使用哈希密码进行密码检查

Question

我遇到了问题，我该如何解决。当我尝试从数据库中检查密码时，某些操作不起作用。哈希密码存储在数据库中。

在一个单独的文件中，有一个密码哈希类：

public static string ComputeHash(string plainText, byte[] salt)
{
    int minSaltLength = 4, maxSaltLength = 16;
    byte[] SaltBytes = null;
    if (salt != null)
    {
        SaltBytes = salt;
    }
    else
    {
        Random r = new Random();
        int SaltLength = r.Next(minSaltLength, maxSaltLength);
        SaltBytes = new byte[SaltLength];
        RNGCryptoServiceProvider rng = new RNGCryptoServiceProvider();
        rng.GetNonZeroBytes(SaltBytes);
        rng.Dispose();
    }
    byte[] plainData = ASCIIEncoding.UTF8.GetBytes(plainText);
    byte[] plainDataWithSalt = new byte[plainData.Length + SaltBytes.Length];
    for (int x = 0; x < plainData.Length; x++)
    {
        plainDataWithSalt[x] = plainData[x];
    }
    for (int n = 0; n < SaltBytes.Length; n++)
    {
        plainDataWithSalt[plainData.Length + n] = SaltBytes[n];
    }
    byte[] hashValue = null;
    SHA512Managed sha = new SHA512Managed();
    hashValue = sha.ComputeHash(plainDataWithSalt);
    sha.Dispose();
    byte[] result = new byte[hashValue.Length + SaltBytes.Length];
    for (int x = 0; x < hashValue.Length; x++)
    {
        result[x] = hashValue[x];
    }
    for (int n = 0; n < SaltBytes.Length; n++)
    {
        result[hashValue.Length + n] = SaltBytes[n];
    }
    return Convert.ToBase64String(result);
}

public static bool Confirm(string plainText, string hashValue)
{
    byte[] hashBytes = Convert.FromBase64String(hashValue);
    int hashSize = 64;
    byte[] saltBytes = new byte[hashBytes.Length - hashSize];
    for (int x = 0; x < saltBytes.Length; x++)
    {
        saltBytes[x] = hashBytes[hashSize + x];
    }
    string newHash = ComputeHash(plainText, saltBytes);
    return (hashValue == newHash);
}

此类，我使用数据库（存储过程存储在其中）：

public Boolean CheckLoginTeacher(string login, string password)
{
    bool check = false;
    SqlConnection sqlConnection = new SqlConnection(connectionString);
    string sql = "BooleanTeachers";
    try
    {
        sqlConnection.Open();
        SqlCommand sqlCommand = new SqlCommand(sql, sqlConnection)
        {
            CommandType = System.Data.CommandType.StoredProcedure
        };
        SqlParameter sqlParameter = new SqlParameter
        {
            ParameterName = "@login",
            Value = login
        };
        sqlCommand.Parameters.Add(sqlParameter);
        sqlParameter = new SqlParameter
        {
            ParameterName = "@password",
            Value = password
        };
        sqlCommand.Parameters.Add(sqlParameter);
        SqlDataReader sqlDataReader = sqlCommand.ExecuteReader();
        while (sqlDataReader.Read()) //here it shows false, then closes the connection
        {
            if (EncryptonDecrypt.Confirm(login, sqlDataReader.GetValue(0).ToString()) && EncryptonDecrypt.Confirm(password, sqlDataReader.GetValue(1).ToString()))
            {
                check = true;
            }
        }
    }
    catch (Exception ex)
    {
        MessageBox.Show(ex.Message, "Error", MessageBoxButtons.OK, MessageBoxIcon.Error);
    }
    finally
    {
        sqlConnection.Close();
    }
    return check;
}

我该如何解决这个问题？