Solve ASP.net MD5 encrypted Chinese results and ASP inconsistent problems

Solve ASP.net MD5 encrypted Chinese results and ASP inconsistent problems _ practical skills

Last Update:2017-01-19 Source: Internet

Author: User

Tags md5 md5 encryption

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

When the string to be MD5 encrypted does not contain Chinese, then the ASP.net encryption result is consistent with the ASP:

Copy Code code as follows:

Response.Write (FormsAuthentication.HashPasswordForStoringInConfigFile ("www.mzwu.com", "MD5"));
Result: D66e1f138689b9b5aa4c520d9eaffb61

Copy Code code as follows:

Response.Write (MD5 ("www.mzwu.com", 32))
' Result: d66e1f138689b9b5aa4c520d9eaffb61

When the string to be MD5 encrypted contains Chinese, the encryption result of the two is inconsistent:

Copy Code code as follows:

Response.Write (FormsAuthentication.HashPasswordForStoringInConfigFile ("Wooden House", "MD5"));
Result: 34D9CBD5164C47058DFA3AF832E2D1DC

Copy Code code as follows:

Response.Write (MD5 ("Wooden House", 32))
' Result: 0a40a90190da023ae7aa17771663a41e

We know that ASP. NET defaults to use the Utf-8 encoding format, and the ASP is using the GB2312 encoding format, it is because of the different encoding format, which led to the difference between the two Chinese encryption results. Let's see how we can get ASP.net's coding results as well as the ASP, which means that the asp.net should be gb2312 encoded, which formsauthentication.hashpasswordforstoringinconfigfile () method is not available, we have to use the ComputeHash method of the System.Security.Cryptography.MD5CryptoServiceProvider object to encrypt:

Copy Code code as follows:

MD5CryptoServiceProvider MD5 = new MD5CryptoServiceProvider ();
Response.Write (Bitconverter.tostring (Md5.computehash) (Encoding.GetEncoding ("gb2312"). GetBytes ("Wooden House")). Replace ("-", ""));
Result: 0a40a90190da023ae7aa17771663a41e

It is also very easy to use UTF-8 encryption:

Copy Code code as follows:

MD5CryptoServiceProvider MD5 = new MD5CryptoServiceProvider ();
Response.Write (Bitconverter.tostring (Md5.computehash) (Encoding.GetEncoding ("Utf-8"). GetBytes ("Wooden House")). Replace ("-", ""));
Result: 34D9CBD5164C47058DFA3AF832E2D1DC

The problem seems to be a more perfect solution, let's refine it: when the strings to be encrypted are passed in from other pages, the encoding format used by other pages may be gb2312, possibly utf-8, and possibly other coding formats, how to solve them? You might think it's easy to use its previous encoding format for encryption. In the actual test you will find two very serious problems:
1. We do not know what encoding format is used when the parameter is transmitted;
2. If two pages use different encoding methods, then request received the parameter value will be garbled, then do not talk about encryption;

Problem 1 is better than a good solution, require the other side to pass the parameters must be added to the code format, the problem 2 solution is not to use request directly receive parameter values, nonsense not to say, look at the following function:

Copy Code code as follows:

/**////<summary>
MD5 encryption on a string
</summary>
<param name= "Text" > string to encrypt </param>
<param name= "CharSet" > string encoding Format </param>
<example>str = MD5 ("Wooden House", "gb2312");</example>
<returns></returns>
public string MD5 (string text, String charset)
{
Return (MD5 (text, CharSet, false));
}

/**////<summary>
MD5 encryption of a string or parameter value
</summary>
<param name= "Text" > string or parameter name to encrypt </param>
<param name= "CharSet" > string encoding Format </param>
<param name= "Isarg" > Cryptographic String Type true: Parameter value false: String </param>
<returns></returns>
public string MD5 (string text, String charset, bool Isarg)
{
Try
{
MD5CryptoServiceProvider MD5 = new MD5CryptoServiceProvider ();

if (Isarg)
{
NameValueCollection Collect = httputility.parsequerystring (Request.Url.Query, Encoding.GetEncoding (CharSet)); Using collect to receive parameter values
if (Collect[text]!= null)
{
Return bitconverter.tostring (Md5.computehash encoding.getencoding (CharSet). GetBytes (Collect[text]. ToString ())). Replace ("-", "");
}
}
Else
{
Return bitconverter.tostring (Md5.computehash encoding.getencoding (CharSet). GetBytes (text)). Replace ("-", "");
}
}
Catch {}

return string. Empty;
}

Description 1: The namespace that the top code needs to introduce

Copy Code code as follows:

Using System.Text;
Using System.Web.Security;
Using System.Security.Cryptography;
Using System.Collections.Specialized;

Illustration 2: How to convert 32-bit ciphertext into 16-bit?
16-bit redaction is a 32-bit cipher with 9 to 24 characters. such as: "0a40a90190da023ae7aa17771663a41e" → "90da023ae7aa1777"

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More