What is the equivalent of Python pbkdf2 usage in C# for migrating password hashes -


we investigating options/scenarios credentials of 2 seperate sources (pyhton django application , asp.net application) can migrated single credential store. there many ways migrate, , 1 of them following: copy password hashes single store , based on property, choose validation method.

so i'm trying validate password hash generated in python django in c# console application.

i've found resources like: https://docs.djangoproject.com/en/1.10/_modules/django/contrib/auth/hashers/

and

https://docs.djangoproject.com/en/1.10/_modules/django/contrib/auth/hashers/pbkdf2

but have difficulties translating logic c#. think because cryptography skills aren't sufficient.

i hope can point me right direction on this.

update 1:

i'm testing following python django password hash:

pbkdf2_sha256$20000$t4fxlmzy8zre$x0hjgqggyaombqsfoobf/8nmlzgsk6stt8ke3meg6bm=  public bool verifypassword(string password, string hashedpassword, string salt) {     // password:  <test phrase>     // hashedpassword: x0hjgqggyaombqsfoobf/8nmlzgsk6stt8ke3meg6bm=     // salt: t4fxlmzy8zre      int iterationcount = 20000;      byte[] src = convert.frombase64string(hashedpassword);      byte[] inputpwhash;     using (var bytes = new rfc2898derivebytes(password, salt, iterationcount))     {          inputpwhash = bytes.getbytes(32);     }      var result = slowequals(src, inputpwhash);     return result; }

what i've tried creating custom pbkdf2 implementation hmacsha256 digest.

public class rfc2898derivebytes : derivebytes, idisposable {     public rfc2898derivebytes(byte[] password, byte[] salt, int32 iterations)     {         _hmacsha256obj = new hmacsha256(password);         hlen = _hmacsha256obj.hashsize / 8;         _passwordbytes = password;         _saltbytes = salt;         _iterationcount = iterations;     } }

and i'll match hashresult following way:

    public bool verifypassword(string password, string hashedpassword, string salt)     {         int iterationcount = 20000;          byte[] src = convert.frombase64string(hashedpassword);          byte[] inputpwhash;         using (var bytes = new rfc2898derivebytes(password, salt, iterationcount))         {             inputpwhash = bytes.getbytes(32);         }          var result = slowequals(src, inputpwhash);         return result;     }

but hash results not same. need text encoding?

i've found solution problemen here: https://stackoverflow.com/a/18649357/167196

credits original author.


Comments

Post a Comment

Popular posts from this blog

commonjs - How to write a typescript definition file for a node module that exports a function? -

consider, toml node module can use: // toml.d.ts declare module toml { export function parse(value:string):any; } declare module "toml" { export = toml; } then: /// <reference path="../../../../../defs/toml/toml.d.ts"/> import toml = require('toml'); toml.parse(...); however, node module export single function, such 'glob' ( https://github.com/isaacs/node-glob ). the node usage of module be: var glob = require("glob") glob("*.js", {}, callback(err, files) { ... }); you'd naively expect this: // glob.d.ts declare function globs(paths:string, options:any, callback:{(err:any, files:string[]):void; ...but because typescripts 'import' semantics bit strange, seems can use 'import .. = require()' statement alias modules . trying call: /// <reference path="../../../../../defs/glob/glob.d.ts"/> import blog = require('glob'); results in: error ts2072: mod
Read more

openid - Okta: Failed to get authorization code through API call -

i'm integrating okta own idp server using okta's api. i'm implementing authorization code flow following steps below: in own server, use /api/v1/authn endpoint sessiontoken. use sessiontoken obtain authorization calling endpoint: /oauth2/v1/authorize?client_id=" + clientid + "&sessiontoken=" + sessiontoken + "&response_type=code&response_mode=query&scope=openid&redirect_uri=" + redirecturl + "&state=evanyang&nonce=" it's supposed return response status code 302 , location header containing redirect url code value. however, keep getting response status code 200 , without location header, html body saying "you using unsupported browser." , "javascript disabled on browser." according api documentation: http://developer.okta.com/docs/api/resources/oidc.html#authentication-request , sessiontoken parameter sufficient this: an okta one-time sessiontoken. allows api-based
Read more

thorough guide for profiling racket code -

did googling ("racket profiling", "racket measure performance"), didn't find , there no examples in docs. did google "profile" search on htdp - no luck. (profile (f ...)) output isn't obvious other small snippets. ideally want python's python -m cprofile usage examples. when search "python profiling", both duckduckgo , google give top result: 26.4. python profilers . (although scanned quickly, seems more of reference "thorough usage guide" examples. if had else in mind, perhaps please link that?) the equivalent racket documentation be: profile: statistical profiler . a usage example: #lang racket (require profile) (profile-thunk (thunk (function-to-profile arg0 arg1) )) here (thunk e) convenience (lambda () e) . bigger example: #lang racket (module mod racket (provide f) (define (f) (for/list ([i 10000]) i))) (require (prefix-in mod: 'mod)) (define (f) (for ([i 10000
Read more