SALT+HASH撒盐加密

#region 撒盐加密
            string salt = Guid.NewGuid().ToString();
            byte[] passwordAndSaltBytes = System.Text.Encoding.UTF8.GetBytes(model.Password + salt);
            byte[] hashBytes = new System.Security.Cryptography.SHA256Managed().ComputeHash(passwordAndSaltBytes);
            string hashString = Convert.ToBase64String(hashBytes);
            model.Password = hashString;
            model.Salt = salt;
            #endregion
            #region 撒盐解密,用户存在的情况下
            string _salt = model.Salt;
            string password = "123456";//用户输入的数据,获取过来
            byte[] _passwordAndSaltBytes = System.Text.Encoding.UTF8.GetBytes(password + salt);
            byte[] _hashBytes = new System.Security.Cryptography.SHA256Managed().ComputeHash(_passwordAndSaltBytes);
            string _hashString = Convert.ToBase64String(_hashBytes);
            if (_hashString==model.Password)
            {
                return Json(new
                {
                    error=0,
                    msg="验证成功"
                });
            }
            #endregion

 

看到个高级的关于撒盐的网址 http://blog.jobbole.com/61872/#article-comment

你可能感兴趣的:(SALT+HASH撒盐加密)