随机盐的算法

Question

随机盐的算法

huster-songtao opened this issue 3 years ago · comments

    /// <summary>
    /// Creates a salt
    /// </summary>
    /// <param name="size">A salt size</param>
    /// <returns>A salt</returns>
    public static string CreateSalt(int size)
    {
#pragma warning disable CS0618
        var provider = new RNGCryptoServiceProvider();
#pragma warning restore CS0618
        byte[] data = new byte[size];
        provider.GetBytes(data);
        return Convert.ToBase64String(data);
    }

RNGCryptoServiceProvider过期了，随机盐的算法可以修改为:

    /// <summary>
    /// Creates a salt
    /// </summary>
    /// <param name="size">A salt size</param>
    /// <returns>A salt</returns>
    public static string CreateSalt(int size)
    {
        var random = RandomNumberGenerator.Create();
        byte[] bytes = new byte[size];
        random.GetNonZeroBytes(bytes);
        return Convert.ToBase64String(bytes);
    }

运行这个代码：
var salt = SaltKeyHelper.CreateSalt(128);
salt的值：
MDk9cFCouGfI2LSMEiJ6ct0Bijmk7NLYnUitgrxgPjJ/Gl5itTIvSmp+C3Vq6vNw91MWFqCWJkx8qpqFXc4GQ47gSyaaaYYBaYwLswcLhVAtfu5ans+lx+PElls6vL1iqikmAZ9zJfozNBE6lExNMCcEjtPY4kM5B2w9GjnpxjE=

如果使用

    /// <summary>
    /// Creates a salt
    /// </summary>
    /// <param name="size">A salt size</param>
    /// <returns>A salt</returns>
    public static string CreateSalt(int size)
    {
        var random = RandomNumberGenerator.Create();
        byte[] bytes = new byte[size];
        random.GetNonZeroBytes(bytes);
        return BitConverter.ToString(bytes).Replace("-", "");
    }

再运行这个代码：
var salt = SaltKeyHelper.CreateSalt(128);
salt的值：
559B8B08B3E016F70C13D5755E553562FE60E76A9AF055E1A2C3DD1E200E32E2BD1B4C91A9B44E4EB83320B94FE14343A417D4114F05F41C0CB83D191F9CB2ACA04D18332FEFEA67F29E245867F97A4D08485DF4456B2032792FEA0D12CDBCF15FD3D55892205C50DC939A3DDF82966531827E470974D4820D6E4EA6B85A5324

你喜欢哪个随机盐呢？base64编码看上去用的字符数量要少一些

apevolo · Answer 1 · Wed Apr 06 2022 10:39:12 GMT+0800 (China Standard Time)

@huster-songtao 感谢你的提议，代码已优化