Completely solve the problem that ASP. NET MD5 encrypts Chinese characters and ASP is inconsistent

Source: Internet
Author: User

When the string to be MD5 encrypted does not contain Chinese characters, the encryption result of ASP. NET is the same as that of ASP: CopyCode The Code is as follows: Response. Write (formsauthentication. hashpasswordforstoringinconfigfile ("www.mzwu.com", "MD5 "));
// Result: d66e1f138689b9b5aa4c520d9eaffb61 Copy code The Code is as follows: Response. Write (MD5 ("www.mzwu.com", 32 ))
'Result: d66e1f138689b9b5aa4c520d9eaffb61

when the MD5 encrypted string contains Chinese characters, the encryption results are inconsistent: copy Code the code is as follows: response. write (formsauthentication. hashpasswordforstoringinconfigfile ("wooden house", "MD5");
// result: cursor copy Code the code is as follows: response. write (MD5 ("wooden house", 32)
'result: 0a40a901_da023ae7aa17771663a41e

We know that ASP. NET uses the UTF-8 encoding format by default, while ASP uses the gb2312 encoding format, which leads to different Chinese encryption results. Let's see how to make ASP. the encoding result of net is the same as that of ASP. net adopts the gb2312 encoding format, which is formsauthentication. the hashpasswordforstoringinconfigfile () method cannot be implemented. We need to use system. security. cryptography. the computehash method of the md5cryptoserviceprovider object to encrypt:Copy codeThe Code is as follows: md5cryptoserviceprovider MD5 = new md5cryptoserviceprovider ();
Response. Write (bitconverter. tostring (md5.computehash (encoding. getencoding ("gb2312"). getbytes (""). Replace ("-",""));
// Result: 0a40a901_da023ae7aa17771663a41e

It is easy to use UTF-8 encryption:Copy codeThe Code is as follows: md5cryptoserviceprovider MD5 = new md5cryptoserviceprovider ();
Response. Write (bitconverter. tostring (md5.computehash (encoding. getencoding ("UTF-8"). getbytes (""). Replace ("-",""));
// Result: 34d9cbd5164c47058dfa3af832e2d1dc

The problem seems to be a perfect solution. Let's make it better: When the string to be encrypted is transmitted from other pages, the encoding format for other pages may be gb2312 or UTF-8, there may be other encoding formats. How can this problem be solved? You may think it is very easy to use its previous encoding format for encryption? In the actual test, you will find two very serious problems:
1. We do not know the encoding format used when the parameter is passed over;
2. If the two pages use different encoding methods, the parameter values received by the request will be garbled, so do not talk about encryption;

Problem 1 is better solved, requiring the other party to add a parameter description to the encoding format while passing the parameter. Problem 2 is to directly receive the parameter value without using the request, let's talk about the following functions:Copy codeThe Code is as follows:/** // <summary>
/// Perform MD5 encryption on the string
/// </Summary>
/// <Param name = "text"> string to be encrypted </param>
/// <Param name = "charset"> string encoding format </param>
/// <Example> STR = MD5 ("wooden house", "gb2312"); </example>
/// <Returns> </returns>
Public String MD5 (string text, string charset)
{
Return (MD5 (text, charset, false ));
}

/** //


// encrypt the string or parameter value with MD5 encryption
///
/// name of the string or parameter to be encrypted
/// string encoding format
// the encrypted string type is true: parameter Value: false: String
//
Public String MD5 (string text, string charset, bool isarg)
{< br> try
{< br> md5cryptoserviceprovider MD5 = new md5cryptoserviceprovider ();

If (isarg)
{
Namevaluecollection collect = httputility. parsequerystring (request. url. query, encoding. getencoding (charset); // use collect to receive parameter values
If (collect [text]! = NULL)
{
Return bitconverter. tostring (md5.computehash (encoding. getencoding (charset). getbytes (collect [text]. tostring (). Replace ("-","");
}
}
Else
{
Return bitconverter. tostring (md5.computehash (encoding. getencoding (charset). getbytes (text). Replace ("-","");
}
}
Catch {}

Return string. empty;
}

Note 1: namespace to be introduced in the above CodeCopy codeThe Code is as follows: using system. text;
Using system. Web. Security;
Using system. Security. cryptography;
Using system. Collections. Specialized;

How do I convert a 2: 32-bit ciphertext to a 16-bit ciphertext?
the 16-bit ciphertext is a string of 9 to 24 characters including 32-bit ciphertext. For example, "0a40a901_da023ae7aa17771663a41e" → "90da023ae7aa1777"

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.