asp.net implement MD5 encryption

MD5 encryption is simply to find a ciphertext by a certain operation. The encryption method of MD5 in ASP.NET is very simple. See below for details.

 

MD5 encryption is simply to find a ciphertext by a certain operation. For example: plain text: abcdefg through some column operations to get ciphertext 7ac66c0f148de9519b8bd264312c4d64

It has two characteristics: 1. no collision, 2. irreversible.

1. No collision means:

7ac66c0f148de9519b8bd264312c4d64 This ciphertext can only be obtained from the plaintext of abcdefg. Otherwise, the other plaintext encryption values will never be equal to 7ac66c0f148de9519b8bd264312c4d64, which means that the same ciphertext will be obtained without the two plaintext encryptions.

2. Irreversible means:

The plaintext is encrypted to obtain the ciphertext, and the plaintext cannot be obtained through the ciphertext. That is to say, when we know that the plain text adcdefg can be encrypted to get 7ac66c0f148de9519b8bd264312c4d64, but if we know that a certain paragraph of text is encrypted, we get 7ac66c0f148de9519b8bd264312c4d64, but we can't figure out who the 7ac66c0f148de9519b8bd264312c4d64 text is encrypted.

 

Then some students will ask, where should they be used?

Generally speaking, when we are doing the website login system, the passwords are all stored in cipher text. Generally, MD5 encryption is used.

After the user fills in the username and password and clicks the registration, we verify that the user information must be stored in the database. The password entered by the user must be encrypted by MD5 to store the encrypted ciphertext. Field.

Then some students will carefully discover that MD5 encryption is just irreversible. How do users judge whether the password entered by the user is correct when they log in?

For example, the password set by the user is abcdefg, and when storing, the value obtained by abcdefg after encryption is 7ac66c0f148de9519b8bd264312c4d64, then the user will enter the password abcdefg when logging in again. How do we compare the two?

We can't convert the pre-encrypted value by the encrypted value. Therefore, it is common practice to compare the password entered when the user logs in again with the value stored in the database. If they are equal, the entered password is correct.

OK, the basic principles and application scenarios are basically the same, and finally talk about how to perform MD5 encryption in ASP.NET.

The encryption method of MD5 in ASP.NET is very simple, the code is as follows:

FormsAuthentication.HashPasswordForStoringInConfigFile(str, "MD5").ToLower();

It should be noted that if the MD5 encryption is converted to lowercase, then it should be converted to lowercase during verification and kept uniform. In addition, the above method is a 32-bit MD5 encryption method, and if it is 16 bits, the value of the middle 16 bits of the 32-bit encryption result can be obtained.

Here are some examples, let's take a look

/// <summary>
        /// MD5 encrypted string
        /// </summary>
        /// <param name="strSource">encrypted string</param>
        /// <param name="sEncode">Encoding method, such as: UTF-8</param>
        /// <returns>Encrypted string</returns>
        Public static string Get_MD5(string strSource, string sEncode)
        {
            //"UTF-8"
            //new
            System.Security.Cryptography.MD5 md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
            / / Get ciphertext byte array
            Byte[] bytResult = md5.ComputeHash(System.Text.Encoding.GetEncoding(sEncode).GetBytes(strSource));
            / / Convert to a string, and take 9 to 25
            //string strResult = BitConverter.ToString(bytResult, 4, 8);
            / / Convert to a string, 32 bits
            String strResult = BitConverter.ToString(bytResult);
            //BitConverter converts the string to produce a separator between each character, which needs to be removed.
            strResult = strResult.Replace("-", "");
            Return strResult.ToUpper();
        }