Hash String

S

shapper

Hello,

How can I hash a string in C#?
I suppose I should use MD5 ... at least is what is used in ASP.NET
membership.

I need to has a string and compare it to an already hashed string.

Thanks,
Miguel
 
P

Peter Morris

string me = "Pete";
int hashCode = me.GetHashCode();

Am I missing something?
 
A

Alberto Poblacion

shapper said:
How can I hash a string in C#?
I suppose I should use MD5 ... at least is what is used in ASP.NET
membership.

I need to has a string and compare it to an already hashed string.
Click to expand...

I use this two functions to get the MD5 hash of either a string or an array
of bytes:

public static byte[] GetHash(byte[] data)
{
MD5 md5 = MD5.Create();
byte[] result = md5.ComputeHash(data);
return result;
}
public static byte[] GetHash(string s)
{
byte[] myBytes = Encoding.UTF8.GetBytes(s);
return GetHash(myBytes);
}
 
P

Peter Morris

If you want a one-way hash for passwords try this...

public static string EncodePassword(string userName, string password)
{
TripleDESCryptoServiceProvider des;
MD5CryptoServiceProvider hashmd5;
byte[] pwdhash, buff;
hashmd5 = new MD5CryptoServiceProvider();
pwdhash = hashmd5.ComputeHash(ASCIIEncoding.ASCII.GetBytes(userName));
des = new TripleDESCryptoServiceProvider();
des.Key = pwdhash;
des.Mode = CipherMode.ECB; //CBC, CFB
buff = ASCIIEncoding.ASCII.GetBytes(password);
string result =
Convert.ToBase64String(des.CreateEncryptor().TransformFinalBlock(buff, 0,
buff.Length));
return result;
}
 
B

Ben Voigt [C++ MVP]

Peter said:
string me = "Pete";
int hashCode = me.GetHashCode();

Am I missing something?
Click to expand...

Yes. The result of GetHashCode is subject to change, even between
subsequent runs of the same program. Only while the program is still
running are you guaranteed consistent results. So it's useless for
comparing against a saved hash.
 
S

shapper

Yes.  The result of GetHashCode is subject to change, easicallyven between
subsequent runs of the same program.  Only while the program is still
running are you guaranteed consistent results.  So it's useless for
comparing against a saved hash.
Click to expand...

Basically, in this case I am sending the user a confirmation email
after she/he registers on a web site.
On the email is the url. Something has follows:

www.mydomain.com/ConfirmPassword/?key=...

where key is an hash of a string created by joining the user UserName,
Accoount CreateDate, ...

So when the user goes to that URL I hash the same string again and
confirm the two to activate the account.

Isn't this possible?

Thanks,
Miguel
 
J

Jon Skeet [C# MVP]

shapper said:
Basically, in this case I am sending the user a confirmation email
after she/he registers on a web site.
On the email is the url. Something has follows:

www.mydomain.com/ConfirmPassword/?key=...

where key is an hash of a string created by joining the user UserName,
Accoount CreateDate, ...

So when the user goes to that URL I hash the same string again and
confirm the two to activate the account.

Isn't this possible?
Click to expand...

Yup, and MD5 is probably the best bet for that.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Hash MD5, Sha1 and Length 40
Byte to String 3
How to get a hashed string 3
C# MD5 Hash Does Not Match Hash Generated From Java 3
Token Expiration Date. How? 11
MD5 Hash - Converting Result From Byte[] Back To String 7
MD5 hash in C# vs. others 2
MD5CryptoServiceProvider - File Not Closing 8

Top