crypt SHA-512 算法的说明 (c#)
编辑:抱歉,我忘了提及,我没有使用实现的 sha512 加密货币,因为据我所知,它不涉及盐值或指定的轮数来计算哈希值。
好的,我正在用 c# 编写 sha-512 加密货币,并按照此处找到的步骤进行操作...
http://people.redhat.com/drepper/SHA-crypt.txt
这是我第一次做任何与加密相关的事情,所以我想确保我正确理解这些步骤......我不太了解 C 代码从 c 到 c# 的直接翻译:/
我假设完成摘要与计算哈希相同。在这种情况下,我还假设当步骤引用完成的摘要时,它们引用计算的哈希,而不是预哈希计算的摘要字节。如果我错了请纠正我!
假设步骤 1-8 的所有操作均已正确完成,我的怀疑从步骤 9
9 开始。对于密码字符串中的每个 32 或 64 字节块(不包括 C 表示中的终止 NUL),将摘要 B 添加到摘要 A
由于我使用的是 SHA-512,因此块大小为 64 字节。
下面的代码会产生期望的结果吗?
//FYI, temp = digestA from steps 1-3 (before expanding digestA for step 9)
//alt_result = computed digestB hash (64 byte hash)
for (cnt = key.Length; cnt > 64; cnt -= 64) //9
{
int i = 0;
ctx.TransformBlock(alt_result, 0, 64, digestA, temp.Length + 64 * i);
i++;
}
如果有人能澄清我所说的是正确的,我将不胜感激。谢谢!
EDIT: Sorry I forgot to mention, I'm not using the implemented sha512 crypt because as far as I can tell it doesn't involve a salt value or a specified number of rounds to compute the hash with.
Okay so I'm coding the sha-512 crypt in c# and I'm following the steps found here...
http://people.redhat.com/drepper/SHA-crypt.txt
This is my first time doing anything encryption related so I want to make sure I'm understanding the steps correctly... I don't understand c code well enough to direct translation from c to c# :/
I have assumed finishing a digest is the same as computing the hash. In this case, I've also assumed that when the steps refer to a finished digest, they are referring the the computed hash, rather than the pre-hash computed digest bytes. Correct me if I'm wrong please!
Assuming everything has been done correctly for steps 1-8, my doubts start at step 9
9. For each block of 32 or 64 bytes in the password string (excluding
the terminating NUL in the C representation), add digest B to digest A
Since I'm using SHA-512, I have block sizes of 64 bytes.
Would the following code produce the desired result?
//FYI, temp = digestA from steps 1-3 (before expanding digestA for step 9)
//alt_result = computed digestB hash (64 byte hash)
for (cnt = key.Length; cnt > 64; cnt -= 64) //9
{
int i = 0;
ctx.TransformBlock(alt_result, 0, 64, digestA, temp.Length + 64 * i);
i++;
}
If anyone can clarify that what I've stated is correct, I would appreciate it. Thanks!
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
加盐就像在输入字符串末尾附加固定字节字符串一样简单。本质上是为您的输入提供已知的“本土”转换。
关于算法本身:你似乎一开始就处于劣势。作为新手,您对基本加密术语做出了很多“假设”,甚至需要澄清。如果 CLR 实现不适合您,我认为您最好将时间花在寻找良好的 C 实现并弄清楚如何与其集成。弄清楚对此的互操作(外部)调用将比深入研究加密的复杂性要容易得多,结果将更加有效,并且您获得的有关本机互操作的知识将更加有用/可重用。
Salting is as simple as appending a fixed byte string on the end of your input string. Essentially providing a known "homegrown" transform to your input.
About the algorithm itself: you seem to be starting at a disadvantage. A neophyte, you're making a lot of "assumptions" about basic crypting terminology that even need clarification. If the CLR implementation won't work for you, I think your time would be better spent finding a good C implementation and figuring out how to integrate to that. Figuring out the interop (extern) calls to that will be far easier than diving into the intracacies of crypting, the results will be more efficient, and the knowledge you gain about native interop will be far more useful/reusable.
我将为稍后可能遇到此问题的其他人添加一些重要的说明。
第一的:
SHA512 和 SHA512Crypt 是两种不同的算法,用于两种不同的目的。 SHA512 是一种通用哈希算法(请参阅此)。 SHA512Crypt 是一种密码存储或基于密码的密钥派生算法,内部使用 SHA512(哈希)(请参阅此)。 SHA512Crypt 基于早期的 Crypt 函数,该函数使用 MD5 而不是 SHA512。
密码存储/密钥生成算法是专门创建的,使其暴力破解的成本要高出几个数量级。完成此操作的典型方法是以某种方式迭代底层哈希算法。但是,您自己不想这样做...这使我们...
第二:
不要编写自己的加密方法。 (查看此)有即使你清楚地知道自己在做什么,也有很多方法可以把事情搞砸。
如果您不想使用内置的 Rfc2898DerviceBytes,因为它基于 SHA1,那么您可以查看 bcrypt< /a> 或其他一些公开的、经过审查的已知加密算法的实现。
I'll add some important clarification for others who might come across this later.
First:
SHA512 and SHA512Crypt are two distinct algorithms for two different purposes. SHA512 is a general purpose hashing algorithm (see this). SHA512Crypt is a password storage or password based key derivation algorithm that uses SHA512 (hash) internally (see this). SHA512Crypt is based on the earlier Crypt function that used MD5 instead of SHA512.
The password storage/key generation algorithms have been specifically created to make it orders of magnitude more expensive to brute force. The typical way this is done is by iterating over the underlying hash algorithm in some fashion. However, you don't want to to this yourself... which brings us to...
Second:
Do NOT write your own cryptography methods. (see this) There are tons of ways to screw it up, even if you know exactly what you are doing.
If you don't want to use the built in Rfc2898DerviceBytes due to it being based on SHA1, then you could look at bcrypt or some other public, reviewed implementation of a known cryptographic algorithms.