How To: Hash Data Using MD5 and SHA1

There are two types of Encryption:

1- One way Encryption:
take input data and encrypt it, and there is no way to decrypt it again to get the source data and the good sample for one way encryption is MD5.

also the good sample for one way encryption (SQL Server Membership), it's store passwords encrypted and there is nno way to get the original Password.

only we can compare between the source you enterd and the hashed data.

2- Two way Encryption:
take input data and encrypt it, and in another side we can take encrypted data and decrypt it again using the same algorithm.

Sample:
http://waleedelkot.blogspot.com/2009/02/encryption-and-decryption-using-c.html

today I'll talk about MD5 and SHA1 and I'll Present a sample code.

Namespace: System.Security.Cryptography

the below method will return MD5 hashed string:

private string GetMD5HashData(string data)
{
MD5 md5 = MD5.Create();
byte[] hashData = md5.ComputeHash(Encoding.Default.GetBytes(data));
StringBuilder returnValue = new StringBuilder();
for (int i = 0; i <>
{
returnValue.Append(hashData[i].ToString());
}
return returnValue.ToString();
}

the below method will return MD5 hashed string:

private string GetSHA1HashData(string data)
{
SHA1 sha1 = SHA1.Create();
byte[] hashData = sha1.ComputeHash(Encoding.Default.GetBytes(data));
StringBuilder returnValue = new StringBuilder();
for (int i = 0; i <>
{
returnValue.Append(hashData[i].ToString());
}
return returnValue.ToString();
}

you can save the return value in Database and check it in the another side like SQL Server Membership.
that's great, but How can I Validate input Data and stored hashed data in Database?

the below method will validate MD5 hashed string:

private bool ValidateMD5HashData(string inputData, string storedHashData)
{
string getHashInputData = GetMD5HashData(inputData);
if (string.Compare(getHashInputData, storedHashData) == 0)
{
return true;
}
else
{
return false;
}
}

the below method will validate SHA1 hashed string:

private bool ValidateSHA1HashData(string inputData, string storedHashData)
{
string getHashInputData = GetSHA1HashData(inputData);
if (string.Compare(getHashInputData, storedHashData) == 0)
{
return true;
}
else
{
return false;
}
}

How To: Encrypt and Decrypt string Using C#

I think Any Developer need to protect his data from nasty people
Ex. We will assume we have an application (windows application – web application ….etc) will connect to
Active directory or Team Foundation Server or any application need authentication to connect to it
First thing any developer should thinking about how I made my application secured

So when we pass the credentials will pass it Encrypted and from another side will decrypt these credentials.
In this article I’ll show you how to encrypt any string and decrypt it.
Create a new windows application using C# the design will be something like the below image:

using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using System.Security.Cryptography;
using System.IO;

namespace RsaEncryption
{
public partial class Main : Form
{
public Main()
{
InitializeComponent();
}


private static string sKey = "UJYHCX783her*&5@$%#(MJCX**38n*#6835ncv56tvbry(&#MX98cn342cn4*&X#&";

public static string Encrypt(string sPainText)
{
if (sPainText.Length == 0)
return (sPainText);
return (EncryptString(sPainText, sKey));
}

public static string Decrypt(string sEncryptText)
{
if (sEncryptText.Length == 0)
return (sEncryptText);
return (DecryptString(sEncryptText, sKey));
}


protected static string EncryptString(string InputText, string Password)
{
// "Password" string variable is nothing but the key(your secret key) value which is sent from the front end.
// "InputText" string variable is the actual password sent from the login page.
// We are now going to create an instance of the
// Rihndael class.
RijndaelManaged RijndaelCipher = new RijndaelManaged();
// First we need to turn the input strings into a byte array.
byte[] PlainText = System.Text.Encoding.Unicode.GetBytes(InputText);
// We are using Salt to make it harder to guess our key
// using a dictionary attack.
byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
// The (Secret Key) will be generated from the specified
// password and Salt.
//PasswordDeriveBytes -- It Derives a key from a password
PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
// Create a encryptor from the existing SecretKey bytes.
// We use 32 bytes for the secret key
// (the default Rijndael key length is 256 bit = 32 bytes) and
// then 16 bytes for the IV (initialization vector),
// (the default Rijndael IV length is 128 bit = 16 bytes)
ICryptoTransform Encryptor = RijndaelCipher.CreateEncryptor(SecretKey.GetBytes(16), SecretKey.GetBytes(16));
// Create a MemoryStream that is going to hold the encrypted bytes
MemoryStream memoryStream = new MemoryStream();
// Create a CryptoStream through which we are going to be processing our data.
// CryptoStreamMode.Write means that we are going to be writing data
// to the stream and the output will be written in the MemoryStream
// we have provided. (always use write mode for encryption)
CryptoStream cryptoStream = new CryptoStream(memoryStream, Encryptor, CryptoStreamMode.Write);
// Start the encryption process.
cryptoStream.Write(PlainText, 0, PlainText.Length);
// Finish encrypting.
cryptoStream.FlushFinalBlock();
// Convert our encrypted data from a memoryStream into a byte array.
byte[] CipherBytes = memoryStream.ToArray();
// Close both streams.
memoryStream.Close();
cryptoStream.Close();
// Convert encrypted data into a base64-encoded string.
// A common mistake would be to use an Encoding class for that.
// It does not work, because not all byte values can be
// represented by characters. We are going to be using Base64 encoding
// That is designed exactly for what we are trying to do.
string EncryptedData = Convert.ToBase64String(CipherBytes);
// Return encrypted string.
return EncryptedData;
}

protected static string DecryptString(string InputText, string Password)
{
try
{
RijndaelManaged RijndaelCipher = new RijndaelManaged();
byte[] EncryptedData = Convert.FromBase64String(InputText);
byte[] Salt = Encoding.ASCII.GetBytes(Password.Length.ToString());
PasswordDeriveBytes SecretKey = new PasswordDeriveBytes(Password, Salt);
// Create a decryptor from the existing SecretKey bytes.
ICryptoTransform Decryptor = RijndaelCipher.CreateDecryptor(SecretKey.GetBytes(16), SecretKey.GetBytes(16));
MemoryStream memoryStream = new MemoryStream(EncryptedData);
// Create a CryptoStream. (always use Read mode for decryption).
CryptoStream cryptoStream = new CryptoStream(memoryStream, Decryptor, CryptoStreamMode.Read);
// Since at this point we don't know what the size of decrypted data
// will be, allocate the buffer long enough to hold EncryptedData;
// DecryptedData is never longer than EncryptedData.
byte[] PlainText = new byte[EncryptedData.Length];
// Start decrypting.
int DecryptedCount = cryptoStream.Read(PlainText, 0, PlainText.Length);
memoryStream.Close();
cryptoStream.Close();
// Convert decrypted data into a string.
string DecryptedData = Encoding.Unicode.GetString(PlainText, 0, DecryptedCount);
// Return decrypted string.
return DecryptedData;
}
catch (Exception exception)
{
return (exception.Message);
}
}


private void btnEncrypt_Click(object sender, EventArgs e)
{
txtEncryption.Text= Encrypt(txtPassword.Text);
}

private void btnDecrypt_Click(object sender, EventArgs e)
{
MessageBox.Show(Decrypt(txtEncryption.Text));
}


}
}