비밀번호 저장

모든 비밀번호는 해시와 솔트를 이용해 저장합니다.

쓰이는 코드

1using Microsoft.AspNetCore.Cryptography.KeyDerivation;
2using System;
3using System.Security.Cryptography;
4
5public static class PasswordHelper
6{
7    private static byte[] GenerateSalt()
8    {
9        byte[] salt = new byte[16];
10        using var rng = RandomNumberGenerator.Create();
11        rng.GetBytes(salt);
12        return salt;
13    }
14
15    public static HashedPassword Hash(string password, byte[] salt = null)
16    {
17        salt ??= GenerateSalt();
18        var hashed = KeyDerivation.Pbkdf2(password, salt, KeyDerivationPrf.HMACSHA256, iterationCount: 250000, numBytesRequested: 32);
19
20        var base64Salt = Convert.ToBase64String(salt);
21        var base64Hashed = Convert.ToBase64String(hashed);
22
23        return new HashedPassword(base64Hashed, base64Salt);
24    }
25
26    public static bool Match(string password, HashedPassword hashedPassword)
27    {
28        var salt = Convert.FromBase64String(hashedPassword.Salt);
29        var hashed = Hash(password, salt);
30        return hashed.Password.Equals(hashedPassword.Password);
31    }
32}
33

동일한 비밀번호로 저장된 값 예시

1[
2    {
3        "Password": "O3XexbJdXhHReURAe2F/nRT3HuN4/JpysuPi7ktQ8zI=",
4        "Salt": "UYr+kmAu53l5h3OGqqKQrA==",
5        ...
6    },
7    {
8        "Password": "0O9g7ESSNsVWOtN5aYOPPw1UguBomp5NUQDgVD2nm/A=",
9        "Salt": "5UjZm5Jr55kfn6kc0e2AtA==",
10        ...
11    },
12    ...
13]
14