使用PBKDF2进行Hash(为每个Hash值生成唯一的Salt值)

HashedPasswordEntity.cs

 /// <summary>
    /// 一个hash的密码
    /// </summary>
    public class HashedPasswordEntity
    {
        /// <summary>
        /// 密码哈希值
        /// </summary>
        [SuppressMessage("Microsoft.Design", "CA1051:不要声明可见实例字段", Justification = "It's readonly.")]
        public readonly string Hash;

        /// <summary>
        ///密码盐值
        /// </summary>
        [SuppressMessage("Microsoft.Design", "CA1051:不要声明可见实例字段", Justification = "It's readonly.")]
        public readonly string Salt;

        /// <summary>
        /// Ctor.
        /// </summary>
        /// <param name="hash">密码哈希值</param>
        /// <param name="salt">密码盐值</param>
        public HashedPasswordEntity(string hash, string salt)
        {
            Hash = hash;
            Salt = salt;
        }
    }

Hasher.cs

using System;
using System.Diagnostics.CodeAnalysis;
using System.Security.Cryptography;
using System.Text;

namespace HashLibrary
{

    /// <summary>
    /// 密码哈希类
    /// </summary>
    public class Hasher
    {
        /// <summary>
        /// 扩展ASCII.
        /// </summary>
        private static Encoding Encoding = Encoding.GetEncoding(437);

        /// <summary>
        ///生成的哈希的长度
        /// </summary>
        public readonly int HashLength;

        /// <summary>
        /// 生成盐的长度
        /// </summary>
        public readonly int SaltLength;

        /// <summary>
        /// 构造函数
        /// </summary>
        public Hasher() : this(32, 32) { }

        /// <summary>
        /// Ctor.
        /// </summary>
        /// <param name="hashLength">生成的哈希的长度</param>
        /// <param name="saltLength">生成盐的长度</param>
        public Hasher(int hashLength, int saltLength)
        {
            if (hashLength <= 0)
            {
                throw new ArgumentOutOfRangeException("hashLength");
            }
            if (saltLength <= 0)
            {
                throw new ArgumentOutOfRangeException("saltLength");
            }

            HashLength = hashLength;
            SaltLength = saltLength;
        }

        /// <summary>
        /// 检查给定的密码哈希是否等于给定的哈希
        /// </summary>
        /// <param name="password">哈希密码</param>
        /// <param name="hashed">哈希检查</param>
        public bool Check(string password, HashedPasswordEntity hashed)
        {
            if (password == null)
                throw new ArgumentNullException("password");

            if (hashed == null)
                throw new ArgumentNullException("hashed");

            var bytes = Encoding.GetBytes(hashed.Salt);
            return hashed.Hash == HashPassword(password, bytes);
        }

        /// <summary>
        /// 盐，然后用PBKDF2哈希给定的密码
        /// </summary>
        /// <param name="password">密码加盐然后哈希</param>
        /// <returns>加盐并Hash的密码</returns>
        public HashedPasswordEntity HashPassword(string password)
        {
            var bytes = GenerateSalt();
            var hash = HashPassword(password, bytes);
            var salt = Encoding.GetString(bytes);
            return new HashedPasswordEntity(hash, salt);
        }

        /// <summary>
        /// 盐，然后用PBKDF2哈希给定的密码
        /// </summary>
        /// <param name="password">密码加盐然后哈希</param>
        /// <param name="salt">要使用的盐值</param>
        /// <returns>加盐并Hash的密码/returns>
        private string HashPassword(string password, byte[] salt)
        {
            //PBKDF2应用一个伪随机函数以导出密钥。导出密钥的长度本质上是没有限制的（但是，导出密钥的最大有效搜索空间受限于基本伪随机函数的结构）。
            //PBKDF2简单而言就是将salted hash进行多次重复计算，这个次数是可选择的

            using (var pbkdf2 = new Rfc2898DeriveBytes(password, salt))
            {
                var bytes = pbkdf2.GetBytes(HashLength);
                return Encoding.GetString(bytes);
            }
        }

        /// <summary>
        /// 生成随机盐
        /// </summary>
        /// <returns>生成的盐值</returns>
        private byte[] GenerateSalt()
        {
            var random = new Random(unchecked((int)DateTime.Now.Ticks));
            var salt = new byte[SaltLength];
            random.NextBytes(salt);
            return salt;
        }
    }
}

Program.cs

class Program
    {
        static void Main(string[] args)
        {
            Empty();
            Console.WriteLine("-----------------------------------------");
            DefaultLengths();
            Console.WriteLine("-----------------------------------------");
            CustomLengths();

            Console.ReadKey();
        }


        public static void Empty()
        {
            var hasher = new Hasher();
            var hashed = hasher.HashPassword(string.Empty);

            Console.WriteLine(hasher.Check(string.Empty, hashed));
            Console.WriteLine(hasher.Check("", hashed));


            Console.WriteLine(hasher.HashLength+"-----------"+hashed.Hash.Length);
            Console.WriteLine(hasher.SaltLength + "-----------" + hashed.Salt.Length);
        }

        public static void DefaultLengths()
        {
            var hasher = new Hasher();
            var hashed = hasher.HashPassword("foo");

            Console.WriteLine(hasher.Check("foo", hashed));
            Console.WriteLine(hasher.Check("bar", hashed));

            Console.WriteLine(hasher.HashLength + "-----------" + hashed.Hash.Length);
            Console.WriteLine(hasher.SaltLength + "-----------" + hashed.Salt.Length);
        }


        public static void CustomLengths()
        {
            var hasher = new Hasher(100, 8);
            var hashed = hasher.HashPassword("foo");

            Console.WriteLine(hasher.Check("foo", hashed));
            Console.WriteLine(hasher.Check("bar", hashed));

            Console.WriteLine(hasher.HashLength + "-----------" + hashed.Hash.Length);
            Console.WriteLine(hasher.SaltLength + "-----------" + hashed.Salt.Length);
        }
    }

运行结果如图: