ASP.NET.Identity 加密算法

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64

public static string HashPassword(string password) {     if (password == null)     {         throw new ArgumentNullException("password");     }     byte[] salt;     byte[] bytes;     using (Rfc2898DeriveBytes rfc2898DeriveBytes = new Rfc2898DeriveBytes(password, 16, 1000))     {         salt = rfc2898DeriveBytes.Salt;         bytes = rfc2898DeriveBytes.GetBytes(32);     }     byte[] array = new byte[49];     Buffer.BlockCopy(salt, 0, array, 1, 16);     Buffer.BlockCopy(bytes, 0, array, 17, 32);     return Convert.ToBase64String(array); }   public static bool VerifyHashedPassword(string hashedPassword, string password) {     if (hashedPassword == null)     {         return false;     }     if (password == null)     {         throw new ArgumentNullException("password");     }     byte[] array = Convert.FromBase64String(hashedPassword);     if (array.Length != 49 || array[0] != 0)     {         return false;     }     byte[] array2 = new byte[16];     Buffer.BlockCopy(array, 1, array2, 0, 16);     byte[] array3 = new byte[32];     Buffer.BlockCopy(array, 17, array3, 0, 32);     byte[] bytes;     using (Rfc2898DeriveBytes rfc2898DeriveBytes = new Rfc2898DeriveBytes(password, array2, 1000))     {         bytes = rfc2898DeriveBytes.GetBytes(32);     }     return ByteArraysEqual(array3, bytes); }   private static bool ByteArraysEqual(byte[] a, byte[] b) {     if (object.ReferenceEquals(a, b))     {         return true;     }     if (a == null || b == null || a.Length != b.Length)     {         return false;     }     bool flag = true;     for (int i = 0; i < a.Length; i++)     {         flag &= (a[i] == b[i]);     }     return flag; }