/// <summary>
/// Password entered by the userをDB保存する際、
/// Salted and hashed passwordとして保存する必要がある。
/// </summary>
/// <param name="rawPassword">>Password entered by the user.</param>
/// <param name="eha">ハッシュ・アルゴリズム列挙型</param>
/// <param name="saltLength">ソルトの文字列長</param>
/// <param name="stretchCount">ストレッチ回数</param>
/// <returns>Salted and hashed password.</returns>
public static string GetSaltedPassword(string rawPassword, EnumHashAlgorithm eha, int saltLength, int stretchCount)
{
// ランダム・ソルト文字列を生成(区切り記号は含まなくても良い)
string salt = GetPassword.Generate(saltLength, 0); //Membership.GeneratePassword(saltLength, 0);
// Salted and hashed password(文字列)を生成して返す。
return
(CustomEncode.ToBase64String(CustomEncode.StringToByte(salt, CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64String(CustomEncode.StringToByte(stretchCount.ToString(), CustomEncode.UTF_8))
+ "." + CustomEncode.ToBase64String(CustomEncode.StringToByte(GetHash.GetHashString(salt + rawPassword, eha, stretchCount), CustomEncode.UTF_8)));
}
/// <summary>ハッシュ</summary>
private void btnGetHash_Click(object sender, EventArgs e)
{
if (this.rbnHSString.Checked)
{
txtHSCode.Text = GetHash.GetHashString(
txtHSString.Text, (EnumHashAlgorithm)cbxHSPV.SelectedValue);
}
else
{
txtHSCode.Text = CustomEncode.ToHexString(GetHash.GetHashBytes(
CustomEncode.StringToByte(txtHSString.Text, CustomEncode.UTF_8), (EnumHashAlgorithm)cbxHSPV.SelectedValue));
}
}
/// <summary>パスワードを比較して認証する。</summary>
/// <param name="rawPassword">Password entered by the user.</param>
/// <param name="saltedPassword">Salted and hashed password.</param>
/// <param name="eha">ハッシュ・アルゴリズム列挙型</param>
/// <returns>
/// true:パスワードは一致した。
/// false:パスワードは一致しない。
/// </returns>
public static bool EqualSaltedPassword(string rawPassword, string saltedPassword, EnumHashAlgorithm eha)
{
// ソルト部分を取得
string[] temp = saltedPassword.Split('.');
string salt = CustomEncode.ByteToString(CustomEncode.FromBase64String(temp[0]), CustomEncode.UTF_8);
int stretchCount = int.Parse(CustomEncode.ByteToString(CustomEncode.FromBase64String(temp[1]), CustomEncode.UTF_8));
string hashedPassword = CustomEncode.ByteToString(CustomEncode.FromBase64String(temp[2]), CustomEncode.UTF_8);
// 引数のsaltedPasswordと、rawPasswordから自作したsaltedPasswordを比較
if (hashedPassword == GetHash.GetHashString(salt + rawPassword, eha, stretchCount))
{
// 一致した。
return(true);
}
else
{
// 一致しなかった。
return(false);
}
}
[TestCase(null, 999, ExpectedException = typeof(ArgumentNullException), TestName = "TestID-032A")] // The encryption method that is not defined
public void EncryptStringTest(string sourceString, EnumHashAlgorithm eha)
{
try
{
// Get the hash value using the components of touryo.
string hashString = GetHash.GetHashString(sourceString, eha);
// Using the components of touryo, and get the hash value again.
string hashString2 = GetHash.GetHashString(sourceString, eha);
// Check the hash value.
Assert.AreNotEqual(sourceString, hashString);
Assert.AreNotEqual(sourceString, hashString2);
Assert.AreEqual(hashString, hashString2);
}
catch (Exception ex)
{
// Print a stack trace when an exception occurs.
Console.WriteLine(ex.StackTrace);
throw;
}
}
/// <summary>Hash</summary>
private static void Hash()
{
string data = "ynyKeiR9FXWPkNQHvUPZkAlfUmouExBv";
#region Managed or CSP
// Default
MyDebug.OutputDebugAndConsole("HashAlgorithm.Default", GetHash.GetHashString(data, EnumHashAlgorithm.Default));
// MD5
MyDebug.OutputDebugAndConsole("HashAlgorithm.MD5_CSP", GetHash.GetHashString(data, EnumHashAlgorithm.MD5_CSP));
// RIPEMD160
MyDebug.OutputDebugAndConsole("HashAlgorithm.RIPEMD160_M", GetHash.GetHashString(data, EnumHashAlgorithm.RIPEMD160_M));
// SHA1
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA1_CSP", GetHash.GetHashString(data, EnumHashAlgorithm.SHA1_CSP));
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA1_M", GetHash.GetHashString(data, EnumHashAlgorithm.SHA1_M));
// SHA256
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA256_CSP", GetHash.GetHashString(data, EnumHashAlgorithm.SHA256_CSP));
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA256_M", GetHash.GetHashString(data, EnumHashAlgorithm.SHA256_M));
// SHA384
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA384_CSP", GetHash.GetHashString(data, EnumHashAlgorithm.SHA384_CSP));
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA384_M", GetHash.GetHashString(data, EnumHashAlgorithm.SHA384_M));
// SHA512
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA512_CSP", GetHash.GetHashString(data, EnumHashAlgorithm.SHA512_CSP));
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA512_M", GetHash.GetHashString(data, EnumHashAlgorithm.SHA512_M));
#endregion
#if NETCORE
#else
#region CNG
MyDebug.OutputDebugAndConsole("HashAlgorithm.MD5_CNG", GetHash.GetHashString(data, EnumHashAlgorithm.MD5_CNG));
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA1_CNG", GetHash.GetHashString(data, EnumHashAlgorithm.SHA1_CNG));
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA256_CNG", GetHash.GetHashString(data, EnumHashAlgorithm.SHA256_CNG));
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA384_CNG", GetHash.GetHashString(data, EnumHashAlgorithm.SHA384_CNG));
MyDebug.OutputDebugAndConsole("HashAlgorithm.SHA512_CNG", GetHash.GetHashString(data, EnumHashAlgorithm.SHA512_CNG));
#endregion
#endif
}