W
Wayne Deleersnyder
Hi All,
I was going to write and ask if someone could help me fix the
formatting of my output for hash values, but I believe I got it right
now. But, because I couldn't find any website or tutorial to help me
with this issue I figured I'd make a post just in case someone else
runs into the same issue.
....
This past weekend I was just messing around learning about encryption
and hash values. I need hash values for a database I'm making. But,
along the way I came across MD5, SHA1, SHA2(256, 384, and 512
variants), plus others. I read that SHA2 is soon to be the new
defacto hash algorithm to use because of some identified weaknesses
(although from the looks of it, you'll need a pretty nice computer to
actually start cracking SHA1). Anyways, I figured I'd use SHA2
(SHA512).
C# has a nice function for creating a hash value all in one step:
string hashValue =
FormsAuthentication.HashPasswordForStoringInConfigFile(thePassword,
"SHA1");
Although you can use "MD5" or "SHA1." But nothing else for the SHA2
stuff.
So eventually I started messing around and put together this little
snippet of code:
....
using System.Security.Cryptography;
string hashValue;
string thePassword = "test1";
byte[] hashedPassword;
HashAlgorithm alg_SHA512 = HashAlgorithm.Create("SHA512");
// Do a hash using the SHA512 Algorithm
hashedPassword = alg_SHA512.ComputeHash(UTF8encodedPassword);
hashValue = BitConverter.ToString(hashedPassword);
lbl_SHA512_Alg_usingBitConverter.Text = "SHA512 using BitConverter: "
+ thePassword + " = " + hashValue;
But this would output a value something like this:
SHA512 using BitConverter: test1 = B1-6E-D7-D2-4B-3E-CB-D4-16-4D-CD-
AD-37-4E-08-C0-AB-75-18-AA-07-F9-D3-68-3F-34-C2-B3-C6-7A-15-83-02-68-
CB-4A-56-C1-FF-6F-54-C8-E5-4A-79-5F-5B-87-C0-86-68-B5-1F-82-
D0-09-3F-7B-AE-E7-D2-98-11-81
I didn't like the hyphens, so after doing some digging around, I ended
up with this...
....
using System.Security.Cryptography;
protected void hashThis()
{
string hashValue;
string hashValue2 = "";
string thePassword = "test1";
byte[] hashedPassword;
HashAlgorithm alg_MD5 = HashAlgorithm.Create("MD5");
HashAlgorithm alg_SHA1 = HashAlgorithm.Create("SHA1");
HashAlgorithm alg_SHA512 = HashAlgorithm.Create("SHA512");
hashValue =
FormsAuthentication.HashPasswordForStoringInConfigFile(thePassword,
"MD5");
lbl_MD5_Forms.Text = "MD5: " + thePassword + " = " +
hashValue;
hashValue =
FormsAuthentication.HashPasswordForStoringInConfigFile(thePassword,
"SHA1");
lbl_SHA1_Forms.Text = "SHA1: " + thePassword + " = " +
hashValue;
// Convert the password into a byte array so it can be
handled by the hash algorithm(s)
System.Text.UTF8Encoding textConverter = new
System.Text.UTF8Encoding();
byte[] UTF8encodedPassword =
textConverter.GetBytes(thePassword);
// Do a hash using the MD5 Algorithm
hashedPassword = alg_MD5.ComputeHash(UTF8encodedPassword);
hashValue = convertByteToHexString(hashedPassword);
lbl_MD5_Alg.Text = "MD5 Algoritm: " + thePassword + " = " +
hashValue;
// Do a hash using the SHA1 Algorithm
hashedPassword = alg_SHA1.ComputeHash(UTF8encodedPassword);
hashValue = convertByteToHexString(hashedPassword);
lbl_SHA1_Alg.Text = "SHA1 Algoritm: " + thePassword + " = " +
hashValue;
// Do a hash using the SHA512 Algorithm
hashedPassword = alg_SHA512.ComputeHash(UTF8encodedPassword);
hashValue2 = BitConverter.ToString(hashedPassword);
hashValue = convertByteToHexString(hashedPassword);
lbl_SHA512_Alg.Text = "SHA512 Algoritm: " + thePassword + " =
" + hashValue;
lbl_SHA512_Alg_usingBitConverter.Text = "SHA512 using
BitConverter: " + thePassword +
" = " + hashValue2;
}
// convertByteToHexString
// Description: calls the overloaded function with no delimiter
protected string convertByteToHexString(byte[] byteArray)
{
return convertByteToHexString(byteArray, "");
}
// convertByteToHexString
// Description: converts a byte array to a Hex String, using a
delimiter
protected string convertByteToHexString(byte[] byteArray, string
delimiter)
{
string str_HexString = ""; // the
string where the hex value is stored
int lengthOfByteArray = byteArray.Length;
int count = 1;
foreach (byte x in byteArray)
{
str_HexString += x.ToString("X2"); // convert the
string to display in hex format
if (count++ < lengthOfByteArray)
{
str_HexString += delimiter;
}
}
return str_HexString;
}
Which gives me output that looks something like this:
MD5: test1 = 5A105E8B9D40E1329780D62EA2265D8A
SHA1: test1 = B444AC06613FC8D63795BE9AD0BEAF55011936AC
MD5 Algoritm: test1 = 5A105E8B9D40E1329780D62EA2265D8A
SHA1 Algoritm: test1 = B444AC06613FC8D63795BE9AD0BEAF55011936AC
SHA512 Algoritm: test1 =
B16ED7D24B3ECBD4164DCDAD374E08C0AB7518AA07F9D3683F34C2B3C67A15830268CB4A56C1FF6F54C8E54A795F5B87C08668B51F82D0093F7BAEE7D2981181
SHA512 using BitConverter: test1 = B1-6E-D7-D2-4B-3E-CB-D4-16-4D-CD-
AD-37-4E-08-C0-AB-75-18-AA-07-F9-D3-68-3F-34-C2-B3-C6-7A-15-83-02-68-
CB-4A-56-C1-FF-6F-54-C8-E5-4A-79-5F-5B-87-C0-86-68-B5-1F-82-
D0-09-3F-7B-AE-E7-D2-98-11-81
So in the end, the convertByteToHexString method creates a string
without the hyphens. Actually I can set my own delimiters this way if
I wish. Anyways... that's what I ended up with. If that helps
anyone, great. If you see errors, or I made a BIG booboo, please let
me know.
Later,
Wayne D.
I was going to write and ask if someone could help me fix the
formatting of my output for hash values, but I believe I got it right
now. But, because I couldn't find any website or tutorial to help me
with this issue I figured I'd make a post just in case someone else
runs into the same issue.
....
This past weekend I was just messing around learning about encryption
and hash values. I need hash values for a database I'm making. But,
along the way I came across MD5, SHA1, SHA2(256, 384, and 512
variants), plus others. I read that SHA2 is soon to be the new
defacto hash algorithm to use because of some identified weaknesses
(although from the looks of it, you'll need a pretty nice computer to
actually start cracking SHA1). Anyways, I figured I'd use SHA2
(SHA512).
C# has a nice function for creating a hash value all in one step:
string hashValue =
FormsAuthentication.HashPasswordForStoringInConfigFile(thePassword,
"SHA1");
Although you can use "MD5" or "SHA1." But nothing else for the SHA2
stuff.
So eventually I started messing around and put together this little
snippet of code:
....
using System.Security.Cryptography;
string hashValue;
string thePassword = "test1";
byte[] hashedPassword;
HashAlgorithm alg_SHA512 = HashAlgorithm.Create("SHA512");
// Do a hash using the SHA512 Algorithm
hashedPassword = alg_SHA512.ComputeHash(UTF8encodedPassword);
hashValue = BitConverter.ToString(hashedPassword);
lbl_SHA512_Alg_usingBitConverter.Text = "SHA512 using BitConverter: "
+ thePassword + " = " + hashValue;
But this would output a value something like this:
SHA512 using BitConverter: test1 = B1-6E-D7-D2-4B-3E-CB-D4-16-4D-CD-
AD-37-4E-08-C0-AB-75-18-AA-07-F9-D3-68-3F-34-C2-B3-C6-7A-15-83-02-68-
CB-4A-56-C1-FF-6F-54-C8-E5-4A-79-5F-5B-87-C0-86-68-B5-1F-82-
D0-09-3F-7B-AE-E7-D2-98-11-81
I didn't like the hyphens, so after doing some digging around, I ended
up with this...
....
using System.Security.Cryptography;
protected void hashThis()
{
string hashValue;
string hashValue2 = "";
string thePassword = "test1";
byte[] hashedPassword;
HashAlgorithm alg_MD5 = HashAlgorithm.Create("MD5");
HashAlgorithm alg_SHA1 = HashAlgorithm.Create("SHA1");
HashAlgorithm alg_SHA512 = HashAlgorithm.Create("SHA512");
hashValue =
FormsAuthentication.HashPasswordForStoringInConfigFile(thePassword,
"MD5");
lbl_MD5_Forms.Text = "MD5: " + thePassword + " = " +
hashValue;
hashValue =
FormsAuthentication.HashPasswordForStoringInConfigFile(thePassword,
"SHA1");
lbl_SHA1_Forms.Text = "SHA1: " + thePassword + " = " +
hashValue;
// Convert the password into a byte array so it can be
handled by the hash algorithm(s)
System.Text.UTF8Encoding textConverter = new
System.Text.UTF8Encoding();
byte[] UTF8encodedPassword =
textConverter.GetBytes(thePassword);
// Do a hash using the MD5 Algorithm
hashedPassword = alg_MD5.ComputeHash(UTF8encodedPassword);
hashValue = convertByteToHexString(hashedPassword);
lbl_MD5_Alg.Text = "MD5 Algoritm: " + thePassword + " = " +
hashValue;
// Do a hash using the SHA1 Algorithm
hashedPassword = alg_SHA1.ComputeHash(UTF8encodedPassword);
hashValue = convertByteToHexString(hashedPassword);
lbl_SHA1_Alg.Text = "SHA1 Algoritm: " + thePassword + " = " +
hashValue;
// Do a hash using the SHA512 Algorithm
hashedPassword = alg_SHA512.ComputeHash(UTF8encodedPassword);
hashValue2 = BitConverter.ToString(hashedPassword);
hashValue = convertByteToHexString(hashedPassword);
lbl_SHA512_Alg.Text = "SHA512 Algoritm: " + thePassword + " =
" + hashValue;
lbl_SHA512_Alg_usingBitConverter.Text = "SHA512 using
BitConverter: " + thePassword +
" = " + hashValue2;
}
// convertByteToHexString
// Description: calls the overloaded function with no delimiter
protected string convertByteToHexString(byte[] byteArray)
{
return convertByteToHexString(byteArray, "");
}
// convertByteToHexString
// Description: converts a byte array to a Hex String, using a
delimiter
protected string convertByteToHexString(byte[] byteArray, string
delimiter)
{
string str_HexString = ""; // the
string where the hex value is stored
int lengthOfByteArray = byteArray.Length;
int count = 1;
foreach (byte x in byteArray)
{
str_HexString += x.ToString("X2"); // convert the
string to display in hex format
if (count++ < lengthOfByteArray)
{
str_HexString += delimiter;
}
}
return str_HexString;
}
Which gives me output that looks something like this:
MD5: test1 = 5A105E8B9D40E1329780D62EA2265D8A
SHA1: test1 = B444AC06613FC8D63795BE9AD0BEAF55011936AC
MD5 Algoritm: test1 = 5A105E8B9D40E1329780D62EA2265D8A
SHA1 Algoritm: test1 = B444AC06613FC8D63795BE9AD0BEAF55011936AC
SHA512 Algoritm: test1 =
B16ED7D24B3ECBD4164DCDAD374E08C0AB7518AA07F9D3683F34C2B3C67A15830268CB4A56C1FF6F54C8E54A795F5B87C08668B51F82D0093F7BAEE7D2981181
SHA512 using BitConverter: test1 = B1-6E-D7-D2-4B-3E-CB-D4-16-4D-CD-
AD-37-4E-08-C0-AB-75-18-AA-07-F9-D3-68-3F-34-C2-B3-C6-7A-15-83-02-68-
CB-4A-56-C1-FF-6F-54-C8-E5-4A-79-5F-5B-87-C0-86-68-B5-1F-82-
D0-09-3F-7B-AE-E7-D2-98-11-81
So in the end, the convertByteToHexString method creates a string
without the hyphens. Actually I can set my own delimiters this way if
I wish. Anyways... that's what I ended up with. If that helps
anyone, great. If you see errors, or I made a BIG booboo, please let
me know.
Later,
Wayne D.