/* * Password Hashing With PBKDF2 (http://crackstation.net/hashing-security.htm). * Copyright (c) 2013, Taylor Hornby * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright notice, * this list of conditions and the following disclaimer in the documentation * and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ using System; using System.Text; using System.Security.Cryptography; namespace PasswordHash { /// <summary> /// Salted password hashing with PBKDF2-SHA1. /// Author: havoc AT defuse.ca /// www: http://crackstation.net/hashing-security.htm /// Compatibility: .NET 3.0 and later. /// </summary> public class PasswordHash { // The following constants may be changed without breaking existing hashes. public const int SALT_BYTE_SIZE = 24; public const int HASH_BYTE_SIZE = 24; public const int PBKDF2_ITERATIONS = 1000; public const int ITERATION_INDEX = 0; public const int SALT_INDEX = 1; public const int PBKDF2_INDEX = 2; /// <summary> /// Creates a salted PBKDF2 hash of the password. /// </summary> /// <param name="password">The password to hash.</param> /// <returns>The hash of the password.</returns> public static string CreateHash(string password) { // Generate a random salt RNGCryptoServiceProvider csprng = new RNGCryptoServiceProvider(); byte[] salt = new byte[SALT_BYTE_SIZE]; csprng.GetBytes(salt); // Hash the password and encode the parameters byte[] hash = PBKDF2(password, salt, PBKDF2_ITERATIONS, HASH_BYTE_SIZE); return PBKDF2_ITERATIONS + ":" + Convert.ToBase64String(salt) + ":" + Convert.ToBase64String(hash); } /// <summary> /// Validates a password given a hash of the correct one. /// </summary> /// <param name="password">The password to check.</param> /// <param name="correctHash">A hash of the correct password.</param> /// <returns>True if the password is correct. False otherwise.</returns> public static bool ValidatePassword(string password, string correctHash) { // Extract the parameters from the hash char[] delimiter = { ':' }; string[] split = correctHash.Split(delimiter); int iterations = Int32.Parse(split[ITERATION_INDEX]); byte[] salt = Convert.FromBase64String(split[SALT_INDEX]); byte[] hash = Convert.FromBase64String(split[PBKDF2_INDEX]); byte[] testHash = PBKDF2(password, salt, iterations, hash.Length); return SlowEquals(hash, testHash); } /// <summary> /// Compares two byte arrays in length-constant time. This comparison /// method is used so that password hashes cannot be extracted from /// on-line systems using a timing attack and then attacked off-line. /// </summary> /// <param name="a">The first byte array.</param> /// <param name="b">The second byte array.</param> /// <returns>True if both byte arrays are equal. False otherwise.</returns> private static bool SlowEquals(byte[] a, byte[] b) { uint diff = (uint)a.Length ^ (uint)b.Length; for (int i = 0; i < a.Length && i < b.Length; i++) diff |= (uint)(a[i] ^ b[i]); return diff == 0; } /// <summary> /// Computes the PBKDF2-SHA1 hash of a password. /// </summary> /// <param name="password">The password to hash.</param> /// <param name="salt">The salt.</param> /// <param name="iterations">The PBKDF2 iteration count.</param> /// <param name="outputBytes">The length of the hash to generate, in bytes.</param> /// <returns>A hash of the password.</returns> private static byte[] PBKDF2(string password, byte[] salt, int iterations, int outputBytes) { Rfc2898DeriveBytes pbkdf2 = new Rfc2898DeriveBytes(password, salt); pbkdf2.IterationCount = iterations; return pbkdf2.GetBytes(outputBytes); } } }
نظرات اشتراکها
پیاده سازی روش گفته شده در این سایت :
اشتراکها
پیشنهاد طراحی ++C امن
Safe C++ is A new Proposal to Make C++ Memory-Safe
The goal of the Safe C++ proposal is extending C++ by defining a superset of the language that can be used to write code with the strong safety guarantees similarly to code written in Rust. The key to its approach is introducing a new safe context where only a rigorously safe subset of C++ is allowed.
اشتراکها
نگاهی به Entity Framework 7 چندسکویی
اشتراکها
دوره 4 ساعته TypeScript
TypeScript Full Course - From Beginner to Advanced
Welcome to the full TypeScript course from a beginner level all the way down to an advanced level. Throughout the next few hours, you'll learn all of the major features of TypeScript and then apply your knowledge by working through a practice project at the end of the course.
⏳ Timestamps ⏳
00:00:00 | Introduction
00:01:01 | 1.1 - Dynamic vs Static Typing
00:13:47 | 1.2 - Introduction to TypeScript
00:18:15 | 1.3 - TypeScript Setup
00:34:42 | 1.4 - tsconfig
00:41:51 | 2.1 - Primitive Types
00:50:23 | 2.2 - Arrays & Tuples
00:58:48 | 2.3 - Enums & Literals
01:08:44 | 2.4 - Any, Unknown & Type Casts
01:17:55 | 2.5 - Optional Chaining and Bang
01:24:45 | 3.1 - Basic Function Types
01:40:22 | 3.2 - Advanced Function Types
01:48:05 | 3.3 - Interfaces
01:55:57 | 4.1 - Classes & Abstract Classes
02:10:30 | 4.2 - Classes & Interfaces
02:21:15 | 4.3 - Static Attributes & Methods
02:25:37 | 4.4 - Generics
02:32:26 | 5.1 - Type Aliases
02:36:48 | 5.2 - Union & Intersection
02:42:09 | 5.3 - Type Guards
02:49:13 | 5.4 - Discriminated Unions
02:53:42 | 5.5 - Utility Types
02:59:06 | 6.1 - Modules (Import/Export)
03:14:29 | 6.2 - Namespaces
03:19:46 | 7.1 - Project Walkthrough
03:33:25 | 7.2 - Project Solution
اشتراکها
اضافه شدن JIT به PostgreSQL 11
Once created, these custom elements -- a custom counter, for example -- can also be used in other single-page application (SPA) web frameworks such as React and Angular. A sample project, aptly titled Blazor Custom Elements, shows how to do just that, providing examples about how to work with those frameworks and the client-side Blazor WebAssembly component as well as Blazor Server.
اشتراکها
قدرت برنامه نویسی تنبل طور
اشتراکها
#C یا زبانهای دیگر !
اشتراکها