1 public override PasswordVerificationResult VerifyHashedPassword(string hashedPassword, string providedPassword) 2 { 3 string[] passwordProperties = hashedPassword.Split('|'); 4 if (passwordProperties.Length != 3) 5 { 6 return base.VerifyHashedPassword(hashedPassword, providedPassword); 7 } 8 else 9 {10 string passwordHash = passwordProperties[0];11 int passwordformat = 1;12 string salt = passwordProperties[2];13 if (String.Equals(EncryptPassword(providedPassword, passwordformat, salt), passwordHash, StringComparison.CurrentCultureIgnoreCase))14 {15 return PasswordVerificationResult.SuccessRehashNeeded;16 }17 else18 {19 return PasswordVerificationResult.Failed;20 }21 }22 }23 24 25 private string EncryptPassword(string pass, int passwordFormat, string salt)26 {27 if (passwordFormat == 0) 28 return pass;29 30 byte[] bIn = Encoding.Unicode.GetBytes(pass);31 byte[] bSalt = Convert.FromBase64String(salt);32 byte[] bRet = null;33 34 if (passwordFormat == 1)35 { // MembershipPasswordFormat.Hashed 36 HashAlgorithm hm = HashAlgorithm.Create("SHA1");37 if (hm is KeyedHashAlgorithm)38 {39 KeyedHashAlgorithm kha = (KeyedHashAlgorithm)hm;40 if (kha.Key.Length == bSalt.Length)41 {42 kha.Key = bSalt;43 }44 else if (kha.Key.Length < bSalt.Length)45 {46 byte[] bKey = new byte[kha.Key.Length];47 Buffer.BlockCopy(bSalt, 0, bKey, 0, bKey.Length);48 kha.Key = bKey;49 }50 else51 {52 byte[] bKey = new byte[kha.Key.Length];53 for (int iter = 0; iter < bKey.Length; )54 {55 int len = Math.Min(bSalt.Length, bKey.Length - iter);56 Buffer.BlockCopy(bSalt, 0, bKey, iter, len);57 iter += len;58 }59 kha.Key = bKey;60 }61 bRet = kha.ComputeHash(bIn);62 }63 else64 {65 byte[] bAll = new byte[bSalt.Length + bIn.Length];66 Buffer.BlockCopy(bSalt, 0, bAll, 0, bSalt.Length);67 Buffer.BlockCopy(bIn, 0, bAll, bSalt.Length, bIn.Length);68 bRet = hm.ComputeHash(bAll);69 }70 }71 72 return Convert.ToBase64String(bRet);73 }