2

Recently, I noticed that SHA algorithm computes hashes with random length.

HashAlgorithm provider;
provider = HashAlgorithm.Create("System.Security.Cryptography.SHA256");

while(!stackoverflow) {
    Console.WriteLine(Encoding.UTF8.GetString(
         provider.ComputeHash(Encoding.UTF8.GetBytes(
              (new Random()).Next().ToString())))
         .Count().ToString());
}

Outputs:

29
29
30
29
29
30
29
31
29
29
32
29
30
28
...

Is it possible to set the maximum hash length? (Could make the hash useless..) Or am I doing something wrong in computing the hashes? Encoding?

Edit:

The snippet above is just an example. What I need in the end is a method that takes a string, computes the hash of the string and returns it. HashAlgorithm.ComputeHash takes bytes and returns bytes, so I used UTF8.GetBytes() /UTF8.GetString() for converting which seems to be a huge mistake.

Atrotygma
  • 1,133
  • 3
  • 17
  • 31

1 Answers1

5

SHA1-256 hashes are always 32 bytes long. What you are doing here is that you are trying to interpret these bytes as UTF-8 encoded text, which is plain wrong because there is absolutely no guarantee that the hash bytes are a valid UTF8-encoded sequence.

Even if there was such a guarantee, UTF-8 is a variable-length encoding: when converting raw bytes to Unicode characters you "use up" a variable number of bytes (1 to 4) per character so the output from this code could theoretically be anywhere between 8 and 32.

In general, the example does not make sense. Please clarify what your intent is.

Jon
  • 428,835
  • 81
  • 738
  • 806
  • So a different encoding could fix this? ASCII? Unicode? I just saw that with ASCII, the output is always 32 chars long. With unicode, it's 16. – Atrotygma May 15 '13 at 10:12
  • The question is: *what are you trying to do?* – Jon May 15 '13 at 10:17
  • My intent is to generate a random and unique hash for using it as an identifier. In my 'real' application, other parts get hashed to guarantee unique and randomness. The snippet above is just an example. What I would like to have is a hash of hex-chars with a fixed length. But this is also a general "encoding/cryptography" question as I'm also using UTF8.GetString/UTF8.GetBytes together with RSA key generation. – Atrotygma May 15 '13 at 10:29
  • @Atrotygma: See http://stackoverflow.com/questions/623104/byte-to-hex-string or http://stackoverflow.com/questions/311165/how-do-you-convert-byte-array-to-hexadecimal-string-and-vice-versa – Jon May 15 '13 at 10:33
  • 3
    Uh. Well, now I feel ashamed. Of course I can't convert binary data that wasn't text once to string with encoding. You're right, that doesn't make sense. Thank you for your help, also for the link. Extremely helpful. – Atrotygma May 15 '13 at 10:40