我们目前有一个现有项目,该项目使用Crypto库对密码进行哈希处理:
We currently have an existing project which uses to the Crypto library to hash passwords:
我们正在寻求转移到核心. 核心中是否有等效替代品,这样我们就不必重新哈希所有现有密码了?
We are looking to move over to core. Is there an equivalent replacement in core so that we do not have to re-hash all our existing passwords?
推荐答案
森林人,
>>我们正在寻求转移到核心. 核心中是否有等效的替代品,这样我们就不必重新哈希所有现有密码了?
根据您的描述,我创建了一个简单的asp核心应用程序,并尝试将块包添加到项目中.但该软件包与netcoreapp1.0和netcoreapp1.1不兼容,我建议您可以等待软件包升级 支持.Net Core.
According to your description, I create a simple asp core app and try to add the nugget package to project. but the package is not compatible with netcoreapp1.0 and netcoreapp1.1,I would suggest that you could wait for the package upgrade to support .Net Core.
您还可以编写自定义方法来哈希相关的密码.像这样:
You could also write custom method to hash related password. like this:
public static string HashPassword(string pass) { // generate a 128-bit salt using a secure PRNG byte[] salt = new byte[128 / 8]; using (var rng = RandomNumberGenerator.Create()) { rng.GetBytes(salt); } Console.WriteLine("盐:{Convert.ToBase64String(salt)})); //派生256位子项(使用HMACSHA1进行10,000次迭代) 散列的字符串= Convert.ToBase64String(KeyDerivation.Pbkdf2( 密码:密码, 盐:盐, prf:KeyDerivationPrf.HMACSHA1, 版本数:10000, numBytesRequested:256/8)); 返回散列; } "Salt: {Convert.ToBase64String(salt)}"); // derive a 256-bit subkey (use HMACSHA1 with 10,000 iterations) string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2( password: password, salt: salt, prf: KeyDerivationPrf.HMACSHA1, iterationCount: 10000, numBytesRequested: 256 / 8)); return hashed; }
docs.microsoft /en-us/aspnet/core/security/data-protection/consumer-apis/password-hashing
最诚挚的问候,
吴可乐
更多推荐
.Net Core替代System.Web.Helpers.Crypto库
发布评论