检索哈希密码错误

时间:2014-03-13 06:44:06

标签: c# winforms ms-access hash

我正在尝试使用已使用哈希密码存储在数据库中的用户名和原始密码登录。

但是,当我尝试登录时,我收到了value cannot be null if (salt == null) { throw new ArgumentNullException("salt"); }上的BCrypt.cs消息

我正在使用string connectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=..\db1.accdb"; Password.Hashed = BCrypt.HashPassword(this.textBox2.Text, BCrypt.GenerateSalt(12)); using (OleDbConnection conn = new OleDbConnection(connectionString)) { string query = "INSERT INTO [Member] ([Username], [Password], [UserType]) VALUES (@Username, @Password, @UserType)"; conn.Open(); using (OleDbCommand cmd = new OleDbCommand(query, conn)) { cmd.Parameters.Add("@Username", System.Data.OleDb.OleDbType.VarChar); cmd.Parameters["@Username"].Value = this.textBox1.Text; cmd.Parameters.Add("@Password", System.Data.OleDb.OleDbType.VarChar); cmd.Parameters["@Password"].Value = Password.Hashed; cmd.Parameters.Add("@UserType", System.Data.OleDb.OleDbType.VarChar); cmd.Parameters["@UserType"].Value = this.comboBox1.SelectedItem; cmd.ExecuteNonQuery(); System.Media.SoundPlayer _sound = new System.Media.SoundPlayer(@"C:\Windows\Media\Windows Exclamation.wav"); _sound.Play(); DialogResult _dialogResult = MessageBox.Show("Added Successfully!", "Success", MessageBoxButtons.OK); if (_dialogResult == DialogResult.OK) { this.Hide(); Login _login = new Login(); _login.ShowDialog(); this.Close(); } } conn.Close(); } 来散列数据库中的密码。 BCrypt.cs

这是我注册用户的代码:

string connectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=..\db1.accdb";

using (OleDbConnection conn = new OleDbConnection(connectionString))
            {
                string query = "SELECT [Username], [Password], [UserType] FROM [Member] WHERE [Username] = @Username AND [Password] = @Password";

                conn.Open();

                using (OleDbCommand cmd = new OleDbCommand(query, conn))
                {
                    cmd.Parameters.Add("@Username", System.Data.OleDb.OleDbType.VarChar);
                    cmd.Parameters["@Username"].Value = this.textBox1.Text;

                    cmd.Parameters.Add("@Password", System.Data.OleDb.OleDbType.VarChar);
                    cmd.Parameters["@Password"].Value = BCrypt.CheckPassword(this.textBox2.Text, Password.Hashed);

                    using (OleDbDataReader dReader = cmd.ExecuteReader())
                    {
                        if (dReader.Read())
                        {
                            UserInformation.CurrentLoggedInUser = (string)dReader["Username"];
                            UserInformation.CurrentLoggedInUserType = (string)dReader["UserType"];

                            this.Hide();

                            this.Close();
                        }

                        else
                        {
                            Validation(sender, e);

                            RecursiveClearTextBoxes(this.Controls);
                        }

                        dReader.Close();
                        conn.Close();
                    }
                }
            }

以下是我登录用户的代码:

public static string Hashed
    {
        get;
        set;
    }

这是密码类:

Kaoru

任何帮助将不胜感激,您的回答非常感谢!

非常感谢你。

编辑:

我的数据库如下所示:

enter image description here

该密码是哈希(盐),我用于登录的原始密码是Kaoru。该密码是从原始密码生成的,即{{1}}

1 个答案:

答案 0 :(得分:1)

请尝试以下代码:

string connectionString = @"Provider=Microsoft.ACE.OLEDB.12.0;Data Source=..\db1.accdb";

using (OleDbConnection conn = new OleDbConnection(connectionString))
{
    string query = "SELECT [Username], [Password], [UserType] FROM [Member] WHERE [Username] = @Username";

    conn.Open();

    using (OleDbCommand cmd = new OleDbCommand(query, conn))
    {
        cmd.Parameters.Add("@Username", System.Data.OleDb.OleDbType.VarChar);
        cmd.Parameters["@Username"].Value = this.textBox1.Text;

        using (OleDbDataReader dReader = cmd.ExecuteReader())
        {
            bool isValidPassword = false;
            if (dReader.Read())
            {
                string password = (string)dReader["Password"];
                bool isValidPassword = BCrypt.CheckPassword(this.textBox2.Text, password);
                if (isValidPassword)
                {
                    UserInformation.CurrentLoggedInUser = (string)dReader["Username"];
                    UserInformation.CurrentLoggedInUserType = (string)dReader["UserType"];
                    this.Hide();
                    this.Close();
                }
            }
            if (!isValidPassword)
            {
                Validation(sender, e);

                RecursiveClearTextBoxes(this.Controls);
            }
        }
    }
}