从 SHA-512 哈希生成的字符不会保存到数据库中
我正在使用 SHA512 对密码进行哈希处理。我正在为我的 ORM 使用实体框架代码优先。
哈希算法
public static string CreateSHA512Hash(string pwd, string salt)
{
string saltAndPwd = String.Concat(pwd, salt);
var ae = new ASCIIEncoding();
byte[] hashValue, messageBytes = ae.GetBytes(saltAndPwd);
var sHhash = new SHA512Managed();
hashValue = sHhash.ComputeHash(messageBytes);
sHhash.Dispose();
return ae.GetString(hashValue);
}
生成盐的代码:
//Generate a cryptographic random number.
var rng = new RNGCryptoServiceProvider();
var buff = new byte[size];
rng.GetBytes(buff);
rng.Dispose();
// Return a Base64 string representation of the random number.
return Convert.ToBase64String(buff);
问题:
由于某种原因,哈希函数似乎会随机生成一些字符,而后面的字符不会保存到数据库中。在本例中(我不确定是否还有其他字符可以执行此操作),但它是 \0。
例如。密码:testuser。盐:uvq5i4CfMcOMjKPkwhhqxw==
生成的哈希值:????j???7?o\0?dE??????:???s?x??u? ',Vj?mNB??c???4H???vF\bd?T? (在 Visual Studio 的调试模式下复制)。
但 EF 实际上将 ???j???7?o 保存到数据库中。如果我尝试在调试模式下使用文本可视化工具,它也会将其切断。如果您注意到的话,它会在 \0 处被切断。我所能找到的只是它是一个空字符。
问题
如何使用实体框架代码优先将这个空字符保存在数据库中?如果无法保存,如何阻止 SHA512 为我生成这些字符?
I'm hashing a password using SHA512. I'm using Entity Framework Code-First for my ORM.
Hashing Algorithm
public static string CreateSHA512Hash(string pwd, string salt)
{
string saltAndPwd = String.Concat(pwd, salt);
var ae = new ASCIIEncoding();
byte[] hashValue, messageBytes = ae.GetBytes(saltAndPwd);
var sHhash = new SHA512Managed();
hashValue = sHhash.ComputeHash(messageBytes);
sHhash.Dispose();
return ae.GetString(hashValue);
}
Code for generating salt:
//Generate a cryptographic random number.
var rng = new RNGCryptoServiceProvider();
var buff = new byte[size];
rng.GetBytes(buff);
rng.Dispose();
// Return a Base64 string representation of the random number.
return Convert.ToBase64String(buff);
Problem:
For some reason, it seems the hash function would randomly generate some characters, which the ones after those are not saved to the database. In this case (I'm not sure if there are other characters that does this), but it is \0.
For eg. Password: testuser. Salt: uvq5i4CfMcOMjKPkwhhqxw==
Hash generated: ????j???7?o\0?dE??????:???s?x??u?',Vj?mNB??c???4H???vF\bd?T? (copied during dubug mode in visual studio).
But EF actually saves ????j???7?o to the database. If I try to use the text visualizer in debug mode, it cuts it off also. If you noticed, it gets cut off right at the \0. All I could find about it is that its a null character.
Question
How can I save this null character in the database using Entity Framework Code-First? If this can't be saved, how can I prevent the SHA512 from generating these characters for me?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(3)
我建议在保存之前使用 Base64 对哈希进行编码。另一方面,在添加到密码之前使用 Base64 对盐进行编码听起来很奇怪。
I recommend encoding the hash with Base64 before saving. On the other hand, encoding the salt with Base64 before adding to the password sounds strange.
SHA-256 哈希不生成字符,而是生成字节。如果您想要一个字符串,而不是一个字节数组,您需要将字节转换为字符格式。正如 @wRAR 所建议的,Base64 是一种常见的方法,否则您可以只使用十六进制字符串。
A SHA-256 hash does not generate characters, it generates bytes. If you want to have a character string, as opposed to a byte array, you need to convert the bytes into a character format. As @wRAR has suggested, Base64 is one common way to do it or else you could just use a hex string.
您可能应该做什么:
为什么你的方法不起作用:
要回答你的具体问题:
上面说的是 wRAR。
What you should probably do:
Why your method doesn't work:
To answer your specific question:
wRAR above was saying.