public static byte[] ComputeHashCode(byte[] toBeHashed)
{
using (var md5 = SHA512.Create())
{
return md5.ComputeHash(toBeHashed);
}
}
public static string encodestring(string mystring)
{
byte[] encode = new byte[mystring.Length];
encode = System.Text.Encoding.UTF8.GetBytes(mystring);
string s1 = Convert.ToBase64String(ComputeHashCode(encode));
string strmsg = Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(s1));
return strmsg;
}
public static string decodestring()
{
string strmsg = "dbvsdvjvjhjdfsjdcs==";
byte[] encode = Convert.FromBase64String(strmsg);
strmsg = System.Text.Encoding.UTF8.GetString(Convert.FromBase64String(System.Text.Encoding.UTF8.GetString(ComputeHashCode(encode))));
return strmsg;
}
答案 0 :(得分:1)
您是否正在尝试以加密形式存储数据,然后将其解码以便以后显示? 如果是这样,则基本散列不适合使用,而是需要一种加密算法,该算法使用已知的加密密钥对其进行加密或解密。
如果要处理密码,最好比较散列值以确定提供的值是否正确,这是为了尽可能避免以明文形式处理密码。 这是一个实用程序类,确实证明了这一点
/// <summary>
/// This is a utility class that can be used to securely hash and verify a password.
/// The output from the Hashing process includes a header to identify that the value
/// has been produced using this code, the salt value used to produce the has and the hash value
/// itself.
/// Note: the salt value is randomly produced for each hashed password.
/// </summary>
public static class PasswordHashUtility
{
/// <summary>
/// Size of salt for Hash production
/// </summary>
private const int SaltSize = 16;
/// <summary>
/// Size of Has
/// </summary>
private const int HashSize = 20;
private const string HashType = "$MBnYt1!?$V1";
public static int HashIterations = 1000;
/// <summary>
/// Creates a hash from a password.
/// </summary>
/// <param name="password">The password.</param>
/// <param name="iterations">Number of iterations.</param>
/// <returns>The hash</returns>
public static string Hash(string password, int iterations)
{
// Create salt
var salt = new byte[SaltSize];
var cryptoServiceProvider = new RNGCryptoServiceProvider();
cryptoServiceProvider.GetBytes(salt);
// Create hash
var pbkdf2 = new Rfc2898DeriveBytes(password, salt, iterations);
var hash = pbkdf2.GetBytes(HashSize);
// Combine salt and hash
var hashBytes = new byte[SaltSize + HashSize];
Array.Copy(salt, 0, hashBytes, 0, SaltSize);
Array.Copy(hash, 0, hashBytes, SaltSize, HashSize);
// Convert to base64
var base64Hash = Convert.ToBase64String(hashBytes);
// tidy-up
cryptoServiceProvider.Dispose();
pbkdf2.Dispose();
// Format hash with extra information
return $"{HashType}{iterations}${base64Hash}";
}
/// <summary>
/// Checks if hash has been produced by this utility.
/// </summary>
/// <param name="hashString">The hash type name</param>
/// <returns>True if supported</returns>
public static bool IsHashSupported(string hashString)
{
return hashString.StartsWith(HashType);
}
/// <summary>
/// Verifies a password against a hash.
/// </summary>
/// <param name="password">The password to verify</param>
/// <param name="hashedPassword">The hash value to verify against</param>
/// <returns>Could be verified?</returns>
public static bool Verify(string password, string hashedPassword)
{
// Check hash
if (!IsHashSupported(hashedPassword))
{
throw new NotSupportedException("The hash type is not supported");
}
// Extract iteration and Base64 string
var splitHashString = hashedPassword.Replace(HashType, "").Split('$');
var iterations = int.Parse(splitHashString[0]);
var base64Hash = splitHashString[1];
// Get hash bytes
var hashBytes = Convert.FromBase64String(base64Hash);
// Get salt
var salt = new byte[SaltSize];
Array.Copy(hashBytes, 0, salt, 0, SaltSize);
// Create hash with given salt
var pbkdf2 = new Rfc2898DeriveBytes(password, salt, iterations);
var hash = pbkdf2.GetBytes(HashSize);
//tidy-up
pbkdf2.Dispose();
// Get result
for (var i = 0; i < HashSize; i++)
{
if (hashBytes[i + SaltSize] != hash[i])
{
return false;
}
}
return true;
}
}
答案 1 :(得分:0)
哈希字符串的想法是,它不能被反转。 This Question解释了为何如此难以逆转。因此,据我所知,基本上,您要尝试做的事情是不可能的。
答案 2 :(得分:0)
您正在使用SHA512(一种哈希算法)。哈希算法是不可逆的,不能解密。这主要用于密码检查和文件完整性检查。