This question already has answers here:
MD5 hashing does not match in C# and PHP
(2 answers)
Closed 5 years ago.
in C# I'm trying to get a hashed md5 value of a password like so:
string sb = textBox2.Text;
byte[] asciiBytes = ASCIIEncoding.ASCII.GetBytes(sb);
byte[] hashedBytes = MD5CryptoServiceProvider.Create().ComputeHash(asciiBytes);
string hashedString = BitConverter.ToString(hashedBytes).Replace("-", "").ToLower();
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(sb);
sb = System.Convert.ToBase64String(plainTextBytes);
in php I get that value by using md5 command,
echo md5("megusia94");
the input in both cases are the same,
yet the output in PHP is: d1e44ad921daadaf8defadcd21c8644a
while in C# the output is: bWVndXMpYTk0
What am I doing wrong? I've searched this forum and tried:
MD5 hashing does not match in C# and PHP
c# md5 and php md5 not match
You are not comparing the same two things.
What you are comparing is the base64-representation of the ASCII-encoded input string with the actual MD5 hash (in HEX representation) from PHP.
Instead look at this:
byte[] asciiBytes = ASCIIEncoding.ASCII.GetBytes("megusia94");
byte[] hashedBytes = MD5CryptoServiceProvider.Create().ComputeHash(asciiBytes);
string hashedString = BitConverter.ToString(hashedBytes).Replace("-", "").ToLower();
Console.WriteLine(hashedString);
It correctly produces the hash d1e44ad921daadaf8defadcd21c8644a, which is the same as the one you get from PHP.
PHP md5:
Returns the hash as a 32-character hexadecimal number.
Your C# code:
Returns the hash with base64 encoding.
Related
Given the string
KlVkeNK76V27D2MSBOhfNC6eNtA=
This look like base64 encoded. However, I tried using convert to base64 with C# , result is a garbage string.
public static string Base64Encode(string plainText)
{
var plainTextBytes = System.Text.Encoding.UTF8.GetBytes(plainText);
return System.Convert.ToBase64String(plainTextBytes);
}
If I use this:
https://hashkiller.co.uk/sha1-decrypter.aspx
then it give a nicely SHA1 hash:
2a556478d2bbe95dbb0f631204e85f342e9e36d0
Can anyone show me how to decrypt it with C#?
Thanks a lot.
They simply print the hex value of the base64-decoded string:
byte[] bytes = Convert.FromBase64String("KlVkeNK76V27D2MSBOhfNC6eNtA=");
string hexString = new SoapHexBinary(bytes).ToString().ToLowerInvariant();
(where SoapHexBinary is a .NET class that converts byte[] to hex string)
This question already has answers here:
Is it possible to decrypt MD5 hashes?
(24 answers)
Closed 6 years ago.
I am encrypting my password using below code.
public static string GetSHA1HashData(string password)
{
//create new instance of md5
SHA1 sha1 = SHA1.Create();
//convert the input text to array of bytes
byte[] hashData = sha1.ComputeHash(Encoding.Default.GetBytes(password));
//create new instance of StringBuilder to save hashed data
StringBuilder returnValue = new StringBuilder();
//loop for each byte and add it to StringBuilder
for (int i = 0; i < hashData.Length; i++)
{
returnValue.Append(hashData[i].ToString());
}
// return hexadecimal string
return returnValue.ToString();
}
But I also want to create code for Decryption. I've tried, but couldn't a good solution. So could you help me on this?
Here I used System.Security.Cryptography => SHA1 : HashAlgorithm
Thanks in advance.
Hash value can't be decrypted:
Hash is short (say, 256-bit only), while String is arbitrary long (up to 2GB), so there're many Strings with the same hash (ambiguity)
Hash algorithm (SHA1) has been specially designed such that it's a difficult task to find out a string that has given hash value (complexity)
Instead of decrypting, compare hash values: if user provides a password that has the same hash value that a stored hash, then the password is correct one.
I have this code that I need to convert to ruby, this snippet is to create a security key used for a particular API. The string that I am encrypting is a JSON object.
Should I use Digest::MD5.hexdigest() or Digest::MD5.digest()?
C# Code
string strResponse = "[{\"Key\":\"BookNumber\", \"Value\"=>\"BJAK123\"},{\"Key\"=>\"AuthorCode\", \"Value\"=>\"BNA123\"}]";
using (MD5 md5 = MD5.Create())
{
byte[] bPayload = Encoding.UTF8.GetBytes(strPayload);
byte[] bPayloadHash = md5.ComputeHash(bPayload);
strPayloadBase64 = Convert.ToBase64String(bPayloadHash);
}
Ruby Code
payload = [{"Key"=>"BookNumber", "Value"=>"BJAK123"},{"Key"=>"AuthorCode", "Value"=>"BNA123"}]
utf8_params = payload.to_json.force_encoding("iso-8859-1").force_encoding("utf-8")
payload_base64 = Base64.encode64(Digest::MD5.hexdigest(utf8_params))
Use
payload_base64 = Digest::MD5.base64digest(utf8_params)
as Digest::MD5.hexdigest produces a hex string of digest, whereas C# code is performing base64 encoding of the digest.
I have a hashing method in C# that looks like:
MD5CryptoServiceProvider md5 = new MD5CryptoServiceProvider();
byte[] raw_input = Encoding.UTF32.GetBytes("hello");
byte[] raw_output = md5.ComputeHash(raw_input);
string output = "";
foreach (byte myByte in raw_output)
output += myByte.ToString("X2");
return output;
How can I implement this in PHP? Doing the following produces a different hash digest...
$output = hash('md5', 'hello');
PHP
This PHP code will do:
<?php
$str = "admin";
$strUtf32 = mb_convert_encoding($str, "UTF-32LE");
echo md5($strUtf32);
?>
This code outputs "1e3fcd02b1547f847cb7fc3add4484a5"
You need to find out which encoding PHP is using to convert your string to text. It's very unlikely that it's using UTF-32. It may well be using the platform default encoding, or possibly UTF-8.
using (MD5 md5 = MD5.Create())
{
byte[] input = Encoding.UTF8.GetBytes("hello");
byte[] hash = md5.ComputeHash(input);
return BitConverter.ToString(hash).Replace("-", "");
}
(This is the problem with languages/platforms which treat strings as binary data all over the place - it doesn't make it clear what's going on. There has to be a conversion to bytes here, as MD5 is defined for bytes, not Unicode characters. In the C# code you're doing it explicitly... in the PHP it's implicit and poorly documented.)
EDIT: If you've got to change the PHP, you could try this:
$text = mb_convert_encoding($text, "UTF-32LE");
$output = md5($text)
It depends whether PHP supports UTF-32 though...
When you apply md5 to Encoding.UTF32.GetBytes("admin");, that's same as
echo hash( "md5","a\0\0\0d\0\0\0m\0\0\0i\0\0\0n\0\0\0");
//1e3fcd02b1547f847cb7fc3add4484a5
In php.
You need to convert your string to UTF32-LE in PHP:
echo md5( mb_convert_encoding( "admin", "UTF-32LE" ) );
//1e3fcd02b1547f847cb7fc3add4484a5
I am doing md-5 hashing in both android and c# at the same time. But both the results should be the same for the same inputs. Is there any difference in the way its done in both the languages?
I get different outputs in both the cases. Here is the c# code for md-5 calculation:
//this method hashes the values sent to it using MD5
public static String hashwithmd5(String toHashMD5)
{
byte[] keyArray;
MD5CryptoServiceProvider hashmd5 = new MD5CryptoServiceProvider();
keyArray = hashmd5.ComputeHash(UTF8Encoding.UTF8.GetBytes(toHashMD5));
hashmd5.Clear();
return Convert.ToBase64String(keyArray, 0, keyArray.Length);
}
and here is the code for md5 in android using bouncycastle
public byte[] Hashing(String toHash) throws Exception{
byte[] hashBytes = toHash.getBytes("UTF-8");
EditText et = (EditText) findViewById(R.id.entry);
org.bouncycastle.crypto.digests.MD5Digest digest = new org.bouncycastle.crypto.digests.MD5Digest();
digest.reset();
digest.update(hashBytes, 0, hashBytes.length);
int length = digest.getDigestSize();
byte[] md5 = new byte[length];
digest.doFinal(md5, 0);
et.setText(md5.toString());
return md5;
}
the result of md5 in c# is :XUFAKrxLKna5cZ2REBfFkg==
the result of md5 in android is :[B#4053cf40
The C# code converts the hash to Base64, the java code does not. If you convert both raw hashes to e.g. hex strings, they'll be the same.
When you use this in Java:
byte[] md5 = new byte[length];
// ...
md5.toString()
you are not getting a representation of the byte values. You get the generic "string representation" of an object. Here, [B#4053cf40 basically means "array of bytes (that's for the '[B') which internally happens to be at address 4053cf40".
Use android.util.Base64 to convert your bytes to a Base64 encoded string.
#erik is correct. MD5 is no longer considered a "secure" hash; use SHA-256.
Erik is absolutely right. MD5 usage is near extinction, use any strong SHA