加密

2026-03-03 15:30:27 +00:00 · 2026-02-02 04:40:47 +08:00
parent 1a3fc7b59d
commit 73f49c9dbc
5 changed files with 264 additions and 22 deletions
--- a/UserSystem.cs
+++ b/UserSystem.cs
@@ -1,6 +1,8 @@
 using System;
 using System.Collections.Generic;
 using System.IO;
+using System.Runtime.InteropServices;
+using System.Text;

 namespace CMLeonOS
 {
@@ -33,6 +35,16 @@ namespace CMLeonOS
            Console.ResetColor();
        }

+        internal static string HashPasswordSha256(string password)
+        {
+            Sha256 sha256 = new Sha256();
+
+            byte[] passwordBytesUnhashed = Encoding.Unicode.GetBytes(password);
+            sha256.AddData(passwordBytesUnhashed, 0, (uint)passwordBytesUnhashed.Length);
+
+            return Convert.ToBase64String(sha256.GetHash());
+        }
+
        public UserSystem()
        {
            EnsureSysDirectoryExists();
@@ -90,6 +102,9 @@ namespace CMLeonOS
                            users.Add(user);
                        }
                    }
+                    
+                    // Note: Passwords are stored as SHA256 hashes in the file
+                    // When comparing passwords during login, hash the input password first
                }
                else
                {
@@ -109,7 +124,9 @@ namespace CMLeonOS
                List<string> lines = new List<string>();
                foreach (User user in users)
                {
-                    string line = $"{user.Username}|{user.Password}|{(user.IsAdmin ? "admin" : "user")}";
+                    // 使用SHA256加密密码
+                    string hashedPassword = HashPasswordSha256(user.Password);
+                    string line = $"{user.Username}|{hashedPassword}|{(user.IsAdmin ? "admin" : "user")}";
                    lines.Add(line);
                }
                File.WriteAllLines(userFilePath, lines.ToArray());
@@ -319,24 +336,27 @@ namespace CMLeonOS
                        return false;
                    }
                    
-                    if (foundUser.Password == password)
+                    // 使用SHA256加密输入的密码后比较
+                    string hashedInputPassword = HashPasswordSha256(password);
+                    // Console.WriteLine($"Hashed Input Password: {hashedInputPassword}");
+                    // Console.WriteLine($"Stored Password: {foundUser.Password}");
+                    
+                    if (foundUser.Password != hashedInputPassword)
                    {
-                        ShowSuccess("Login successful!");
-                        Console.Beep();
-                        
-                        // 设置当前登录用户
-                        currentLoggedInUser = foundUser;
-                        
-                        // 创建用户文件夹
-                        CreateUserFolder(foundUser.Username);
-                        
-                        return true;
-                    }
-                    else
-                    {
-                        ShowError("Invalid password. Please try again.");
+                        ShowError("Invalid password.");
                        return false;
                    }
+                    
+                    ShowSuccess("Login successful!");
+                    Console.Beep();
+                    
+                    // 设置当前登录用户
+                    currentLoggedInUser = foundUser;
+                    
+                    // 创建用户文件夹
+                    CreateUserFolder(foundUser.Username);
+                    
+                    return true;
                }
            }
            catch