David David -4 years ago 191
C# Question

How do I create a SHA256 Hash with Salt?

I am currently working on a visual studio C# windows form project. However, I am confused by how SHA256 + salted works. I found some examples online but unable to understand how can I call this function.

I would like to call this function in a login form connecting to a database (Microsoft Access 2010).


  • How do I call this function by a click of a button and reading the
    password from a
    Textbox
    ?

  • How do i display out the hash value in a
    Messagebox.Show
    method? (For my testing purpose)

  • Is it possible to
    compare two text (hashed and salted) and giving a positive result?

    public static string sha256encrypt(string phrase, string UserName)
    {
    string salt = CreateSalt(UserName);
    string saltAndPwd = String.Concat(phrase, salt);
    UTF8Encoding encoder = new UTF8Encoding();
    SHA256Managed sha256hasher = new SHA256Managed();
    byte[] hashedDataBytes = sha256hasher.ComputeHash(encoder.GetBytes(saltAndPwd));
    string hashedPwd = String.Concat(byteArrayToString(hashedDataBytes), salt);
    return hashedPwd;
    }

    public static string byteArrayToString(byte[] inputArray)
    {
    StringBuilder output = new StringBuilder("");
    for (int i = 0; i < inputArray.Length; i++)
    {
    output.Append(inputArray[i].ToString("X2"));
    }
    return output.ToString();
    }

    private static string CreateSalt(string UserName)
    {
    string username = UserName;
    byte[] userBytes;
    string salt;
    userBytes = ASCIIEncoding.ASCII.GetBytes(username);
    long XORED = 0x00;

    foreach (int x in userBytes)
    XORED = XORED ^ x;

    Random rand = new Random(Convert.ToInt32(XORED));
    salt = rand.Next().ToString();
    salt += rand.Next().ToString();
    salt += rand.Next().ToString();
    salt += rand.Next().ToString();
    return salt;
    }



How do I create an SHA256 hash with salt?

shavalue = (sha256encrypt("password", "username");
saltedandhashtext = CreateSalt(shavalue);

Answer Source

For the first question look at CC Inc's answer.

To the second point: MessageBox.Show(sha256encrypt(textBox1.Text, "SampleUserName"));

3) Yes, it is.

You can compare two strings with the == comparator or string.Equals().

public bool compareHashs(string hash1, string hash2){
   if(hash1.Equals(hash2) //or hash1 == hash2
      return true;
   }else{
      return false;
   }  
}
Recommended from our users: Dynamic Network Monitoring from WhatsUp Gold from IPSwitch. Free Download