public bool ValidatePassword(byte[] pwd, byte[] pwdCheck, byte[] salt)
{
var formattedPwdCheck = _saltStrategy.Format(pwdCheck, salt);
var hashedPwd = _hashProvider.ComputeHash(formattedPwdCheck);
if (pwd.Length != hashedPwd.Length)
{
return(false);
}
for (var i = 0; i < pwd.Length; i++)
{
if (pwd[i] != hashedPwd[i])
{
return(false);
}
}
return(true);
}
public bool VaildatePassword(string pwd, byte[] pwdCheck, byte[] salt)
{
var formattedPwdCheck = _saltStrategy.Format(pwdCheck, salt);
var hashedPwd = _hashingProvider.ComputeHash(formattedPwdCheck);
var userPwdData = Encoding.UTF8.GetString(hashedPwd);
if (pwd.Length != userPwdData.Length)
{
return(false);
}
for (var i = 0; i < pwd.Length; i++)
{
if (pwd[i] != userPwdData[i])
{
return(false);
}
}
return(true);
}
// 傳入資料庫的密碼 , 使用者輸入的 , 加料
public bool ValidatePassword(byte[] pwd, byte[] pwdCheck, byte[] salt)
{
//將使用者輸入的加料
var formattedPwd = _saltStrategy.Format(pwdCheck, salt);
//先加過料再作Hash
var hashedPwd = _hashingProvider.ComputeHash(formattedPwd);
//如果兩個長度不一樣(資料庫的和user輸入的)
if (pwd.Length != hashedPwd.Length)
{
return(false);
}
//比對每個字元是否正確
for (var i = 0; i < pwd.Length; i++)
{
if (pwd[i] != hashedPwd[i])
{
return(false);
}
}
return(true);
}