0
我得到這個登記表從哪裏獲得用戶電子郵件地址和密碼,並使用SHA512SHA512散列憑證失敗的驗證
public Boolean IsRegistered(String email, String pass)
{
SHA512 shaM = new SHA512Managed();
if (pass.Length > 0 && email.Length > 0)
{
byte[] data = Encoding.UTF8.GetBytes(pass);
String encryptedpass = Encoding.UTF8.GetString(shaM.ComputeHash(data));
using (ModelContainer db = new ModelContainer())
{
//User usr = db.UserSet.Where(u => u.PasswordDigest == encryptedpass && u.Email == email).First();
int matches = (from u in bd.UserSet
where u.PasswordDigest == encryptedpass&& u.Email == email
select new
{
Id = u.Id
}
).Count();
if (matches > 0)
{
return true;
}
}
}
return false;
}
我每次都用這個方法在用戶登錄在散列密碼,它就像一個魅力(我猜), 事情是當我提示用戶更改他/她的密碼,我似乎無法驗證舊的這裏是我的嘗試
我做了以下檢查用戶數據MyAccount表單的構造函數
User user;.
public MyAccount()
{
InitializeComponent();
try
{
using (ModelContainer db = new ModelContainer())
{
user = (from u in db.UserSet where u.Id == 2 select u).First();
txtName.Text = user.Name;
txtEmail.Text = user.Email;
}
}
catch (Exception x)
{
ErrorAlert error = new ErrorAlert("Error: " + x.Message);
error.Owner = getParentWindow();
error.ShowDialog();
}
}
然後我驗證它的形式button_click
using (ModelContainer db = new ModelContainer())
{
SHA512 shaM = new SHA512Managed();
string oldpass = Encoding.UTF8.GetString(shaM.ComputeHash(Encoding.UTF8.GetBytes(ptxtOldPassword.Password)));
shaM.Dispose();
db.UserSet.Attach(user);
Regex rgx = new Regex(@"\A[\w+\-.][email protected][a-z\d\-.]+\.[a-z]+\z");
if (rgx.IsMatch(txtEmail.Text))
{
if (oldpass == user.PasswordDigest)
{
if (ptxtNewPassword.Password.Equals(ptxtNewPassword2.Password))
{
string newpass = Encoding.UTF8.GetString(shaM.ComputeHash(Encoding.UTF8.GetBytes(ptxtNewPassword.Password)));
user.Name = txtName.Text;
user.Email = txtEmail.Text;
user.PasswordDigest = newpass;
db.SaveChanges();
}
else
{
ErrorAlert error = new ErrorAlert("Passwords do not match");
error.Owner = getParentWindow();
error.ShowDialog();
}
當我與一個數據庫comapare舊密碼輸入用戶不匹配,因爲他們是我所使用equals進行嘗試,沒有串運氣我以爲==會工作,但我錯了,我看着其他答案,發現這個Sha512 not returning equal in c# hash validation可悲的是它不適合我,我需要了解爲什麼我的第一次驗證工作和第二不 所以任何幫助是首選Have a nice day
呃......試圖將SHA512字節數據解碼爲一個UTF-8字符串只是要求麻煩...... SHA512哈希如何存儲在數據庫中? – elgonzo
@elgonzo他們存儲爲字符串,而不是utf-8字符串,但你可能是對的 – SoulBlack
在我看來,你似乎並不理解我指向的問題。問題不是UTF-8字符串與非UTF-8字符串。由於任意字節數據可能包含對給定文本編碼無效的字節(或字節序列),或者表示某些不可打印的字符,這些字符可能會導致進一步的字符串處理混亂,所以不能始終成功地將任意字節數據解碼爲字符串。 (1/2) – elgonzo