Rfc2898DeriveBytes vs golang pbkdf2

时间:2016-12-07 03:03:47

标签: .net go

这是我的C#Rfc2898DeriveBytes 

using System;
using System.Text;
using System.Security.Cryptography;

public class Program
{
    public static void Main()
    {
        byte[] saltBytes = Encoding.Unicode.GetBytes("47687");
        Console.WriteLine(Convert.ToBase64String(saltBytes));

        byte[] passBytes = Encoding.Unicode.GetBytes("123456");
        Console.WriteLine(Convert.ToBase64String(passBytes));

        Rfc2898DeriveBytes k1 = new Rfc2898DeriveBytes(passBytes, saltBytes, 1000);
        byte[] hashbyte = k1.GetBytes(32);

        Console.WriteLine(Convert.ToBase64String(hashbyte));
    }
}

结果是 NAA3ADYAOAA3AA == MQAyADMANAA1ADYA aOyDnGG22ebqGmMvY7zQwdT + UKF6hUUmAt2Uc0jj2io =

我的golang代码是

package main

import (
    "crypto/sha1"
    "fmt"
    "golang.org/x/crypto/pbkdf2"
    b64 "encoding/base64"
)

var (
    PasswordSecuritySalt       = "47687"
    PasswordSecurityIterations = 1000
    PasswordSecurityKeylen     = 32
)

func HashPassword(str string) string {
    hashedPassword := pbkdf2.Key([]byte(str), []byte(PasswordSecuritySalt), PasswordSecurityIterations, PasswordSecurityKeylen, sha1.New)
    return  b64.StdEncoding.EncodeToString(hashedPassword)
}

func main() {
    password := "123456"
    fmt.Println(PasswordSecuritySalt + " " + password)
    fmt.Println(HashPassword(password))

}

结果是 47687 123456 EVqb1dCe8p + iVEquNjJmHhSjruGATNQX73F6msXivM8 =

为什么golang结果哈希密码与C#不同。请帮帮我。

1 个答案:

答案 0 :(得分:4)

.NET使用UTF-16字符串,因此每个字符至少由2个字节表示,而Go使用UTF-8字符串。

C#:

Encoding.Unicode.GetBytes("47687") // [52 0 55 0 54 0 56 0 55 0]

转到:

[]byte("47687") // [52 55 54 56 55]

如果你想在Go应用程序中获得与在C#中相同的结果,则必须将Go字符串转换为UTF-16字节切片:

package main

import (
    "crypto/sha1"
    b64 "encoding/base64"
    "encoding/binary"
    "fmt"
    "golang.org/x/crypto/pbkdf2"
    "unicode/utf16"
)

var (
    PasswordSecuritySalt       = "47687"
    PasswordSecurityIterations = 1000
    PasswordSecurityKeylen     = 32
)

func stringToUTF16Bytes(s string) []byte {
    runes := utf16.Encode([]rune(s))
    bytes := make([]byte, len(runes)*2)
    for i, r := range runes {
        binary.LittleEndian.PutUint16(bytes[i*2:], r)
    }
    return bytes
}

func HashPassword(str string) string {
    hashedPassword := pbkdf2.Key(stringToUTF16Bytes(str), stringToUTF16Bytes(PasswordSecuritySalt), PasswordSecurityIterations, PasswordSecurityKeylen, sha1.New)
    return b64.StdEncoding.EncodeToString(hashedPassword)
}

func main() {
    fmt.Println(HashPassword("123456"))
}
相关问题
最新问题