在我的web应用程序中,在数据库中插入密码之前,我创建了一个随机salt,然后我将这个salt传递给一个散列函数,如下所示:
function generate_salt()
{
$max_length = 100;
$salt = hash('sha256', (uniqid(rand(), true)));
return substr($salt, 0, $max_length);
}
function hash_password($salt, $password)
{
$half = (int)(strlen($salt) / 2);
$hash = hash('sha256', substr($salt, 0, $half ) . $password . substr($salt, $half));
for ($i = 0; $i < 100000; $i++)
{
$hash = hash('sha256', $hash);
}
return $hash;
}
这是我的vb.net
函数:
Public Shared Function CreateRandomSalt() As String
Dim mix As String = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789!@#$%^&*()_+=][}{<>"
Dim salt As String = ""
Dim rnd As New Random
Dim sb As New StringBuilder
For i As Integer = 1 To 100 'Lunghezza del salt
Dim x As Integer = rnd.Next(0, mix.Length - 1)
salt &= (mix.Substring(x, 1))
Next
Return salt
End Function
Public Shared Function Hash512(password As String, salt As String) As String
Dim convertedToBytes As Byte() = Encoding.UTF8.GetBytes(password & salt)
Dim hashType As HashAlgorithm = New SHA512Managed()
Dim hashBytes As Byte() = hashType.ComputeHash(convertedToBytes)
Dim hashedResult As String = Convert.ToBase64String(hashBytes)
Return hashedResult
End Function
现在我的问题是,当我从vb.net
应用程序创建新用户或更新特定用户的密码时,web应用程序无法执行对我的用户的登录,可能密码编码不同,所以我需要一个vb.net
或php
的函数,允许我使用相同的编码。我该怎么做?
创建Md5密码:
Public Function MD5(ByVal pass As String) As String
Try
Dim MD5p As New System.Security.Cryptography.MD5CryptoServiceProvider
Dim baytlar As Byte() = System.Text.ASCIIEncoding.ASCII.GetBytes(pass)
Dim hash As Byte() = MD5p.ComputeHash(baytlar)
Dim kapasite As Integer = (hash.Length * 2 + (hash.Length / 8))
Dim sb As System.Text.StringBuilder = New System.Text.StringBuilder(kapasite)
Dim I As Integer
For I = 0 To hash.Length - 1
sb.Append(BitConverter.ToString(hash, I, 1))
Next I
Return sb.ToString().TrimEnd(New Char() {" "c})
Catch ex As Exception
Return "0"
End Try
End Function
插入或控制:MD5(Password String)