我正在尝试在C#中实现扭曲代码。我正在使用CryptSharp进行SCRYPT和PBKDF2实现。但是,我似乎取得的结果与真实的网站不同。
这是我的代码:
static void Main(string[] args)
{
string randomString = "mypassword";
byte[] passwordBytes = Encoding.UTF8.GetBytes(randomString);
byte[] passwordBytesScrypt = new byte[passwordBytes.Length + 1];
Array.Copy(passwordBytes, 0, passwordBytesScrypt, 0, passwordBytes.Length);
passwordBytesScrypt[passwordBytes.Length] = 0x1;
string salt = "salt@gmail.com";
byte[] saltBytes = Encoding.UTF8.GetBytes(salt);
byte[] saltBytesScrypt = new byte[saltBytes.Length + 1];
Array.Copy(saltBytes, 0, saltBytesScrypt, 0, saltBytes.Length);
saltBytesScrypt[saltBytes.Length] = 0x1;
byte[] scryptBytes = CryptSharp.Utility.SCrypt.ComputeDerivedKey(passwordBytesScrypt, saltBytes, 524288, 8, 1, null, 32);
byte[] passwordBytesPBKDF2 = passwordBytesScrypt;
passwordBytesPBKDF2[passwordBytes.Length] = 0x2;
byte[] saltBytesPBKDF2 = saltBytesScrypt;
saltBytesScrypt[saltBytes.Length] = 0x2;
byte[] pbkdf2Bytes = CryptSharp.Utility.Pbkdf2.ComputeDerivedKey(new HMACSHA256(passwordBytesPBKDF2), saltBytes, 65536, 32);
}
根据网站(我将代码登录到控制台),scrypt hash结果应为
4dfe98afd8f279e856abdcccce09aa54031fbd7fa39a912bb3caf5ce28648fe6
和pbkdf2哈希结果应为
847c053e66c093927d1f1258b52455675fe6788e537c2073927fbddddfacc0d3
我的Scrypt结果是
790BE1F92DDDF297CF7BACAA69218BE2C67680C706B2A214081A559B8E0EF43D
和pbkdf2
CB640D1C8C13B44712EBCF341FA68F22F90D69AA5BC8427CD5ABED37FDFFE4EF
我不明白我在做什么错。地址表的实现不正确吗?我错过了某个地方吗?我不太了解JavaScript,所以这是完全可能的。任何帮助将不胜感激。
我发现了您的代码两个问题:
- 2^18不是524288,而是262144。
-
看来您注入0x1的方式似乎不起作用,我以不同的方式进行了操作:
string randomString = "mypassword"; string salt = "salt@gmail.com"; //Setup Lists to take the extra byte of the byte array to the end var passArrList = new List<byte>(); var saltArrList = new List<byte>(); //Get the byte array of incoming passphrase byte[] passArr = Encoding.UTF8.GetBytes(randomString); //Add the pass byte array to the list passArrList.AddRange(passArr); //Append the needed 0x1 to the end of the array passArrList.Add(1); //Get the bytes of the salt byte[] saltArr = Encoding.UTF8.GetBytes(salt); //Add the salt to the list saltArrList.AddRange(saltArr); //Append the needed salt to the end saltArrList.Add(1); byte[] scryptBytes = CryptSharp.Utility.SCrypt.ComputeDerivedKey(passArrList.ToArray(), saltArrList.ToArray(), 262144, 8, 1, null, 32); Console.WriteLine(BitConverter.ToString(scryptBytes).Replace("-", ""));
此行具有错误:
byte[] scryptBytes = CryptSharp.Utility.SCrypt.ComputeDerivedKey(passwordBytesScrypt,
saltBytes, 524288, 8, 1, null, 32);
- @knocte解释2^18不是524288
- 您正在使用
saltBytes,而不是saltBytesScrypt已准备好
校正线进行:
byte[] scryptBytes = CryptSharp.Utility.SCrypt.ComputeDerivedKey(passwordBytesScrypt,
saltBytesScrypt, 1 << 18, 8, 1, null, 32);
您在代码中撰写了一些错字,我正在使用Linq为了更清楚,您可以按照步骤操作而无需操纵数组。
在第15行,您应该使用1&lt;&lt;18和密码bytesscrypt:
byte[] scryptBytes = CryptSharp.Utility.SCrypt.ComputeDerivedKey(passwordBytesScrypt, saltBytes, 524288, 8, 1, null, 32);
和第23行,您应该使用saltbytespbkdf2:
byte[] pbkdf2Bytes = CryptSharp.Utility.Pbkdf2.ComputeDerivedKey(new HMACSHA256(passwordBytesPBKDF2), saltBytes, 65536, 32);
最终代码看起来像:
static void Main(string[] args)
{
List<byte> extend1 = new List<byte> { 0x1 }, extend2 = new List<byte> { 0x2 };
string randomString = "mypassword";
IEnumerable<byte> passwordBytesScrypt = Encoding.UTF8.GetBytes(randomString).Concat(extend1);
string salt = "salt@gmail.com";
IEnumerable<byte> saltBytesScrypt = Encoding.UTF8.GetBytes(salt).Concat(extend1);
byte[] scryptBytes = CryptSharp.Utility.SCrypt.ComputeDerivedKey(passwordBytesScrypt.ToArray(), saltBytesScrypt.ToArray(), 1 << 18, 8, 1, null, 32);
byte[] passwordBytesPBKDF2 = passwordBytesScrypt.Take(passwordBytesScrypt.Count() - 1).Concat(extend2).ToArray();
byte[] saltBytesPBKDF2 = saltBytesScrypt.Take(saltBytesScrypt.Count() - 1).Concat(extend2).ToArray();
byte[] pbkdf2Bytes = CryptSharp.Utility.Pbkdf2.ComputeDerivedKey(new HMACSHA256(passwordBytesPBKDF2), saltBytesPBKDF2, 65536, 32);
Console.WriteLine(BitConverter.ToString(scryptBytes).Replace("-", ""));
Console.WriteLine(BitConverter.ToString(pbkdf2Bytes).Replace("-", ""));
}