 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / Windows Forms / WinForm General / January 2005Coordinating MD5 Hash Values for Passwords
I have windows application that is used to set and set passwords for a web site. I need to generate the MD5 hash value and store it locally. Publication is used to update the SQL Server on the Web server. The problem is the MD5 Hash value used in Windows does return the same Hash used in the Web application eventhough the inputted string is the same. I am using the following code in windows: Private Function ConvertStringToByteArray(ByVal s As [String]) As [Byte]() Return (New UnicodeEncoding).GetBytes(s) End Function Private Function HashPassword(ByVal strPasswordClear) As String Dim dataToHash As [Byte]() = ConvertStringToByteArray(strPasswordClear) Dim hashvalue As Byte() = CType(CryptoConfig.CreateFromName("MD5"), HashAlgorithm).ComputeHash(dataToHash) Return BitConverter.ToString(hashvalue) End Function And for the Web: strPassword = FormsAuthentication.HashPasswordForStoringInConfigFile(strPassword, "md5") How can I accomplish getting the same Hash value for both routines?  Signaturewr Duh, I thought the windows function was windows specific but it worked in ASP.Net just fine using these references: Imports System.IO Imports System.Security Imports System.Security.Cryptography Imports System.Text So using the same functions obviously produces the result I need. wr > I have windows application that is used to set and set passwords for a web > site. [quoted text clipped - 26 lines] > > How can I accomplish getting the same Hash value for both routines? Hello WhiskyRomeo, This means there is a problem with your MD5 hash code. An MD5 hash should be the same irregardless of how its invoked. This C# code creates the same hash irregardless... public static void Main(string[] args) { string text = args[0]; MD5 md5 = MD5.Create(); byte[] hashBytes = md5.ComputeHash(Encoding.UTF8.GetBytes(text)); StringBuilder result = new StringBuilder(32); foreach (byte b in hashBytes) { result.Append(b.ToString("x2").ToUpper()); } Console.WriteLine("Algorithm: {0}", result.ToString()); Console.WriteLine("Forms Auth: {0}", FormsAuthentication.HashPasswordForStoringInConfigFile(text, "md5")); } -- Matt Berther http://www.mattberther.com > Duh, I thought the windows function was windows specific but it worked > in ASP.Net just fine using these references: [quoted text clipped - 41 lines] >> -- >> wr The code used was pulled directly from MS articles. They do indeed produce different results. In fact the first function returns a string with a hyphen at every two characters, eg: ab-cd-ef- etc. The 2nd function does not have hyphens in the result and the letter don't match so replacing hyphens with "" still does not produce the same result. wr > Hello WhiskyRomeo, > [quoted text clipped - 67 lines] > >> -- > >> wr Hi, The reason you results do not match is that you are passing a unicode string to the MD5 algoritm and the HashPasswordForStoringInConfigFile is using the UTF8 encoding of the passed string to perform the MD5 hash. Hope this helps SignatureChris Taylor http://dotnetjunkies.com/weblog/chris.taylor > The code used was pulled directly from MS articles. > [quoted text clipped - 28 lines] > > Console.WriteLine("Algorithm: {0}", result.ToString()); > > Console.WriteLine("Forms Auth: {0}", FormsAuthentication.HashPasswordForStoringInConfigFile(text, > > "md5")); > > } [quoted text clipped - 33 lines] > > >> > > >> Dim dataToHash As [Byte]() = ConvertStringToByteArray(strPasswordClear) Dim hashvalue As Byte() = CType(CryptoConfig.CreateFromName("MD5"), HashAlgorithm).ComputeHash(dataToHash) > > >> Return BitConverter.ToString(hashvalue) > > >> [quoted text clipped - 7 lines] > > >> -- > > >> wr Hello Chris, You're right... I completely missed that. The code I posted was using Encoding.UTF8, so I didnt even think about that. ;) -- Matt Berther http://www.mattberther.com > Hi, > [quoted text clipped - 4 lines] > > Hope this helps Hello WhiskyRomeo, Right, notice the sample code I gave uses the byte.ToString("x2"). This means to create the hex value. Also, notice Im doing a ToUpper() on each. The code that I posted creates the same hash... -- Matt Berther http://www.mattberther.com > The code used was pulled directly from MS articles. > [quoted text clipped - 77 lines] >>>> -- >>>> wr Matt, Chris, Thanks again, I see the problem now. This has been very educational. wr > Hello WhiskyRomeo, > [quoted text clipped - 88 lines] > >>>> -- > >>>> wr Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.