javascript 使用 SHA256 和 .NET/Node.js 散列密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/13714103/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Hashing a password using SHA256 and .NET/Node.js
提问by davey555
Im Storing SHA256 hashes of user passwords in my database generated by .NET and I need to be able to check them with Node.js. The only problem is that .NET and Node.js create different hashes for the same password.
我将用户密码的 SHA256 哈希值存储在由 .NET 生成的数据库中,我需要能够使用 Node.js 检查它们。唯一的问题是 .NET 和 Node.js 为相同的密码创建了不同的哈希值。
Password: ThisPassword
.NET:
。网:
var ue = new UnicodeEncoding();
var byteSourceText = ue.GetBytes("ThisPassword");
var byteHash = new System.Security.Cryptography.SHA256Managed().ComputeHash(byteSourceText);
return Convert.ToBase64String(byteHash);
//Tlwxyd7HIQhXkN6DrWJtmB9Ag2fz84P/QgMtbi9XS6Q=
Node.js (Using Crypto):
Node.js(使用加密):
var crypto = require('crypto');
return crypto.createHash('sha256').update('ThisPassword').digest('base64')
//d7I986+YD1zS6Wz2XAcDv2K8yw3xIVUp7u/OZiDzhSY=
I found this, but was unable to figure out how to implement his solution.
我找到了这个,但无法弄清楚如何实施他的解决方案。
回答by Esailija
Edit: You are using UTF-16 in C#, you must use same encoding in both languages:
编辑:您在 C# 中使用 UTF-16,您必须在两种语言中使用相同的编码:
Node.js:
节点.js:
var crypto = require("crypto");
var sha256 = crypto.createHash("sha256");
sha256.update("ThisPassword", "utf8");//utf8 here
var result = sha256.digest("base64");
console.log(result); //d7I986+YD1zS6Wz2XAcDv2K8yw3xIVUp7u/OZiDzhSY=
C#:
C#:
SHA256 sha256 = SHA256Managed.Create(); //utf8 here as well
byte[] bytes = sha256.ComputeHash(Encoding.UTF8.GetBytes("ThisPassword"));
string result = Convert.ToBase64String(bytes);
Console.WriteLine(result); //d7I986+YD1zS6Wz2XAcDv2K8yw3xIVUp7u/OZiDzhSY=
回答by JamieSee
If you're using the .NET Framework's built-in SqlMembershipProvider Class from System.Web.Security, the hash incorporates a salt value as well as the password material when it is generated. Simply hashing the password alone in your node.js will never produce the same result as the hash in the database.
如果您使用来自 System.Web.Security 的 .NET Framework 的内置 SqlMembershipProvider 类,则哈希在生成时包含盐值和密码材料。简单地在 node.js 中单独散列密码永远不会产生与数据库中的散列相同的结果。
See Microsoft ASP.NET 2.0 Providers: Introductionfor a link to .NET source code for the provider that will let you see how the salt value is applied.
请参阅Microsoft ASP.NET 2.0 Providers: Introduction以获取指向提供程序的.NET 源代码的链接,让您了解如何应用盐值。
You need to include your code if you need more help than this.
如果您需要更多帮助,则需要包含您的代码。
回答by fundon
I created the node pbkdf2 module(source https://github.com/fundon/pbkdf2)
我创建了节点 pbkdf2 模块(来源https://github.com/fundon/pbkdf2)
Required node >= 0.11.11
所需节点 >= 0.11.11
var pbkdf2 = require('pbkdf2');
var p = 'password';
var s = pbkdf2.generateSaltSync(32);
var pwd = pbkdf2.hashSync(p, s, 1, 20, 'sha256');
var bool = pbkdf2.compareSync(pwd, p, s, 1, 20, 'sha256');
