将Asp.net身份密码哈希复制到Chilkat

时间:2018-01-22 23:33:30

标签: pbkdf2 chilkat rfc2898

您好我想要复制在asp.net身份中完成的密码哈希,这样,由asp.net身份散列的密码的结果值和Chilkat散列的密码是相同的。这甚至可能吗?

在C#asp.net中,我们使用为我们执行pbkdf2的Rfc2898DeriveBytes。我怎样才能在奇尔卡特做同样的事?

    private const int PBKDF2IterCount = 1000; // default for Rfc2898DeriveBytes
    private const int PBKDF2SubkeyLength = 256 / 8; // 256 bits
    private const int SaltSize = 128 / 8; // 128 bits

    //[ComVisible(true)]
    public string HashPassword(string password)
    {
        if (password == null)
        {
            throw new ArgumentNullException("password cannot be null");
        }

        // Produce a version 0 (see comment above) text hash.
        byte[] salt;
        byte[] subkey;
        using (var deriveBytes = new Rfc2898DeriveBytes(password, SaltSize, PBKDF2IterCount))
        {
            salt = deriveBytes.Salt;
            subkey = deriveBytes.GetBytes(PBKDF2SubkeyLength);
        }

        var outputBytes = new byte[1 + SaltSize + PBKDF2SubkeyLength];
        Buffer.BlockCopy(salt, 0, outputBytes, 1, SaltSize);
        Buffer.BlockCopy(subkey, 0, outputBytes, 1 + SaltSize, PBKDF2SubkeyLength);
        return Convert.ToBase64String(outputBytes);
    }

目前,我在Chilkat使用的参数是:

 Function EncryptChilkat(sPassword As String) As String

Dim crypt As New ChilkatCrypt2

Dim success As Long

success = crypt.UnlockComponent("ACHIEV.CR1082018_dCrRA3zr4e1M ")

If (success <> 1) Then
    Debug.Print crypt.LastErrorText
    Exit Function
End If

Dim hexKey As String

Dim pw As String
pw = "pwd"
Dim pwCharset As String
pwCharset = "base64"

'  Hash algorithms may be: sha1, md2, md5, etc.
Dim hashAlg As String
hashAlg = "HMCSHA1"

'  The salt should be 8 bytes:
Dim saltHex As String
saltHex = "78578E5A5D63CB06"

Dim iterationCount As Long
iterationCount = 1000

'  Derive a 128-bit key from the password.
Dim outputBitLen As Long
outputBitLen = 128

'  The derived key is returned as a hex or base64 encoded string.
'  (Note: The salt argument must be a string that also uses
'  the same encoding.)
Dim enc As String
enc = "base64"

hexKey = crypt.Pbkdf2(pw, pwCharset, hashAlg, saltHex, iterationCount, outputBitLen, enc)

EncryptChilkat = hexKey
End Function

1 个答案:

答案 0 :(得分:0)

检查双方密码和盐的二进制值。还要检查尾随空值,回车符和换行符。

此外,您可以看到哪种算法(如果有的话)行为不当 - 我有Jither's .NET PBKDF2 implementation at my github repository的副本,包括测试向量,对于您的Chillkat,您可以从my LibreOffice Calc sheet of PBKDF2 test vectors创建所需内容。< / p>

通过两种实现运行这些;无论哪一个失败都是错误的。 如果两者都成功......那么你就不会给出两个相同的参数。

相关问题
最新问题