using System;
using System.Security.Cryptography;
using System.Text;
namespace 全自动水压检测仪.DATA
{
///
/// 密码加密辅助类
/// 使用 SHA256 + 盐值加密
/// 精确简单的实现,确保100%匹配
///
public static class PasswordHelper
{
///
/// 生成随机盐值(16字节)
///
/// Base64编码的盐值字符串
public static string GenerateSalt()
{
byte[] saltBytes = new byte[16];
using (var rng = new RNGCryptoServiceProvider())
{
rng.GetBytes(saltBytes);
}
return Convert.ToBase64String(saltBytes);
}
///
/// 使用 SHA256 哈希密码
/// 精确实现:密码 + 盐值 -> SHA256 -> Base64
///
/// 明文密码
/// 盐值
/// Base64编码的密码哈希值
public static string HashPassword(string password, string salt)
{
if (string.IsNullOrEmpty(password))
throw new ArgumentNullException(nameof(password));
if (string.IsNullOrEmpty(salt))
throw new ArgumentNullException(nameof(salt));
// 拼接密码和盐值
string combined = password + salt;
// 转换为字节数组
byte[] combinedBytes = Encoding.UTF8.GetBytes(combined);
// 计算 SHA256 哈希
using (var sha256 = SHA256.Create())
{
byte[] hashBytes = sha256.ComputeHash(combinedBytes);
// 转换为 Base64 字符串
string hash = Convert.ToBase64String(hashBytes);
return hash;
}
}
///
/// 验证密码是否匹配
/// 精确实现:重新计算哈希并比较
///
/// 输入的明文密码
/// 存储的密码哈希值
/// 盐值
/// 密码是否匹配
public static bool VerifyPassword(string inputPassword, string storedHash, string salt)
{
if (string.IsNullOrEmpty(inputPassword))
return false;
if (string.IsNullOrEmpty(storedHash))
return false;
if (string.IsNullOrEmpty(salt))
return false;
try
{
// 使用相同的方法计算输入密码的哈希
string inputHash = HashPassword(inputPassword, salt);
// 精确比较(区分大小写)
bool isMatch = string.Equals(inputHash, storedHash, StringComparison.Ordinal);
// 调试输出
System.Diagnostics.Debug.WriteLine($"[密码验证]");
System.Diagnostics.Debug.WriteLine($" 输入密码: {inputPassword}");
System.Diagnostics.Debug.WriteLine($" 盐值: {salt}");
System.Diagnostics.Debug.WriteLine($" 计算的哈希: {inputHash}");
System.Diagnostics.Debug.WriteLine($" 存储的哈希: {storedHash}");
System.Diagnostics.Debug.WriteLine($" 是否匹配: {isMatch}");
return isMatch;
}
catch (Exception ex)
{
System.Diagnostics.Debug.WriteLine($"[密码验证异常] {ex.Message}");
return false;
}
}
///
/// 测试密码加密功能
///
public static void TestPasswordEncryption()
{
System.Diagnostics.Debug.WriteLine("=== 测试密码加密功能 ===");
// 测试 1: admin123
string salt1 = GenerateSalt();
string hash1 = HashPassword("admin123", salt1);
bool verify1 = VerifyPassword("admin123", hash1, salt1);
System.Diagnostics.Debug.WriteLine($"\n测试 1: admin123");
System.Diagnostics.Debug.WriteLine($" 盐值: {salt1}");
System.Diagnostics.Debug.WriteLine($" 哈希: {hash1}");
System.Diagnostics.Debug.WriteLine($" 验证: {verify1} (应该为 True)");
// 测试 2: 123
string salt2 = GenerateSalt();
string hash2 = HashPassword("123", salt2);
bool verify2 = VerifyPassword("123", hash2, salt2);
System.Diagnostics.Debug.WriteLine($"\n测试 2: 123");
System.Diagnostics.Debug.WriteLine($" 盐值: {salt2}");
System.Diagnostics.Debug.WriteLine($" 哈希: {hash2}");
System.Diagnostics.Debug.WriteLine($" 验证: {verify2} (应该为 True)");
// 测试 3: 错误密码
bool verify3 = VerifyPassword("wrongpassword", hash1, salt1);
System.Diagnostics.Debug.WriteLine($"\n测试 3: 错误密码");
System.Diagnostics.Debug.WriteLine($" 验证: {verify3} (应该为 False)");
System.Diagnostics.Debug.WriteLine("\n=== 测试完成 ===\n");
}
}
}