问题
I am new to MVC 5 Identity. I am trying to find what is the hash logic for password in mvc 5 identity.
I am trying to validate user outside .net project but using its table AspNetUsers. If I am correct in mvc 4 it was SHA1?? But I am not sure whats the same in MVC 5.
Also can we validate user in table AspNetUsers within the sql server using sql script itself?
Regards & Thanks.
回答1:
From https://github.com/aspnet/Identity/blob/dev/src/Microsoft.AspNetCore.Identity/PasswordHasher.cs
Version 2:
PBKDF2 with HMAC-SHA1, 128-bit salt, 256-bit subkey, 1000 iterations. (See also: SDL crypto guidelines v5.1, Part III)
Format: { 0x00, salt, subkey }
Version 3:
PBKDF2 with HMAC-SHA256, 128-bit salt, 256-bit subkey, 10000 iterations.
Format: { 0x01, prf (UInt32), iter count (UInt32), salt length (UInt32), salt, subkey } (All UInt32s are stored big-endian.)
来源:https://stackoverflow.com/questions/27909469/what-is-the-hash-logic-in-mvc-5-identity