Re: MD5

From: Dominick Baier [DevelopMentor] (dbaier_at_pleasepleasenospamdevelop.com)
Date: 11/22/05

• Next message: Marre: "Re: MD5"
• Previous message: Marre: "MD5"
• In reply to: Marre: "MD5"
• Next in thread: Marre: "Re: MD5"
• Reply: Marre: "Re: MD5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Tue, 22 Nov 2005 03:44:30 -0800

Hello Marre,

this uses SHA1 for something similar - should be enough to get you started...

       // Hash = H(salt, H(passphrase))
        static void lengthExtensionHash2()
        {
            Console.WriteLine("Hash with anti length extension attack 2");

            string password = "secret";
            byte[] passwordBytes = Encoding.Unicode.GetBytes(password);
            byte[] salt = new byte[32];

            new RNGCryptoServiceProvider().GetBytes(salt);

            SHA1Managed sha = new SHA1Managed();

            byte[] hashedPasswordBytes = sha.ComputeHash(passwordBytes);

            CryptoStream cs = new CryptoStream(Stream.Null, sha, CryptoStreamMode.Write);
            cs.Write(salt, 0, salt.Length);
            cs.Write(hashedPasswordBytes, 0, hashedPasswordBytes.Length);
            
            cs.FlushFinalBlock();

            byte[] hash = sha.Hash;

            string hashString = Convert.ToBase64String(hash);
            string saltString = Convert.ToBase64String(salt);

            Console.WriteLine("Hash: " + hashString);
            Console.WriteLine("Salt: " + saltString);
        }

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com

> Hi all!
>
> I have a md5 question.
> I receive a md5 string created with Message-Digest algorithm and I
> want to
> create the same string in my webapplication.
> I have this values to go on:
>
> myMD5String = MD5(mySecretValue2 + MD5(mySecretValue1 + "some
> string"))
>
> myMD5String should of cource be the same as the md5 string i receive.
>
> I have no idea if I have told you enough about my problem, but someone
> might be able to point me to right direction :)
>
> Best regards
> Marre

---

• Next message: Marre: "Re: MD5"
• Previous message: Marre: "MD5"
• In reply to: Marre: "MD5"
• Next in thread: Marre: "Re: MD5"
• Reply: Marre: "Re: MD5"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: Split, Substring and other functions in expression editor? ... Jon Flanders ... "Sam Loveridge" wrote in message ... >> Jon Flanders [DevelopMentor] ... I'm trying to take a string variable in the BizTalk Expression ... (microsoft.public.biztalk.general) Re: datagrid,spliting value from database ... > string GetLeftHalf ... > void Grid_ItemCommand(object s, DataGridCommandEventArgs e) ... >>> DevelopMentor ... Prev by Date: ... (microsoft.public.dotnet.framework.aspnet) Re: Get role for any given user name ... have a look at the ctor of WindowsIdentity that takes a string. ... Dominick Baier - DevelopMentor ... (microsoft.public.dotnet.security) String to Int ... Richard Blewett - DevelopMentor ... Kind of a newbie question, but I need to be able to convert a string to ... (microsoft.public.dotnet.languages.csharp) Re: Constant Hashcode ... You also have the fairly major stumbling block that string is sealed so you'd have to use encapsulation and delegation instead. ... Regards ... Richard Blewett - DevelopMentor ... (microsoft.public.dotnet.languages.csharp)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.dotnet.framework.aspnet.security  > 2005-11