HashAlgorithmName.SHA512);
byte[] valueBytes = encrpty.GetBytes(32);
return Convert.ToBase64String(valueBytes);
}
public static bool Validate(string value, string salt, string hash)
{
return GeneratePwd(value, salt) == hash;
}
public static string BuildSalt()
{
byte[] randomBytes = new byte[128 / 8];
using RandomNumberGenerator generator = RandomNumberGenerator.Create();
generator.GetBytes(randomBytes);
return Convert.ToBase64String(randomBytes);
}
/// <summary>
/// HMACSHA256 encrypt
/// </summary>
/// <param name="key"></param>
/// <param name="content"></param>
/// <returns></returns>
public static string HMACSHA256(string key, string content)
{
using HMACSHA256 hmac = new(Encoding.UTF8.GetBytes(key));
byte[] valueBytes = hmac.ComputeHash(Encoding.UTF8.GetBytes(content));
return Convert.ToBase64String(valueBytes);
}
/// <summary>
/// 字符串md5值
/// </summary>
/// <param name="str"></param>
/// <returns></returns>
public static string Md5Hash(string str)
{
byte[] data = MD5.HashData(Encoding.UTF8.GetBytes(str));
StringBuilder sBuilder = new();
for (int i = 0; i < data.Length; i++)
{
_ = sBuilder.Append(data[i].ToString("x2"));
}
return sBuilder.ToString();
}
/// <summary>
/// 某文件的md5值
/// </summary>
/// <param name="stream">file stream</param>
/// <returns></returns>
public static string Md5FileHash(Stream stream)
{
using MD5 md5 = MD5.Create();
byte[] data = md5.ComputeHash(stream);
StringBuilder sBuilder = new();
for (int i = 0; i < data.Length; i++)
{
_ = sBuilder.Append(data[i].ToString("x2"));
}
return sBuilder.ToString();
}
/// <summary>
/// 生成随机数
/// </summary>
/// <param name="length"></param>
/// <param name="useNum"></param>
/// <param name="useLow"></param>
/// <param name="useUpp"></param>
/// <param name="useSpe"></param>
/// <param name="custom"></param>
/// <returns></returns>
public static string? GetRnd(int length = 4, bool useNum = true, bool useLow = false, bool useUpp = true, bool useSpe = false, string custom = "")
{
byte[] b = new byte[4];
string? s = null;
string str = custom;
if (useNum) { str += "0123456789"; }
if (useLow) { str += "abcdefghijklmnopqrstuvwxyz"; }
if (useUpp) { str += "ABCDEFGHIJKLMNOPQRSTUVWXYZ"; }
if (useSpe) { str += "!\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~"; }
// 范围
int range = str.Length - 1;
for (int i = 0; i < length; i++)
{
Rng.GetBytes(b);
// 随机数
double rn = BitConverter.ToUInt32(b, 0) / ((double)uint.MaxValue + 1);
// 位置
int position = (int)(rn * range);
s += str.Substring(position, 1);
}
return s;
}
/// <summary>
/// 加密
/// </summary>
/// <param name="text">源文</param>
/// <param name="key"></param>
/// <returns></returns>
public static string AesEncrypt(string text, string key)
{
byte[] encrypted;
using (Aes aesAlg = Aes.Create())
{
aesAlg.Key = Encoding.ASCII.GetBytes(Md5Hash(key));
aesAlg.IV = aesAlg.Key[..16];
ICryptoTransform encryptor = aesAlg.CreateEncryptor();
using MemoryStream msEncrypt = new();
using CryptoStream csEncrypt = new(msEncrypt, encryptor, CryptoStreamMode.Write);
using (StreamWriter swEncrypt = new(csEncrypt))
{
swEncrypt.Write(text);
}
encrypted = msEncrypt.ToArray();
}
return Convert.ToBase64String(encrypted);
}
/// <summary>
/// 解密
/// </summary>
/// <param name="cipherText"></param>
/// <param name="key"></param>
/// <returns></returns>
public static string AesDescrypt(string cipherText, string key)
{
if (string.IsNullOrWhiteSpace(cipherText))
{
return string.Empty;
}
string? plaintext = null;
using (Aes aesAlg = Aes.Create())
{
aesAlg.Key = Encoding.ASCII.GetBytes(Md5Hash(key));
aesAlg.IV = aesAlg.Key[..16];
ICryptoTransform decryptor = aesAlg.CreateDecryptor();
using MemoryStream msDecrypt = new(Convert.FromBase64String(cipherText));
using CryptoStream csDecrypt = new(msDecrypt, decryptor, CryptoStreamMode.Read);
using StreamReader srDecrypt = new(csDecrypt);
plaintext = srDecrypt.ReadToEnd();
}
return plaintext;
}
}
这里用到了三个方法
//随机生成盐
string salt = HashCrypto.BuildSalt();
entity.PasswordSalt = salt;
输入的密码与盐生成对应的Hash
entity.PasswordHash = HashCrypto.GeneratePwd(dto.PassWord, salt);
// 输入的密码用生成的盐比较密码+盐 是否是一个值
if (HashCrypto.Validate(dto.Password, user.PasswordSalt, user.PasswordHash))
这样保存在库里的时候只用入库随机生成盐和密码盐就好,用作登录 输入密码用HashCrypto.Validate方法 会自动匹配输入的密码比较salt和hash是否匹配