IDS

OpenLDAP SSHA 加密算法C#实现

2021-01-18  本文已影响0人  Messix_1102

OpenLDAP SSHA 加密算法是 SHA-1 加密算法加盐的一种处理方法,具体算法是这样:{SSHA}+base64(SHA1(明文密码+盐)+盐)

从已加密密码中获取"盐"方法如下

    /// <summary>
    /// 获取盐
    /// </summary>
    /// <param name="encryptStr"></param>
    /// <returns></returns>
    public static string GetSalt(string encryptStr)
    {
        encryptStr = encryptStr.Replace("{SSHA}", string.Empty);
        byte[] encryptByte = Convert.FromBase64String(encryptStr);
        encryptByte = encryptByte.Skip(20).Take(encryptByte.Length - 20).ToArray();
        string salt = Encoding.Default.GetString(encryptByte);
        return salt;
    }

加密新的密码

    /// <summary>
    /// 获取加密结果
    /// {SSHA}+base64(SHA1(明文密码+盐)+盐)
    /// </summary>
    /// <param name="pwd"></param>
    /// <param name="salt"></param>
    /// <returns></returns>
    public string StrEncrypt(string pwd, string salt)
    {
        var sha1 = new SHA1Managed();
        byte[] sha1Res = sha1.ComputeHash(Encoding.UTF8.GetBytes($"{pwd}{salt}"));
        byte[] saltByte = Encoding.UTF8.GetBytes(salt);
        byte[] joinByte = new byte[sha1Res.Length + saltByte.Length];
        sha1Res.CopyTo(joinByte, 0);
        saltByte.CopyTo(joinByte, sha1Res.Length);
        string base64Str = Convert.ToBase64String(joinByte);
        return $"{{SSHA}}{base64Str}";
    }

密码验证

    /// <summary>
    /// 验证密码
    /// </summary>
    /// <param name="pwd">明文</param>
    /// <param name="encryptedPwd">密文</param>
    /// <returns></returns>
    public bool ValidatePwd(string pwd, string encryptedPwd)
    {
        string salt = GetSalt(encryptedPwd);
        string encryptedPwd2 = StrEncrypt(pwd, salt);
        if (encryptedPwd == encryptedPwd2)
        {
            return true;
        }
        return false;
    }
上一篇下一篇

猜你喜欢

热点阅读