1

The issue I am facing that when the encryption and decryption is totally different in the 4.0 version. That is why I am getting wrong password error. I have more than 600 users so I can't ask everyone to reset their password. So is there any way that I can reference the encryption and decryption method in the 1.1 library. This is a vb.net project 

     Public Function EncryptString(ByVal l_strText As String) As String

            Dim md5 As New MD5CryptoServiceProvider()
            Dim encoder As New UTF8Encoding()
            Dim val = encoder.GetChars(md5.ComputeHash(md5.ComputeHash(encoder.GetBytes(l_strText))))
            Return encoder.GetChars(md5.ComputeHash(md5.ComputeHash(encoder.GetBytes(l_strText))))
            'Return l_strText
        End Function
ZCoder
  • 2,155
  • 5
  • 25
  • 62
  • and what is the `l_strText` for that output? – Matt Wilko Jan 07 '16 at 14:23
  • 2
    md5 returns binary data, not a string. Looks like you have non printable characters, you should've converted the output to base 64. Also, your hash should've always been of a fixed length, for example 32 characters. (btw: this is not encryption but hashing, can't be decrypted) – the_lotus Jan 07 '16 at 14:25
  • then why this working perfectly on 1.1 framework on vs 2005 – ZCoder Jan 07 '16 at 14:51
  • The version from 1.1 was returning wrong values. ComputeHash returns 16 bytes, if your string is smaller than 16 characters it means you don't have the proper value. The proper value should be a 32 character long string in base64. – the_lotus Jan 07 '16 at 15:19
  • the correct hash for that string is `"un5C3NeSW5gV0U/9UZDgYA=="` as B64. There are several things wrong with the code, but I cant think of way to fix it (use Salt, SHA, correct encoding) without forcing a new PW on everyone – Ňɏssa Pøngjǣrdenlarp Jan 07 '16 at 15:26
  • check this out hole code – ZCoder Jan 07 '16 at 15:28
  • 1
    See this answer for [Is it safe for me to store usernames and passwords in the database?](http://stackoverflow.com/a/31150288/1070452) I am not sure what we are supposed to glean from your Decrypt method. A hash is one way and cant be undone – Ňɏssa Pøngjǣrdenlarp Jan 07 '16 at 15:46

0 Answers0