In C#, I have to create the MD5 hmac token based on following python code.
from hashlib import md5
trans_5C = "".join(chr(x ^ 0x5c) for x in xrange(256))
trans_36 = "".join(chr(x ^ 0x36) for x in xrange(256))
blocksize = md5().block_size
def hmac_md5(key, msg):
if len(key) > blocksize:
key = md5(key).digest()
key += chr(0) * (blocksize - len(key))
o_key_pad = key.translate(trans_5C)
i_key_pad = key.translate(trans_36)
return md5(o_key_pad + md5(i_key_pad + msg).digest())
if __name__ == "__main__":
h = hmac_md5("9T5zhB4sTNGxMJ-iDdO-Ow"+"8rdp7erdig0m6aa72lhanvuk01"+"pizza1", "1387797294")
print h.hexdigest() # 9036a1a3f654aefeab426e9f7e17288e
As in windowsphone8 we don't have MD5 implementation so i downloaded the MD5 Class from here thanks to jeff. It works generating MD5 but my problem is still here. The above Python code generates the exact required token 9036a1a3f654aefeab426e9f7e17288e, but mine generates 8280c9a3804b53792324b62363fc22fd.
Can anyone translate the python code to c#?
My below c# code is very simple.
string token = string.Empty;
string key = "9T5zhB4sTNGxMJ-iDdO-Ow" + "8rdp7erdig0m6aa72lhanvuk01" + "pizza1";
string message = "1387797294";
Encoding encoding = Encoding.UTF8;
//token 9036a1a3f654aefeab426e9f7e17288e
Debug.WriteLine(MD5.GetMd5String(message + key));
First, in python, you can simply use the hmac module:
>>> import hmac
>>> hmac.new("9T5zhB4sTNGxMJ-iDdO-Ow"+"8rdp7erdig0m6aa72lhanvuk01"+"pizza1", "1387797294").hexdigest()
'9036a1a3f654aefeab426e9f7e17288e'
Second, your C# code does not implement the HMAC algorithm, but simply returns a MD5 hash.
The python equivalent would be simply
>>> import md5
>>> md5.new("1387797294" + "9T5zhB4sTNGxMJ-iDdO-Ow"+"8rdp7erdig0m6aa72lhanvuk01"+"pizza1").hexdigest()
'8280c9a3804b53792324b62363fc22fd'
You can find an implemention of the HMAC algorithm in C# e.g. at CodePlex.
From the project page:
Project Description
This is a simple implementation of the MD5
cryptographic hashing algorithm and HMAC-MD5. This class consists of
fully transparent C# code, suitable for use in .NET, Silverlight and
WP7 applications.
Also, here's another simple implementation I've come up with:
string key = "9T5zhB4sTNGxMJ-iDdO-Ow" + "8rdp7erdig0m6aa72lhanvuk01" + "pizza1";
string message = "1387797294";
var encoding = Encoding.UTF8;
var md = System.Security.Cryptography.MD5CryptoServiceProvider.Create();
var trans_5C = new byte[64];
var trans_36 = new byte[64];
var b_key = encoding.GetBytes(key);
// TODO: also check if key is to short
if (b_key.Length > 64)
b_key = md.ComputeHash(b_key);
for (int i = 0; i < 64; i++)
{
trans_5C[i] = 92;
trans_36[i] = 54;
if (i < key.Length)
{
trans_5C[i] ^= b_key[i];
trans_36[i] ^= b_key[i];
}
}
byte[] inner = md.ComputeHash(trans_36.Concat(encoding.GetBytes(message)).ToArray());
var hash = md.ComputeHash(trans_5C.Concat(inner).ToArray());
StringBuilder sb = new StringBuilder();
foreach (byte b in hash)
sb.Append(b.ToString("x2"));
var result = sb.ToString(); // = 9036a1a3f654aefeab426e9f7e17288e
Related
I'm trying to port a C# application into Node.
The app has this C# function to generate a Sha256
public static string CreateSHA256Signature(string targetText)
{
string _secureSecret = "E49756B4C8FAB4E48222A3E7F3B97CC3";
byte[] convertedHash = new byte[_secureSecret.Length / 2];
for (int i = 0; i < _secureSecret.Length / 2; i++)
{
convertedHash[i] = (byte)Int32.Parse(_secureSecret.Substring(i * 2, 2), System.Globalization.NumberStyles.HexNumber);
}
string hexHash = "";
using (HMACSHA256 hasher = new HMACSHA256(convertedHash))
{
byte[] hashValue = hasher.ComputeHash(Encoding.UTF8.GetBytes(targetText));
foreach (byte b in hashValue)
{
hexHash += b.ToString("X2");
}
}
return hexHash;
}
Response.Write(CreateSHA256Signature("TEST STRING"));
// returns 55A891E416F480D5BE52B7985557B24A1028E4DAB79B64D0C5088F948EB3F52E
I tried to use node crypto as following:
console.log(crypto.createHmac('sha256', 'E49756B4C8FAB4E48222A3E7F3B97CC3').update('TEST STRING', 'utf-8').digest('hex'))
// returns bc0a28c3f60d323404bca7dfc4261d1280ce46e887dc991beb2c5bf5e7ec6100
How can I get the same C# result in node?
Your key is different from the C# version. Try to convert the hex string to raw bytes. This way crypto knows to take the bytes instead of the actual string.
For example:
var crypto = require('crypto');
var key = Buffer.from('E49756B4C8FAB4E48222A3E7F3B97CC3', 'hex');
console.log(crypto.createHmac('sha256', key).update('TEST STRING').digest('hex'))
For Python ninjas
import hmac
import hashlib
import binascii
def create_sha256_signature(key, message):
byte_key = binascii.unhexlify(key)
message = message.encode()
return hmac.new(byte_key, message, hashlib.sha256).hexdigest().upper()
http://www.gauravvjn.com/generate-hmac-sha256-signature-in-python/
I am having some issues trying to match an MD5 encryption with salt from Lua to C#. Meaning, I have it hashing and salting the account password in Lua, but I need to match that exact same encryption in C# as I am developing a website in C# that needs to use the same database and accounts as the Lua script.
I've tried for quite some time now trying to match them, but no matter what I do I can't seem to get it right.
Lua hash:
if (string.len(cpypassword) ~= 64) then
password = md5(Newsalt .. password)
local result = mysql:query("SELECT username FROM accounts WHERE username='" .. username .. "'")
if (mysql:num_rows(result)>0) then
local insertid = mysql:query_insert_free("UPDATE accounts SET password='" .. mysql:escape_string(password) .. "' WHERE username='".. mysql:escape_string(username) .."'")
triggerClientEvent(client, "accounts:login:attempt", client, 1, "Password changed!\nThank you." )
end
end
I've tried a variety of different ways to do MD5 hash in C#, but none of them matches, so here I am now, asking you for suggestions.
Thank you in advance.
EDIT:
Lua function generates this as an example:
CFA62AA942A84781B1C101D6D583B641
Same example generated in C# with the C# hashing:
DSqwG/W1LNbHsCEkHNAUpg==
C# code (just one of the things I tried, I found much simpler ones, but this is the latest one I tried, just copied out of a tutorial)
public class Encryption
{
public static string EncryptorDecrypt(string securityCode, string key, bool encrypt)
{
byte[] toEncryptorDecryptArray;
ICryptoTransform cTransform;
// Transform the specified region of bytes array to resultArray
MD5CryptoServiceProvider md5Hasing = new MD5CryptoServiceProvider();
byte[] keyArrays = md5Hasing.ComputeHash(Encoding.UTF8.GetBytes(securityCode));
md5Hasing.Clear();
TripleDESCryptoServiceProvider tdes = new TripleDESCryptoServiceProvider() { Key = keyArrays, Mode = CipherMode.ECB, Padding = PaddingMode.PKCS7 };
if (encrypt == true)
{
toEncryptorDecryptArray = Encoding.UTF8.GetBytes(key);
cTransform = tdes.CreateEncryptor();
}
else
{
toEncryptorDecryptArray = Convert.FromBase64String(key.Replace(' ', '+'));
cTransform = tdes.CreateDecryptor();
}
byte[] resultsArray = cTransform.TransformFinalBlock(toEncryptorDecryptArray, 0, toEncryptorDecryptArray.Length);
tdes.Clear();
if (encrypt)
{ //if encrypt we need to return encrypted string
return Convert.ToBase64String(resultsArray, 0, resultsArray.Length);
}
//else we need to return decrypted string
return Encoding.UTF8.GetString(resultsArray);
}
}
The code you provided for C# is not generating an MD5 hash; instead it is hashing the securityCode and using it as a key for TripleDES.
Take a look at this blog post (copied relevant bits out):
public string CalculateMD5Hash(string input)
{
// step 1, calculate MD5 hash from input
MD5 md5 = System.Security.Cryptography.MD5.Create();
byte[] inputBytes = System.Text.Encoding.ASCII.GetBytes(input);
byte[] hash = md5.ComputeHash(inputBytes);
// step 2, convert byte array to hex string
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hash.Length; i++)
{
sb.Append(hash[i].ToString("X2"));
}
return sb.ToString();
}
In a small project of mine i need to calculate the hash of a function.
I have a working example of PHP hash
$pass = "123456";
$mysalt = strrev($pass);
echo hash_pbkdf2('sha1', $pass, $mysalt, 1000, 32); //using the PHP inbuilt function
echo "</br>";
include_once('PasswordHash.php');
echo pbkdf2('sha1', $pass, $mysalt, 1000, 16); //using external code
Both of them has same output : 523d904c8f2df96634d9eed3b444838e
Now i need my code to be backward be compatible with C# generated as the password has will be verified by a PHP server. and the Request is to be sent by a C# application.
Here is what i tried : output = 8e59ead5f90c6af11cf80641d51c241c
public static class Program
{
public static string ReverseString(this string s)
{
char[] arr = s.ToCharArray();
Array.Reverse(arr);
return new string(arr);
}
static void Main(string[] args)
{
var pass = "123456";
byte[] salt = Encoding.ASCII.GetBytes(pass.ReverseString());
//https://github.com/defuse/password-hashing/blob/master/PasswordHash.cs
//was getting error salt not 8 byte,
//http://stackoverflow.com/questions/1647481/what-is-the-c-sharp-equivalent-of-the-php-pack-function
salt = Pack(pass.ReverseString());
var hash = PasswordHash.PBKDF2(pass, salt, 1000, 16);
Console.WriteLine(BitConverter.ToString(hash).Replace("-", string.Empty).ToLower());
Console.ReadKey();
}
public static byte[] Pack(string salt)
{
using (var ms = new MemoryStream())
{
using (var bw = new BinaryWriter(ms))
{
var data = Encoding.ASCII.GetBytes(salt);
bw.Write(data.Length + 4); // Size of ASCII string + length (4 byte int)
bw.Write(data);
}
return ms.ToArray();
}
}
}
The problem here is with your salt. It is only 6 bytes long and PHP handles this different then your c# code. If you update the code to the following:
<?php
$pass = "1234567890";
$mysalt = strrev($pass);
echo hash_pbkdf2('sha1', $pass, $mysalt, 1000, 32);
?>
your output is: 42e8bfc7fc5fd4686915d49d5a29bc1e
Then adjust your c# code to:
var pass = "1234567890";
byte[] salt = Encoding.ASCII.GetBytes(pass.ReverseString());
//DISABLE YOUR PACK METHOD
//salt = Pack(pass.ReverseString());
var hash = PasswordHash.PBKDF2(pass, salt, 1000, 16);
Console.WriteLine(BitConverter.ToString(hash).Replace("-", string.Empty).ToLower());
Console.ReadKey();
The output is: 42e8bfc7fc5fd4686915d49d5a29bc1e
The difference comes from your Pack method, it randomly adds 4 bytes to the salt. You can see that easily in the inspector in VS.
So the easy fix is to use a salt that has atleast 8 chars (minimum for Rfc2898DeriveBytes which is used by your C# code) and dont use your Pack method
If you look at the php docs there is a "Request for comments" that mentions that the salt must be atleast 8bytes (64bit). So using less leads to conflicts, like you already encountered.
UPDATE
Now if you realy want to use the less secure salt with <8 bytes, you can look at the following stackoverflow question PBKDF2 implementation in C# with Rfc2898DeriveBytes for a c# version that doesnt require a minimum length.
It looks like the Pack method is not necessary, but it is necessary that your salt be at least 8 bytes.
$pass = "12345678";
$mysalt = strrev($pass);
echo hash_pbkdf2('sha1', $pass, $mysalt, 1000, 32); //using the PHP inbuilt function
This outputs 381dae25b08b6f141671c74715961b1b.
This C# code provides the same output.
public static class Program
{
public static string ReverseString(this string s)
{
char[] arr = s.ToCharArray();
Array.Reverse(arr);
return new string(arr);
}
static void Main(string[] args)
{
var pass = "12345678";
byte[] salt = Encoding.ASCII.GetBytes(pass.ReverseString());
//https://github.com/defuse/password-hashing/blob/master/PasswordHash.cs
//was getting error salt not 8 byte,
//https://stackoverflow.com/questions/1647481/what-is-the-c-sharp-equivalent-of-the-php-pack-function
var hash = PasswordHash.PBKDF2(pass, salt, 1000, 16);
Console.WriteLine(BitConverter.ToString(hash).Replace("-", string.Empty).ToLower());
Console.ReadKey();
}
}
From your comments, it seems like you may be developing under requirements constraints. If you are not able to control the requirements around salt, you might look at this answer.
Let's say I need to do this in Powershell:
$SecurePass = Get-Content $CredPath | ConvertTo-SecureString -Key (1..16)
[String]$CleartextPass = [Runtime.InteropServices.Marshal]::PtrToStringAuto([Runtime.InteropServices.Marshal]::SecureStringToBSTR($CredPass));
The content of $CredPath is a file that contains the output of ConvertFrom-SecureString -Key (1..16).
How do I accomplish the ConvertTo-SecureString -key (1..16) portion in C#/.NET?
I know how to create a SecureString, but I'm not sure how the encryption should be handled.
Do I encrypt each character using AES, or decrypt the string and then create a the secure string per character?
I know next to nothing about cryptography, but from what I've gathered I might just want to invoke the Powershell command using C#.
For reference, I found a similar post about AES encryption/decryption here:
Using AES encryption in C#
UPDATE
I have reviewed the link Keith posted, but I face additional unknowns. The DecryptStringFromBytes_Aes takes three arguments:
static string DecryptStringFromBytes_Aes(byte[] cipherText, byte[] Key, byte[] IV)
The first argument is a byte array represents the encrypted text. The question here is, how should the string be represented in the byte array? Should it be represented with or without encoding?
byte[] ciphertext = Encoding.ASCII.GetBytes(encrypted_text);
byte[] ciphertext = Encoding.UTF8.GetBytes(encrypted_text);
byte[] ciphertext = Encoding.Unicode.GetBytes(encrypted_text);
byte[] ciphertext = new byte[encrypted_password.Length * sizeof(char)];
System.Buffer.BlockCopy(encrypted_password.ToCharArray(), 0, text, 0, text.Length);
The second byte array is the key should simply be an array of integers:
byte[] key = { 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16 };
The third byte array is an "Initialization Vector" - it looks like the Aes.Create() call will generate a byte[] for IV randomly. Reading around, I've found that I might need to use the same IV. As ConvertFrom-SecureString and ConvertTo-SecureString are able to encrypt/decrypt using simply the key, I am left with the assumption that the IV[] can be random -or- has a static definition.
I have not yet found a winning combination, but I will keep trying.
I know this is an old post. I am posting this for completeness and posterity, because I couldn't find a complete answer on MSDN or stackoverflow. It will be here in case I ever need to do this again.
It is a C# implementation of of powershell's ConvertTo-SecureString with AES encryption (turned on by using the -key option). I will leave it for exercise to code a C# implementation of ConvertFrom-SecureString.
# forward direction
[securestring] $someSecureString = read-host -assecurestring
[string] $psProtectedString = ConvertFrom-SecureString -key (1..16) -SecureString $someSecureString
# reverse direction
$back = ConvertTo-SecureString -string $psProtectedString -key (1..16)
My work is combining answers and re-arranging user2748365's answer to be more readable and adding educational comments! I also fixed the issue with taking a substring -- at the time of this post, his code only has two elements in strArray.
using System.IO;
using System.Text;
using System.Runtime.InteropServices;
using System.Security;
using System.Security.Cryptography;
using System.Globalization;
// psProtectedString - this is the output from
// powershell> $psProtectedString = ConvertFrom-SecureString -SecureString $aSecureString -key (1..16)
// key - make sure you add size checking
// notes: this will throw an cryptographic invalid padding exception if it cannot decrypt correctly (wrong key)
public static SecureString ConvertToSecureString(string psProtectedString, byte[] key)
{
// '|' is indeed the separater
byte[] asBytes = Convert.FromBase64String( psProtectedString );
string[] strArray = Encoding.Unicode.GetString(asBytes).Split(new[] { '|' });
if (strArray.Length != 3) throw new InvalidDataException("input had incorrect format");
// strArray[0] is a static/magic header or signature (different passwords produce
// the same header) It unused in our case, looks like 16 bytes as hex-string
// you know strArray[1] is a base64 string by the '=' at the end
// the IV is shorter than the body, and you can verify that it is the IV,
// because it is exactly 16bytes=128bits and it decrypts the password correctly
// you know strArray[2] is a hex-string because it is [0-9a-f]
byte[] magicHeader = HexStringToByteArray(encrypted.Substring(0, 32));
byte[] rgbIV = Convert.FromBase64String(strArray[1]);
byte[] cipherBytes = HexStringToByteArray(strArray[2]);
// setup the decrypter
SecureString str = new SecureString();
SymmetricAlgorithm algorithm = SymmetricAlgorithm.Create();
ICryptoTransform transform = algorithm.CreateDecryptor(key, rgbIV);
using (var stream = new CryptoStream(new MemoryStream(cipherBytes), transform, CryptoStreamMode.Read))
{
// using this silly loop format to loop one char at a time
// so we never store the entire password naked in memory
int numRed = 0;
byte[] buffer = new byte[2]; // two bytes per unicode char
while( (numRed = stream.Read(buffer, 0, buffer.Length)) > 0 )
{
str.AppendChar(Encoding.Unicode.GetString(buffer).ToCharArray()[0]);
}
}
//
// non-production code
// recover the SecureString; just to check
// from http://stackoverflow.com/questions/818704/how-to-convert-securestring-to-system-string
//
IntPtr valuePtr = IntPtr.Zero;
string secureStringValue = "";
try
{
// get the string back
valuePtr = Marshal.SecureStringToGlobalAllocUnicode(str);
secureStringValue = Marshal.PtrToStringUni(valuePtr);
}
finally
{
Marshal.ZeroFreeGlobalAllocUnicode(valuePtr);
}
return str;
}
// from http://stackoverflow.com/questions/311165/how-do-you-convert-byte-array-to-hexadecimal-string-and-vice-versa
public static byte[] HexStringToByteArray(String hex)
{
int NumberChars = hex.Length;
byte[] bytes = new byte[NumberChars / 2];
for (int i = 0; i < NumberChars; i += 2) bytes[i / 2] = Convert.ToByte(hex.Substring(i, 2), 16);
return bytes;
}
public static SecureString DecryptPassword( string psPasswordFile, byte[] key )
{
if( ! File.Exists(psPasswordFile)) throw new ArgumentException("file does not exist: " + psPasswordFile);
string formattedCipherText = File.ReadAllText( psPasswordFile );
return ConvertToSecureString(formattedCipherText, key);
}
According to the docs on ConvertFrom-SecureString the AES encryption algorithm is used:
If an encryption key is specified by using the Key or SecureKey
parameters, the Advanced Encryption Standard (AES) encryption
algorithm is used. The specified key must have a length of 128, 192,
or 256 bits because those are the key lengths supported by the AES
encryption algorithm. If no key is specified, the Windows Data
Protection API (DPAPI) is used to encrypt the standard string
representation.
Look at the DecryptStringFromBytes_Aes example in the MSDN docs.
BTW an easy option would be to use the PowerShell engine from C# to execute the ConvertTo-SecureString cmdlet to do the work. Otherwise, it looks like the initialization vector is embedded somewhere in the ConvertFrom-SecureString output and may or may not be easy to extract.
How do I accomplish the ConvertTo-SecureString -key (1..16) portion in C#/.NET?
Please see the following code:
private static SecureString ConvertToSecureString(string encrypted, string header, byte[] key)
{
string[] strArray = Encoding.Unicode.GetString(Convert.FromBase64String(encrypted.Substring(header.Length, encrypted.Length - header.Length))).Split(new[] {'|'});
SymmetricAlgorithm algorithm = SymmetricAlgorithm.Create();
int num2 = strArray[2].Length/2;
var bytes = new byte[num2];
for (int i = 0; i < num2; i++)
bytes[i] = byte.Parse(strArray[2].Substring(2*i, 2), NumberStyles.AllowHexSpecifier, CultureInfo.InvariantCulture);
ICryptoTransform transform = algorithm.CreateDecryptor(key, Convert.FromBase64String(strArray[1]));
using (var stream = new CryptoStream(new MemoryStream(bytes), transform, CryptoStreamMode.Read))
{
var buffer = new byte[bytes.Length];
int num = stream.Read(buffer, 0, buffer.Length);
var data = new byte[num];
for (int i = 0; i < num; i++) data[i] = buffer[i];
var str = new SecureString();
for (int j = 0; j < data.Length/2; j++) str.AppendChar((char) ((data[(2*j) + 1]*0x100) + data[2*j]));
return str;
}
}
Example:
encrypted = "76492d1116743f0423413b16050a5345MgB8ADcAbgBiAGoAVQBCAFIANABNADgAYwBSAEoAQQA1AGQAZgAvAHYAYwAvAHcAPQA9AHwAZAAzADQAYwBhADYAOQAxAGIAZgA2ADgAZgA0AGMANwBjADQAYwBiADkAZgA1ADgAZgBiAGQAMwA3AGQAZgAzAA==";
header = "76492d1116743f0423413b16050a5345";
If you want to get decrypted characters, please check data in the method.
I found the easiest and simplest way was to call the ConvertTo-SecureString PowerShell command directly from C#. That way there's no difference in the implementation and the output is exactly what it would be if you called it from PowerShell directly.
string encryptedPassword = RunPowerShellCommand("\""
+ password
+ "\" | ConvertTo-SecureString -AsPlainText -Force | ConvertFrom-SecureString", null);
public static string RunPowerShellCommand(string command,
Dictionary<string, object> parameters)
{
using (PowerShell powerShellInstance = PowerShell.Create())
{
// Set up the running of the script
powerShellInstance.AddScript(command);
// Add the parameters
if (parameters != null)
{
foreach (var parameter in parameters)
{
powerShellInstance.AddParameter(parameter.Key, parameter.Value);
}
}
// Run the command
Collection<PSObject> psOutput = powerShellInstance.Invoke();
StringBuilder stringBuilder = new StringBuilder();
if (powerShellInstance.Streams.Error.Count > 0)
{
foreach (var errorMessage in powerShellInstance.Streams.Error)
{
if (errorMessage != null)
{
throw new InvalidOperationException(errorMessage.ToString());
}
}
}
foreach (var outputLine in psOutput)
{
if (outputLine != null)
{
stringBuilder.Append(outputLine);
}
}
return stringBuilder.ToString();
}
}
Adding on to Cheng's answer - I found I had to change:
byte[] magicHeader = HexStringToByteArray(encrypted.Substring(0, 32));
to
byte[] magicHeader = HexStringToByteArray(psProtectedString.Substring(0, 32));
and
SymmetricAlgorithm algorithm = SymmetricAlgorithm.Create();
to
SymmetricAlgorithm algorithm = Aes.Create();
but it otherwise works wonderfully.
I'm trying to connect to a website I made with auth that uses MD5.hex(password) to encrypt the password before sending it to the PHP. How could I achieve the same encryption in C#?
EDIT1:
Javascript (YUI Library):
pw = MD5.hex(pw);
this.chap.value = MD5.hex(pw + this.token.value);
C#.NET
string pw = getMD5(getHex(getMD5(getHex(my_password)) + my_token));
Utility:
public string getMD5(string input)
{
// Create a new instance of the MD5CryptoServiceProvider object.
MD5 md5Hasher = MD5.Create();
// Convert the input string to a byte array and compute the hash.
byte[] data = md5Hasher.ComputeHash(Encoding.Default.GetBytes(input));
// Create a new Stringbuilder to collect the bytes
// and create a string.
StringBuilder sBuilder = new StringBuilder();
// Loop through each byte of the hashed data
// and format each one as a hexadecimal string.
for (int i = 0; i < data.Length; i++)
{
sBuilder.Append(data[i].ToString("x2"));
}
// Return the hexadecimal string.
return sBuilder.ToString();
}
public string getHex(string asciiString)
{
string hex = "";
foreach (char c in asciiString)
{
int tmp = c;
hex += String.Format("{0:x2}", (uint)System.Convert.ToUInt32(tmp.ToString()));
}
return hex;
}
Using .NET's MD5 Class in the System.Security.Cryptography namespace.
The link above contains a short code example; you might also want to check out Jeff Attwood's CodeProject article .NET Encryption Simplified.