1 public override PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword)
2 {
3 string[] passwordProperties = hashedPassword.Split('|');
4 if (passwordProperties.Length != 3)
5 {
6 return base.VerifyHashedPassword(hashedPassword, providedPassword);
7 }
8 else
9 {
10 string passwordHash = passwordProperties[0];
11 int passwordformat = 1;
12 string salt = passwordProperties[2];
13 if (String.Equals(EncryptPassword(providedPassword, passwordformat, salt), passwordHash, StringComparison.CurrentCultureIgnoreCase))
14 {
15 return PasswordVerificationResult.SuccessRehashNeeded;
16 }
17 else
18 {
19 return PasswordVerificationResult.Failed;
20 }
21 }
22 }
23
24
25 private string EncryptPassword(string pass, int passwordFormat, string salt)
26 {
27 if (passwordFormat == 0)
28 return pass;
29
30 byte[] bIn = Encoding.Unicode.GetBytes(pass);
31 byte[] bSalt = Convert.FromBase64String(salt);
32 byte[] bRet = null;
33
34 if (passwordFormat == 1)
35 { // MembershipPasswordFormat.Hashed
36 HashAlgorithm hm = HashAlgorithm.Create("SHA1");
37 if (hm is KeyedHashAlgorithm)
38 {
39 KeyedHashAlgorithm kha = (KeyedHashAlgorithm)hm;
40 if (kha.Key.Length == bSalt.Length)
41 {
42 kha.Key = bSalt;
43 }
44 else if (kha.Key.Length < bSalt.Length)
45 {
46 byte[] bKey = new byte[kha.Key.Length];
47 Buffer.BlockCopy(bSalt, 0, bKey, 0, bKey.Length);
48 kha.Key = bKey;
49 }
50 else
51 {
52 byte[] bKey = new byte[kha.Key.Length];
53 for (int iter = 0; iter < bKey.Length; )
54 {
55 int len = Math.Min(bSalt.Length, bKey.Length - iter);
56 Buffer.BlockCopy(bSalt, 0, bKey, iter, len);
57 iter += len;
58 }
59 kha.Key = bKey;
60 }
61 bRet = kha.ComputeHash(bIn);
62 }
63 else
64 {
65 byte[] bAll = new byte[bSalt.Length + bIn.Length];
66 Buffer.BlockCopy(bSalt, 0, bAll, 0, bSalt.Length);
67 Buffer.BlockCopy(bIn, 0, bAll, bSalt.Length, bIn.Length);
68 bRet = hm.ComputeHash(bAll);
69 }
70 }
71
72 return Convert.ToBase64String(bRet);
73 }
浙公网安备 33010602011771号