[Fork] Ids4 Password Hashing | C# Online Compiler

[Fork] Ids4 Password Hashing by Arash Ramez

using System;
using System;
using System.Security.Cryptography;
using System.Text;
using System;
using System.Runtime.CompilerServices;
using System.Security.Cryptography;
using Microsoft.AspNetCore.Cryptography.KeyDerivation;
using Microsoft.Extensions.Identity.Core;
using Microsoft.Extensions.Options;
using Microsoft.AspNetCore.Identity;
					
public static class Program
{
	//private RandomNumberGenerator _rng;
	public static void Main()
	{
		//_rng = RandomNumberGenerator.Create();
		Console.WriteLine("Hello World");
		string time = DateTime.Now.ToLongTimeString();
        Console.WriteLine("The current time is {0}", time);
		using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
        {
            //rng.GetBytes(randomBytes);
			Console.WriteLine(Convert.ToBase64String(HashPasswordV2("GZYCVgaQ@xkE6qO7juCh",rng)));
        }
		
		// this is correct version
		Console.WriteLine(PasswordHelper.HashPassword("GZYCVgaQ@xkE6qO7juCh"));
		
		Console.Read();
	}
	
	public static string Sha256(this string input)
        {          

            using (var sha = SHA256.Create())
            {
                var bytes = Encoding.UTF8.GetBytes(input);
                var hash = sha.ComputeHash(bytes);

                return Convert.ToBase64String(hash);
            }
        }
	
	private static byte[] HashPasswordV2(string password, RandomNumberGenerator rng)
    {
        const KeyDerivationPrf Pbkdf2Prf = KeyDerivationPrf.HMACSHA1; // default for Rfc2898DeriveBytes
        const int Pbkdf2IterCount = 1000; // default for Rfc2898DeriveBytes
        const int Pbkdf2SubkeyLength = 256 / 8; // 256 bits
        const int SaltSize = 128 / 8; // 128 bits

        // Produce a version 2 (see comment above) text hash.
        byte[] salt = new byte[SaltSize];
        rng.GetBytes(salt);
        byte[] subkey = KeyDerivation.Pbkdf2(password, salt, Pbkdf2Prf, Pbkdf2IterCount, Pbkdf2SubkeyLength);

        var outputBytes = new byte[1 + SaltSize + Pbkdf2SubkeyLength];
        outputBytes[0] = 0x00; // format marker
        Buffer.BlockCopy(salt, 0, outputBytes, 1, SaltSize);
        Buffer.BlockCopy(subkey, 0, outputBytes, 1 + SaltSize, Pbkdf2SubkeyLength);
        return outputBytes;
    }
}

public static class PasswordHelper
{
    private static readonly PasswordHasher<IdentityUser> _passwordHasher = new PasswordHasher<IdentityUser>();

    public static string HashPassword(string password)
    {
        var user = new IdentityUser();
	
        return _passwordHasher.HashPassword(user, password);
    }

    public static bool VerifyPassword(string hashedPassword, string providedPassword)
    {
        var user = new IdentityUser();
        var result = _passwordHasher.VerifyHashedPassword(user, hashedPassword, providedPassword);
        return result == PasswordVerificationResult.Success;
    }
}

​x
 
using System;
using System;
using System.Security.Cryptography;
using System.Text;
using System;
using System.Runtime.CompilerServices;
using System.Security.Cryptography;
using Microsoft.AspNetCore.Cryptography.KeyDerivation;
using Microsoft.Extensions.Identity.Core;
using Microsoft.Extensions.Options;
using Microsoft.AspNetCore.Identity;
                    
public static class Program
{
    //private RandomNumberGenerator _rng;
    public static void Main()
    {
        //_rng = RandomNumberGenerator.Create();
        Console.WriteLine("Hello World");
        string time = DateTime.Now.ToLongTimeString();
        Console.WriteLine("The current time is {0}", time);
        using (RandomNumberGenerator rng = RandomNumberGenerator.Create())
        {
            //rng.GetBytes(randomBytes);
            Console.WriteLine(Convert.ToBase64String(HashPasswordV2("GZYCVgaQ@xkE6qO7juCh",rng)));
        }
        
        // this is correct version
        Console.WriteLine(PasswordHelper.HashPassword("GZYCVgaQ@xkE6qO7juCh"));
        
        Console.Read();
    }
    
    public static string Sha256(this string input)
        {          
​
            using (var sha = SHA256.Create())
            {
                var bytes = Encoding.UTF8.GetBytes(input);
                var hash = sha.ComputeHash(bytes);
​
                return Convert.ToBase64String(hash);
            }
        }
    
    private static byte[] HashPasswordV2(string password, RandomNumberGenerator rng)
    {
        const KeyDerivationPrf Pbkdf2Prf = KeyDerivationPrf.HMACSHA1; // default for Rfc2898DeriveBytes
        const int Pbkdf2IterCount = 1000; // default for Rfc2898DeriveBytes
        const int Pbkdf2SubkeyLength = 256 / 8; // 256 bits
        const int SaltSize = 128 / 8; // 128 bits
​
        // Produce a version 2 (see comment above) text hash.
        byte[] salt = new byte[SaltSize];
        rng.GetBytes(salt);
        byte[] subkey = KeyDerivation.Pbkdf2(password, salt, Pbkdf2Prf, Pbkdf2IterCount, Pbkdf2SubkeyLength);
​
        var outputBytes = new byte[1 + SaltSize + Pbkdf2SubkeyLength];
        outputBytes[0] = 0x00; // format marker
        Buffer.BlockCopy(salt, 0, outputBytes, 1, SaltSize);
        Buffer.BlockCopy(subkey, 0, outputBytes, 1 + SaltSize, Pbkdf2SubkeyLength);
        return outputBytes;
    }
}
​
public static class PasswordHelper
{
    private static readonly PasswordHasher<IdentityUser> _passwordHasher = new PasswordHasher<IdentityUser>();
​
    public static string HashPassword(string password)
    {
        var user = new IdentityUser();
    
        return _passwordHasher.HashPassword(user, password);
    }
​
    public static bool VerifyPassword(string hashedPassword, string providedPassword)
    {
        var user = new IdentityUser();
        var result = _passwordHasher.VerifyHashedPassword(user, hashedPassword, providedPassword);
        return result == PasswordVerificationResult.Success;
    }
}

Escriba el limite superior

Cached Result
Last Run:	9:02:12 am
Compile:	0.173s
Execute:	0s
Memory:	24kb
CPU:	0.016s

View IL Code