bcrypt 的 .net 实现
有谁知道 bcrypt 的良好实现吗?我知道这个问题之前已经被问过,但得到的回应很少。 我有点不确定是否要选择谷歌中出现的实现,并且我认为在 System.Security.Cryptography 命名空间中使用 sha256 可能会更好,至少我知道它是受支持的! 你有什么想法?
Does anyone know of a good implementation of bcrypt, I know this question has been asked before but it got very little response. I'm a bit unsure of just picking an implementation that turns up in google and am thinking that I may be better off using sha256 in the System.Security.Cryptography namespace, at least then I know it's supported! What are you thoughts?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(6)
听起来您正在寻找 BCrypt.net:
It sounds like you are looking for BCrypt.net:
BCrypt.Net 似乎是目前最受欢迎的库
http://bcrypt.codeplex.com/
这里是如何使用它来哈希密码的示例:
示例输出:
BCrypt.Net seems to be a most popular library at this moment
http://bcrypt.codeplex.com/
Here is an example how to use it for hashing password:
Sample output:
您可以在此处找到 .Net 的 BCrypt 的更新实现:
http://bcrypt.codeplex.com/
You can find an updated implementation of BCrypt for .Net here:
http://bcrypt.codeplex.com/
当我将某些内容从 PostgreSQL(有 pg_crypto)移动到 SQLite(没有)时,我需要一个 BCrypt 实现,所以我编写了自己的实现。 从这条消息中看出,我不是唯一需要这个的人,我决定为其添加许可证并发布它。 网址为:
http://zer7.com/software.php?page=cryptsharp
其背后的 Blowfish 实现是 Bruce Schneier 的公共域 C 实现的移植,并在所有官方测试向量上取得了成功。
我根据规范自己编写的 BCrypt 代码。 我还创建了一个 PHP 脚本,它生成长度为 0 到 100 的随机密码和盐,对它们进行加密,然后将它们输出到测试文件。 到目前为止,C# 代码 100% 匹配这些内容。 欢迎您使用该脚本并自行测试。
该库还包括适用于任何 HMAC 的 PBKDF2 代码,而不是 .Net 的仅 SHA-1 实现(今天添加 - 我打算很快用 C# 进行 SCrypt,这需要带有 HMAC-SHA256 的 PBKDF2)。 如果您愿意,您也可以基于此为自己制定一个计划。
I needed a BCrypt implementation when moving something from PostgreSQL (which has pg_crypto) to SQLite (which doesn't), so I wrote my own. Seeing from this message I'm not the only one needing this, I've decided to slap a license on it and release it. The URL is:
http://zer7.com/software.php?page=cryptsharp
The Blowfish implementation behind it is a port of Bruce Schneier's public domain C implementation, and succeeds on all the official test vectors.
The BCrypt code I wrote myself based on the spec. I also created a PHP script which generates random passwords of length 0 to 100 and salts, crypts them, and outputs them to a test file. The C# code matches these 100% of the time so far. You are welcome to use the script and test this yourself.
The library also includes PBKDF2 code which works for any HMAC as opposed to .Net's SHA-1-only implementation (added today -- I'm intending to do SCrypt in C# soon and that requires PBKDF2 with HMAC-SHA256). You could make yourself a scheme based on this too, if you wanted.
错误答案,请参见下文
.Net Framework 中的所有“Cng”(下一代加密)后缀算法现在都使用 bcrypt。 例如 SHA256Cng。
实际上,MS BCrypt (BestCrypt) 并不是指基于 Blowfish 密码的密码 - 谢谢 RobbyD 的评论。
不会删除答案,以防其他人犯同样的困惑。
Wrong answer, please see below
All "Cng" (Cryptography Next Generation) postfixed algorithms in the .Net Framework now use bcrypt. E.g. SHA256Cng.
Actually the MS BCrypt (BestCrypt) does not refer to the one based on the Blowfish cipher - thank you, RobbyD, for the comment.
Will not delete the answer, just in case anyone else makes the same confusion.
您是否尝试过这个 MS BCryptCreateHash C++ 函数也许? 似乎从 Windows Server 2008 和 Windows Vista 开始就存在。
另外,您可以检查以下 MS C# BCryptNative.cs< /a> 也许也有类。
Have you tried this MS BCryptCreateHash C++ function perhaps?? Seems to be present from Windows Server 2008 and Windows Vista.
Also, you can probably check the following MS C# BCryptNative.cs class too perhaps.