Using a MD5 Hash with C# (.net) and Oracle

From: Bart (bart.fibrich_at_gmail.com)
Date: 01/22/05

• Next message: Cantelmo Software: "[Semi OT] Obfuscator Opinion"
• Previous message: Gecko: "Re: sn.exe -Vr assembly"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: 22 Jan 2005 03:23:49 -0800

When comparing md5 hashes between ones generated by Oracle and .Net (or
any thing else) you need to ensure that exactly the same byte arrays
enter the md5 algorithm on both sides. This is done by ensuring that
both sides are using the same codepage during calculation.

For example if the database is set to
CHARACTER SET WE8MSWIN1252

And you calculate a hash like this
RETURN DBMS_OBFUSCATION_TOOLKIT.MD5(input_string =>
UPPER(p_username) || '/' || UPPER(p_password));

The .net comparing side will need to be something like.
string username = TextBox1.Text;
string password = TextBox2.Text;
string md5HashRemote = reader.["HASH"].ToString();

// get the same encoding as the database.
Encoding en = Encoding.GetEncoding(1252);

// Get the md5 provider
MD5CryptoServiceProvider md5Provider = new MD5CryptoServiceProvider();

// Compute the local hash
Byte[] md5HashLocal = md5Provider.ComputeHash(en.GetBytes(username +
"/" + password));
if (en.GetString(md5HashLocal) == md5HashRemote) { // Success!!!!
}

---

• Next message: Cantelmo Software: "[Semi OT] Obfuscator Opinion"
• Previous message: Gecko: "Re: sn.exe -Vr assembly"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(18)