How do I generate an encryption hash in ASP.NET MVC?

Question

I am looking into creating a custom members login system (for learning) and I haven't been able to figure out the C# command to generate an encrypted hash.

Is there a certain namespace I need to import or anything like that?

score 19 · Accepted Answer · answered May 10 '10 at 17:48

19

Using the namespace System.Security.Cryptography:

MD5 md5 = new MD5CryptoServiceProvider();
Byte[] originalBytes = ASCIIEncoding.Default.GetBytes(originalPassword);
Byte[]  encodedBytes = md5.ComputeHash(originalBytes);

return BitConverter.ToString(encodedBytes);

or FormsAuthentication.HashPasswordForStoringInConfigFile method

answered May 10 '10 at 17:48

Gregoire

24,219
6
46
73

1

So I need to convert originalPassword from a string to type of Byte[]? – quakkels May 10 '10 at 18:08
1

@quakkels: Yes as done in line 2 because the function take an array of byte – Gregoire May 10 '10 at 18:19
2

Sweet... I just needed to use using System.Text and this worked great!! ty – quakkels May 10 '10 at 18:37
if i provide the original hash can we decode it to its real form – ZCoder Mar 06 '18 at 21:55
1

@Agha no or you need to use brute force by generating all the possible hashes and see which one is the same – Gregoire Mar 07 '18 at 08:21

score 4 · Answer 2 · answered Dec 18 '12 at 14:44

4

For my part, I purpose this function i use to get the gravatar picture profil:

you can use it like you want

public string getGravatarPicture()
    {
        MD5 md5 = new MD5CryptoServiceProvider();
        Byte[] originalBytes = ASCIIEncoding.Default.GetBytes(email.ToLower());
        Byte[] encodedBytes = md5.ComputeHash(originalBytes);

        string hash = BitConverter.ToString(encodedBytes).Replace("-", "").ToLower();
        return "http://www.gravatar.com/avatar/"+hash+"?d=mm";
    }

answered Dec 18 '12 at 14:44

Osin

485
1
4
12

if i provide the original hash can we decode it to its real form – ZCoder Mar 06 '18 at 21:54
1

@Agha, a hash cannot be "decoded" or "unhashed". Hashing is a one-way process. – Deantwo Feb 05 '19 at 08:28

score 3 · Answer 3 · answered May 10 '10 at 17:47

3

Well, first of all an encryption hash is a contradiction. Like a vegetarian steak. You can use encryption, or you can hash them (and you should hash them), but hashing is not encryption.

Look up a class starting with Md5 ;) Or Sha1 - those are hash algoryithms. It is all there in .NET (System.Security.Cryptography namespace).

answered May 10 '10 at 17:47

TomTom

61,059
10
88
148

1

Hashing of often called "one-way encryption" – Charles Burns Apr 03 '15 at 19:10
1

@CharlesBurns But it shouldn't be, because its not encryption. There is no such thing as "one way vegan steak" – DeltaTango Jul 04 '18 at 21:58
1

@DeltaTango: You are right, technically hashing isn't encryption despite word usage because it's hard/impossible-ish to reverse. Still, usage writes the dictionary, and I lean towards more of a compression analogy than a steak analogy. AES is "lossless encryption", like PNG for images, whereas SHA is "lossy" like JPG, compressing the information down to a yes(probably)/no answer. Of course, JPG is useless if it "compresses" a photo down to a single black/white pixel. :) – Charles Burns Jul 04 '18 at 22:17
1

Also encryption can be used for hashing, after a fashion. Use the data as its own key. This is where the analogy above really starts to break apart, though perhaps less so than steak (perhaps, "using steak to feed the plants which end up as a vegetarian steak". That hurt a little to type. – Charles Burns Jul 04 '18 at 22:21

score 2 · Answer 4 · answered Jan 22 '14 at 04:28

I prefer having my hash all in one concatenated string. I borrowed this to build my hash:

public static string MD5Hash(string itemToHash)
{
    return string.Join("", MD5.Create().ComputeHash(Encoding.ASCII.GetBytes(itemToHash)).Select(s => s.ToString("x2")));
}

How do I generate an encryption hash in ASP.NET MVC?

4 Answers4

Linked

Related