5 Mart 2018 Pazartesi

RNGCryptoServiceProvider Sınıfı

Şu satırı dahil ederiz.
using System.Security.Cryptography;
Bu sınıf salt üretmek için kullanılabilir. Salt hash ile beraber saklanır. Pepper ise saklanmaz. Açıklaması şöyle
A pepper can be added to a password in addition to a salt value. A pepper performs a similar role to a salt, however whereas a salt is commonly stored alongside the value being hashed, for something to be defined as a pepper, it should meet one of the following criteria that define it a more carefully hidden 'secret' than the salt value:
  • The pepper is held separately from the value to be hashed
  • The pepper is randomly generated for each value to be hashed (within a limited set of values), and is never stored. When data is tested against a hashed value for a match, this is done by iterating through the set of values valid for the pepper, and each one in turn is added to the data to be tested (usually by suffixing it to the data), before the cryptographic hash function is run on the combined value.
Şöyle yaparız.
RNGCryptoServiceProvider provider = new RNGCryptoServiceProvider();
Create metodu
Sistemdeki bir sınıfı yaratıyor.
"Creates an instance of the default implementation of a cryptographic random number generator that can be used to generate random data."
Şöyle yaparız.
RNGCryptoServiceProvider provider = RNGCryptoServiceProvider.Create();
GetBytes metodu
Şöyle yaparız.
byte[] data = new byte[1];
Şöyle yaparız.
RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
byte[] data = new byte[1024];
GetNonZeroBytes metodu
Şöyle yaparız.
int max = ...;
byte[] salt = new byte[max];

Hiç yorum yok:

Yorum Gönder