Re: C# Equivalent of C++ MD5 Algorith

Well, your original post said you were looking for an MD5 Hash. So, I guess
you are on your own.
Best of luck!
Peter

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com




"galtschul@xxxxxxxxx" wrote:

I've looked at that post and it's basically doing exactly what I'm
doing, The only difference is tthat the author treats the incoming
string as unicode (which mine is not. It's ascii) and he converts to
HEX (which I can't do.. I have to convert to base64 since that's how
it's stored in the database). I did try this approach and, although I
got a different hash returned, it contained the same amount number of
charectars.

I don't see any reference here to ASN.1 encoding of a PKCS #7 X.509
message. How do I go about doing this in C#?

Regards,

Gregg

Peter wrote:
Here is somebody's blog post that should point you in the right direction.
It's not as complicated as you indicated:

http://blog.stevex.net/index.php/c-code-snippet-creating-an-md5-hash-string/

Peter

--
Co-founder, Eggheadcafe.com developer portal:
http://www.eggheadcafe.com
UnBlog:
http://petesbloggerama.blogspot.com




"galtschul@xxxxxxxxx" wrote:

How do I go about implementing that in C#. I tried some of the various
x509 and pkcs7 classes and I kept getting exceptions having to do with
certificates and whatnot. I felt like I was wasting my time going down
the wrong path and this stuff doesn't seem too well documented on
msdn.microsoft.com.

Regards

Ben Voigt wrote:
<galtschul@xxxxxxxxx> wrote in message
news:1164141343.043155.186300@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I am re-writing a C++ application in C# that takes a user's password,
encrypts it using MD5 (I think), and compares it to what was encrypted
and stored in the database when the user initially created their
password. The problem is that the C++ encryption generates 110
characters and the C# encryption generates only 24. The interesting
thing is that the 24 charectars generated by the C# MD5 algorithm
matches the last 24 charecters of the C++ encryption algorithm. Here is
the C++ code:

The C++ code is requesting ASN.1 encoding of a PKCS #7 X.509 message, which
will naturally add a humonguous header to the data.


/**************************************/
std::string PasswordHash::get_passwordhash(char *s)
{
std::string hashed_value;

const BYTE* sval[1];
unsigned long lval[1];

sval[0] = reinterpret_cast<BYTE*>(s);
lval[0] = lstrlen(s);

CRYPT_ALGORITHM_IDENTIFIER AlgId;
AlgId.pszObjId=szOID_RSA_MD5;
AlgId.Parameters.cbData=0;

CRYPT_HASH_MESSAGE_PARA hash;
hash.cbSize = sizeof(CRYPT_HASH_MESSAGE_PARA);
hash.dwMsgEncodingType = (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING);
hash.hCryptProv = NULL;
hash.HashAlgorithm = AlgId;
hash.pvHashAuxInfo = NULL;

unsigned long hash_length = 0;
if(!CryptHashMessage( &hash, FALSE, 1, sval, lval, NULL,
&hash_length, NULL, NULL))
{
DWORD error = GetLastError();
return hashed_value;
}

BYTE* hash_data = new BYTE[hash_length + 1];
ZeroMemory(hash_data, hash_length + 1);

if(!CryptHashMessage(&hash, FALSE, 1, sval, lval, hash_data,
&hash_length, NULL, NULL))
{
DWORD error = GetLastError();
return hashed_value;
}

std::vector<char > vhash_data;
vhash_data.resize(hash_length);
memcpy(&vhash_data[0], (void*)hash_data, hash_length);

base64<char> encoder;
int state = 0;
encoder.put(vhash_data.begin(), vhash_data.end(),
std::back_inserter(hashed_value), state, base64<>::noline());
return hashed_value;
}

/**************************************/

And here is the C# code that I'm using:

string generatePassword(string password)
{
MD5 md5Hasher = new MD5CryptoServiceProvider();
byte[] data =
md5Hasher.ComputeHash(Encoding.ASCII.GetBytes(password));
string s = Convert.ToBase64String(data);
return s;
}

C++ OUTPUT
--------------------------
"MEcGCSqGSIb3DQEHBaA6MDgCAQAwDAYIKoZIhvcNAgUFADATBgkqhkiG9w0BBwGgBgQEODg3OAQQAETe7sQ97Rm5UhJQeesXgQ=="

C# OUTPUT
--------------------------
"AETe7sQ97Rm5UhJQeesXgQ=="

Am I doing something wrong in the C# code? Perhaps I'm not fully
understanding what the C++ code is doing.

Thanks in advance for any help I can get





.

Relevant Pages

  • Re: Need strong crypto for sending my password via sockets.
    ... MD5 and Blowfish are indeed free, but MD5 is not an encryption algorithm ... it is a disgest (hash) algorithm. ... Server crypts it's own copy of password ...
    (microsoft.public.vc.mfc)
  • Re: incremental MD5 ?
    ... and i'm trying MD5 encryption, the original data is quite big and MD5 ... Hash the book to get the book hash ... Hash all the shelf hashes in a column to get the column hash ...
    (sci.crypt)
  • Re: password length
    ... ]>]The short answer is "Different encryption ... ]>based hash, 128 bits in the case of the MD5 based hash. ... ]>Ie, the password algorithms are not encryptions, they are hashes. ...
    (alt.os.linux.suse)
  • Re: ADS with SP1 and IMGMOUNT.exe
    ... I can mount images with /W but I use MD5 and encryption to make sure ... Domain policy may override this. ... I would also recommend disabling the LM hash storage before taking your ...
    (microsoft.public.windows.server.setup)
  • RE: Signing before Encryption and Signing after Encryption
    ... The property that a hash match is supposed to verify (is this ... Signing before Encryption and Signing after Encryption ... Signing with symmetric keys is a lot more ...
    (Security-Basics)