Wednesday, August 12, 2009

How To: Hash Data Using MD5 and SHA1

There are two types of Encryption:

1- One way Encryption:
take input data and encrypt it, and there is no way to decrypt it again to get the source data and the good sample for one way encryption is MD5.

also the good sample for one way encryption (SQL Server Membership), it's store passwords encrypted and there is nno way to get the original Password.

only we can compare between the source you enterd and the hashed data.

2- Two way Encryption:
take input data and encrypt it, and in another side we can take encrypted data and decrypt it again using the same algorithm.

Sample:
http://waleedelkot.blogspot.com/2009/02/encryption-and-decryption-using-c.html

today I'll talk about MD5 and SHA1 and I'll Present a sample code.

Namespace: System.Security.Cryptography

the below method will return MD5 hashed string:

private string GetMD5HashData(string data)
{
MD5 md5 = MD5.Create();
byte[] hashData = md5.ComputeHash(Encoding.Default.GetBytes(data));
StringBuilder returnValue = new StringBuilder();
for (int i = 0; i <>
{
returnValue.Append(hashData[i].ToString());
}
return returnValue.ToString();
}

the below method will return MD5 hashed string:

private string GetSHA1HashData(string data)
{
SHA1 sha1 = SHA1.Create();
byte[] hashData = sha1.ComputeHash(Encoding.Default.GetBytes(data));
StringBuilder returnValue = new StringBuilder();
for (int i = 0; i <>
{
returnValue.Append(hashData[i].ToString());
}
return returnValue.ToString();
}

you can save the return value in Database and check it in the another side like SQL Server Membership.
that's great, but How can I Validate input Data and stored hashed data in Database?

the below method will validate MD5 hashed string:

private bool ValidateMD5HashData(string inputData, string storedHashData)
{
string getHashInputData = GetMD5HashData(inputData);
if (string.Compare(getHashInputData, storedHashData) == 0)
{
return true;
}
else
{
return false;
}
}

the below method will validate SHA1 hashed string:

private bool ValidateSHA1HashData(string inputData, string storedHashData)
{
string getHashInputData = GetSHA1HashData(inputData);
if (string.Compare(getHashInputData, storedHashData) == 0)
{
return true;
}
else
{
return false;
}
}

3 comments:

  1. Good post, but I think you called MD5 and SH1 as encryption algorithms but actually it is called hashing algorithms not encryption there is big difference between hashing and encryption

    ReplyDelete
  2. no, my article name is (Hash Data Using MD5 and SHA1),not encrypt data !!!!

    BTW, I was talking about concepts when I talk about one way and two way encryption.

    so if you read my article to the last word you will understand what I mean.

    thanks,
    Waleed Elkot

    ReplyDelete
  3. SHA-1 hashed code is generally represented on hex number, so in your GetSHA1HashData, you want to covert to the following format

    returnValue.Append(hashData[i].ToString("x2"));

    ReplyDelete