S
Super Julius
Folks,
I am struggling with the following problem. When I encode a string
using FormsAuthentication or SHA1CryptoServiceProvider, I don't get
the same encoding.
In fact I have a SHA1 ASP implementation for one of our legacy
application but I have done the migration using the following code:
private string Hash(string toHash)
{
string hashed = "";
SHA1 sha1 = new SHA1CryptoServiceProvider();
byte[] hash = sha1.ComputeHash(System.Text.Encoding.UTF8.GetBytes(toHash));
foreach(byte b in hash)
hashed += Convert.ToString(b, 16).ToUpper();
return hashed;
}
I then noticed that some values were not encoded the same way. So I
tried using FormsAuthentication.HashPasswordForStoringInConfigFile(value,
"SHA1"). Guess what the it encodes the values the same way the ASP
SHA1 does.
Basically this means that the code above with
SHA1CryptoServiceProvider is just wrong. I have tried using all the
encoding available when getting the bytes out of the string but I
cannot get the same encoding.
A value for which it does not work: ArntzHans
Result with SHA1CryptoServiceProvider:
1C4F53FA399F44D81BF4F8540B5127FB44EDA2
Result with FormsAuthentication:
1C4F53FA399F440D81BF4F8540B5127FB404EDA2
* *
Note that the 2 '0' characters outlined on the 2nd result are missing
from the first encoding.
I have read a few threads from users having the same problem, but no
concrete solution to the problem
Wish someone can help me solving this out
Thx
Julien
I am struggling with the following problem. When I encode a string
using FormsAuthentication or SHA1CryptoServiceProvider, I don't get
the same encoding.
In fact I have a SHA1 ASP implementation for one of our legacy
application but I have done the migration using the following code:
private string Hash(string toHash)
{
string hashed = "";
SHA1 sha1 = new SHA1CryptoServiceProvider();
byte[] hash = sha1.ComputeHash(System.Text.Encoding.UTF8.GetBytes(toHash));
foreach(byte b in hash)
hashed += Convert.ToString(b, 16).ToUpper();
return hashed;
}
I then noticed that some values were not encoded the same way. So I
tried using FormsAuthentication.HashPasswordForStoringInConfigFile(value,
"SHA1"). Guess what the it encodes the values the same way the ASP
SHA1 does.
Basically this means that the code above with
SHA1CryptoServiceProvider is just wrong. I have tried using all the
encoding available when getting the bytes out of the string but I
cannot get the same encoding.
A value for which it does not work: ArntzHans
Result with SHA1CryptoServiceProvider:
1C4F53FA399F44D81BF4F8540B5127FB44EDA2
Result with FormsAuthentication:
1C4F53FA399F440D81BF4F8540B5127FB404EDA2
* *
Note that the 2 '0' characters outlined on the 2nd result are missing
from the first encoding.
I have read a few threads from users having the same problem, but no
concrete solution to the problem
Wish someone can help me solving this out
Thx
Julien