随机盐的算法
huster-songtao opened this issue · comments
/// <summary>
/// Creates a salt
/// </summary>
/// <param name="size">A salt size</param>
/// <returns>A salt</returns>
public static string CreateSalt(int size)
{
#pragma warning disable CS0618
var provider = new RNGCryptoServiceProvider();
#pragma warning restore CS0618
byte[] data = new byte[size];
provider.GetBytes(data);
return Convert.ToBase64String(data);
}
RNGCryptoServiceProvider过期了,随机盐的算法可以修改为:
/// <summary>
/// Creates a salt
/// </summary>
/// <param name="size">A salt size</param>
/// <returns>A salt</returns>
public static string CreateSalt(int size)
{
var random = RandomNumberGenerator.Create();
byte[] bytes = new byte[size];
random.GetNonZeroBytes(bytes);
return Convert.ToBase64String(bytes);
}
运行这个代码:
var salt = SaltKeyHelper.CreateSalt(128);
salt的值:
MDk9cFCouGfI2LSMEiJ6ct0Bijmk7NLYnUitgrxgPjJ/Gl5itTIvSmp+C3Vq6vNw91MWFqCWJkx8qpqFXc4GQ47gSyaaaYYBaYwLswcLhVAtfu5ans+lx+PElls6vL1iqikmAZ9zJfozNBE6lExNMCcEjtPY4kM5B2w9GjnpxjE=
如果使用
/// <summary>
/// Creates a salt
/// </summary>
/// <param name="size">A salt size</param>
/// <returns>A salt</returns>
public static string CreateSalt(int size)
{
var random = RandomNumberGenerator.Create();
byte[] bytes = new byte[size];
random.GetNonZeroBytes(bytes);
return BitConverter.ToString(bytes).Replace("-", "");
}
再运行这个代码:
var salt = SaltKeyHelper.CreateSalt(128);
salt的值:
559B8B08B3E016F70C13D5755E553562FE60E76A9AF055E1A2C3DD1E200E32E2BD1B4C91A9B44E4EB83320B94FE14343A417D4114F05F41C0CB83D191F9CB2ACA04D18332FEFEA67F29E245867F97A4D08485DF4456B2032792FEA0D12CDBCF15FD3D55892205C50DC939A3DDF82966531827E470974D4820D6E4EA6B85A5324
你喜欢哪个随机盐呢?base64编码看上去用的字符数量要少一些
@huster-songtao 感谢你的提议,代码已优化