問題描述
我在 C# 中有以下代碼
I have following code in C#
PasswordDeriveBytes DerivedPassword = new PasswordDeriveBytes(Password, SaltValueBytes, HashAlgorithm, PasswordIterations);
byte[] KeyBytes = DerivedPassword.GetBytes(32);
我正在使用SHA1"哈希算法.
I am using "SHA1" hashing algorithm.
根據(jù) SHA1 定義,它生成 160 位(20 字節(jié))的密鑰.我的問題是 GetBytes 方法如何從 DerivedPassword 中獲取 32 個字節(jié),GetBytes 方法背后使用了什么算法?
According to SHA1 definition, its generate 160 bits (20 bytes) key. My question is how GetBytes method get 32 bytes from DerivedPassword, what algorithm used behind GetBytes method?
推薦答案
Microsoft 對原始 PKCS#5(又名 PBKDF1)的實現(xiàn)包括 insecure 擴(kuò)展,以提供比散列函數(shù)所能提供的更多的字節(jié)(參見錯誤報告此處和這里).
Microsoft's implementation of original PKCS#5 (aka PBKDF1) include insecure extensions to provide more bytes than the hash function can provide (see bug reports here and here).
即使它沒有錯誤,您也應(yīng)該避免對標(biāo)準(zhǔn)進(jìn)行未記錄的專有擴(kuò)展(否則您將來可能永遠(yuǎn)無法解密您的數(shù)據(jù) - 至少不能在 Windows 之外.)
Even if it was not buggy you should avoid undocumented, proprietary extensions to standards (or you might never be able to decrypt your data in the future - at least not outside Windows.)
我強(qiáng)烈建議您使用更新的 Rfc2898DeriveBytes,它實現(xiàn)了自 .NET 2.0 起可用的 PBKDF2 (PKCS#5 v2).
I strongly suggest you to use the newer Rfc2898DeriveBytes which implements PBKDF2 (PKCS#5 v2) which is available since .NET 2.0.
這篇關(guān)于C# PasswordDeriveBytes 混淆的文章就介紹到這了,希望我們推薦的答案對大家有所幫助,也希望大家多多支持html5模板網(wǎng)!