HashPasswordForStoringInConfigFile中的Md5算法并非常用的Md5算法

时间:2024-01-17 14:10:08

今天在开发一个软件时,同时在B/S版和C/S版中都要用到MD5加密,在
ASP.NET中使用的是

/**//// <summary>
    /// 取得MD5加密串
    /// </summary>
    /// <param name="input">源明文字符串</param>
    /// <returns>密文字符串</returns>
    public static string GetMD5Hash(string input)
    ...{
        return System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(strOriginal, "MD5");
    }
的加密方式;
而在WinForm中用的是

/**//// <summary>
    /// 取得MD5加密串
    /// </summary>
    /// <param name="input">源明文字符串</param>
    /// <returns>密文字符串</returns>
    public static string GetMD5Hash(string input)
    ...{
        System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
        byte[] bs = System.Text.Encoding.Default.GetBytes(input);
        bs = md5.ComputeHash(bs);
        System.Text.StringBuilder s = new System.Text.StringBuilder();
        foreach (byte b in bs)
        ...{
            s.Append(b.ToString("x2").ToUpper());
        }
        string password = s.ToString();
        return password;
    }
但发现同样一个字符串,两种方式得出的密文是不一样的,最后才发现原来是编码方式导致的,ASP.NET里默认的是UTF-8编码,把WinForm程序里的System.Text.Encoding.Default.GetBytes(input);替换成System.Text.Encoding.UTF8.GetBytes(input);即可
最终正确版:

/**//// <summary>
    /// 取得MD5加密串
    /// </summary>
    /// <param name="input">源明文字符串</param>
    /// <returns>密文字符串</returns>
    public static string GetMD5Hash(string input)
    ...{
        System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
        byte[] bs = System.Text.Encoding.UTF8.GetBytes(input);
        bs = md5.ComputeHash(bs);
        System.Text.StringBuilder s = new System.Text.StringBuilder();
        foreach (byte b in bs)
        ...{
            s.Append(b.ToString("x2").ToUpper());
        }
        string password = s.ToString();
        return password;
    }