C# Класс Utilities.Cryptography.BCrypt

BCrypt implements OpenBSD-style Blowfish password hashing using the scheme described in "A Future-Adaptable Password Scheme" by Niels Provos and David Mazieres.

This password hashing system tries to thwart offline password cracking using a computationally-intensive hashing algorithm, based on Bruce Schneier's Blowfish cipher. The work factor of the algorithm is parametized, so it can be increased as computers get faster.

To hash a password for the first time, call the HashPassword method with a random salt, like this:

string hashed = BCrypt.HashPassword(plainPassword, BCrypt.GenerateSalt());

To check whether a plaintext password matches one that has been hashed previously, use the CheckPassword method:

 if (BCrypt.CheckPassword(candidatePassword, storedHash)) { Console.WriteLine("It matches"); } else { Console.WriteLine("It does not match"); }

The GenerateSalt method takes an optional parameter (logRounds) that determines the computational complexity of the hashing:

string strongSalt = BCrypt.GenerateSalt(10); string strongerSalt = BCrypt.GenerateSalt(12);

The amount of work increases exponentially (2**log_rounds), so each increment is twice as much work. The default log_rounds is 10, and the valid range is 4 to 31.

Показать файл Открыть проект Примеры использования класса

Открытые методы

Метод	Описание
CheckPassword ( string plaintext, string hashed ) : bool	Check that a plaintext password matches a previously hashed one.
GenerateSalt ( ) : string	Generate a salt for use with the `BCrypt.HashPassword()` method, selecting a reasonable default for the number of hashing rounds to apply.
GenerateSalt ( int logRounds ) : string	Generate a salt for use with the BCrypt.HashPassword() method.
HashPassword ( string password, string salt ) : string	Hash a password using the OpenBSD bcrypt scheme.

Приватные методы

Метод	Описание
Char64 ( char c ) : int	Look up the 3 bits base64-encoded by the specified character, range-checking against the conversion table.
CryptRaw ( byte password, byte salt, int logRounds ) : byte[]	Perform the central password hashing step in the bcrypt scheme.
DecodeBase64 ( string s, int maximumLength ) : byte[]	Decode a string encoded using BCrypt's Base64 scheme to a byte array. Note that this is _not_ compatible with the standard MIME-Base64 encoding.
EksKey ( byte data, byte key ) : void	Perform the "enhanced key schedule" step described by Provos and Mazieres in "A Future-Adaptable Password Scheme" (http://www.openbsd.org/papers/bcrypt-paper.ps).
Encipher ( uint block, int offset ) : void	Blowfish encipher a single 64-bit block encoded as two 32-bit halves.
EncodeBase64 ( byte d, int length ) : string	Encode a byte array using bcrypt's slightly-modified Base64 encoding scheme. Note that this is _not_ compatible with the standard MIME-Base64 encoding.
InitKey ( ) : void	Initialize the Blowfish key schedule.
Key ( byte key ) : void	Key the Blowfish cipher.
StreamToWord ( byte data, int &offset ) : uint	Cycically extract a word of key material.

Описание методов

CheckPassword() публичный статический Метод

Check that a plaintext password matches a previously hashed one.

public static CheckPassword ( string plaintext, string hashed ) : bool
plaintext	string	The plaintext password to verify.
hashed	string	The previously hashed password.
Результат	bool

GenerateSalt() публичный статический Метод

Generate a salt for use with the BCrypt.HashPassword() method, selecting a reasonable default for the number of hashing rounds to apply.

public static GenerateSalt ( ) : string
Результат	string

GenerateSalt() публичный статический Метод

Generate a salt for use with the BCrypt.HashPassword() method.

public static GenerateSalt ( int logRounds ) : string
logRounds	int	The log2 of the number of rounds of /// hashing to apply. The work factor therefore increases as (2 ** /// logRounds).
Результат	string

HashPassword() публичный статический Метод

Hash a password using the OpenBSD bcrypt scheme.

public static HashPassword ( string password, string salt ) : string
password	string	The password to hash.
salt	string	The salt to hash with (perhaps generated /// using BCrypt.GenerateSalt).
Результат	string