Dino Buljubasic <di**@noplacelikehome.com> wrote:
I am using a function to hash a string value:
public string generateMD5Hash(string input)
{
MD5 md5Provider; // MD5 provider instance
// generate byte code for input
byte[] inputData = ASCIIEncoding.ASCII.GetBytes(input);
// compute MD5 hash
md5Provider = new MD5CryptoServiceProvider();
byte[] hashResult = md5Provider.ComputeHash(inputData);
return ASCIIEncoding.ASCII.GetString(hashResult);
}
The last return statement (ASCIIEncoding...) returns different values
if used in .NET Framework 1.1 (or 1.0) and .NET Framework 2.0. That
means that my .NET Framework 2.0 version of application (written in
C#) will not execute sam as writen in .NET Framework 1.1.
Did something changed? How to fix this?
I suspect it is only returning a different value when the byte is
greater than 127. To be honest, I think that's reasonable, as the
behaviour isn't well-defined in that situation, as ASCII doesn't
contain any values greater than 127.
For those interested, here's a sample which demonstrates the "problem":
using System;
using System.Text;
public class Test
{
static void Main()
{
string x = Encoding.ASCII.GetString (new byte[]{128});
Console.WriteLine ((int)x[0]);
}
}
Now, as to how you should fix it:
1) Encode the input string with UTF-8 instead of ASCII. That means you
won't lose data when the input contains non-ASCII characters. (In this
case as you're just taking an MD5 hash, it just means your hash is
weaker than it should be. However, it's a good idea to try not to use
an ASCII encoding when the data might contain non-ASCII characters on
principle.
2) Encode the resulting binary data using Base64 -
Convert.ToBase64String is the easiest method here.
Here's the changed method:
public string generateMD5Hash(string input)
{
// generate byte code for input
byte[] inputData = Encoding.UTF8.GetBytes(input);
// compute MD5 hash
MD5 md5Provider = new MD5CryptoServiceProvider();
byte[] hashResult = md5Provider.ComputeHash(inputData);
return Convert.ToBase64String(hashResult);
}
Now, if you've got old values which need to be matched, you'll have to
mimic the old behaviour instead, which is slightly trickier. I won't do
that now, because you might not need it - let me know if you do, and
I'll see what I can do.
--
Jon Skeet - <sk***@pobox.com>
http://www.pobox.com/~skeet Blog:
http://www.msmvps.com/jon.skeet
If replying to the group, please do not mail me too