我正在嘗試構建一個高度關注安全性和加密的應用程式。
我正在使用Visual Studio 2022和VB.NET 6.0(我現在搜索了 3 天,但找不到最新的東西,我發現的都是過時的,與 VB 6.0 和 Visual Studio 2022 無關)
我創建了一個包含電子郵件和密碼文本框的表單。
我還在使用 Xampp 在本地主機上啟用 SSL 運行 MySQL Server 8.0.29
這是我的代碼的關注部分:
Dim salt As String = "temp salt" ' Can I use salt based on some PC hardware serial number?
cmd.Parameters.Add("@pwd", MySqlDbType.VarString).Value = SHA512Hasher.Base64Hash(Password.Text,salt)
這是我的哈希類:
Public Class SHA512Hasher
Private Sub New()
' Prevent instantiation
End Sub
Public Shared Function Base64Hash(ByVal clearText As String) As String
Dim hashedBytes As Byte() = computeHash(clearText)
Return Convert.ToBase64String(hashedBytes)
End Function
Public Shared Function Base64Hash(ByVal clearText As String, ByVal salt As String) As String
Return Base64Hash(salt & clearText)
End Function
Public Shared Function HexHash(ByVal clearText As String) As String
Dim hashedBytes As Byte() = computeHash(clearText)
' Build the hex string by converting each byte.
Dim hexString As New System.Text.StringBuilder()
For i As Int32 = 0 To hashedBytes.Length - 1
hexString.Append(hashedBytes(i).ToString("X2")) ' Use "x2" for lower case
Next
Return hexString.ToString()
End Function
Public Shared Function HexHash(ByVal clearText As String, ByVal salt As String) As String
Return HexHash(salt & clearText)
End Function
Private Shared Function computeHash(ByVal clearText As String) As Byte()
Dim encoder As New Text.UTF8Encoding()
#Disable Warning SYSLIB0021 ' Type or member is obsolete (how to fix its obsolete?)
Dim sha512hasher As New System.Security.Cryptography.SHA512Managed()
#Enable Warning SYSLIB0021 ' Type or member is obsolete
Return sha512hasher.ComputeHash(encoder.GetBytes(clearText))
End Function
End Class
該功能正在運行,我可以在 MySQL 中存盤散列密碼;但我想知道,這是否足夠安全?這個函式生成的密碼可以解密嗎?
還,
我可以使用此鏈接中的函式在 MySQL 中構建安全密碼存盤嗎?哪一個被接受?
如果我想加密某些資料,如何以不同的形式使用/呼叫上一個鏈接中所述的函式?
謝謝
uj5u.com熱心網友回復:
這個解決方案像魅力一樣對我有用:
Imports System.Security.Cryptography
Imports System.Text
Public Module hashing
Public Function PWDhash(ByVal password As String)
Using sha512Hash As SHA512 = SHA512.Create()
Return GetHash(sha512Hash, password)
End Using
End Function
Private Function GetHash(ByVal hashAlgorithm As HashAlgorithm, ByVal input As String) As String
' Convert the input string to a byte array and compute the hash.
Dim data As Byte() = hashAlgorithm.ComputeHash(Encoding.UTF8.GetBytes(input))
' Create a new Stringbuilder to collect the bytes
' and create a string.
Dim sBuilder As New StringBuilder()
' Loop through each byte of the hashed data
' and format each one as a hexadecimal string.
For i As Integer = 0 To data.Length - 1
sBuilder.Append(data(i).ToString("x2"))
Next
' Return the hexadecimal string.
Return sBuilder.ToString()
End Function
' Verify a hash against a string.
Public Function VerifyHash(hashAlgorithm As HashAlgorithm, input As String, hash As String) As Boolean
' Hash the input.
Dim hashOfInput As String = GetHash(hashAlgorithm, input)
' Create a StringComparer an compare the hashes.
Dim comparer As StringComparer = StringComparer.OrdinalIgnoreCase
Return comparer.Compare(hashOfInput, hash) = 0
End Function
End Module
這是如何散列:
Dim HashedPWD As String = PWDhash("password here")
這是如何驗證:
Dim IsPWDCorrect As Boolean = VerifyHash(sha512Hash, "password here", "password hash from DB")
它適用于 VB.Net Core 6.0
哈希的長度為 128 位元組。
轉載請註明出處,本文鏈接:https://www.uj5u.com/qianduan/475064.html
