Hi All,
Recently, I'm deleveoping the extend application (.net 2.0) to generate the password, encrpyte the password using MD5 and insert it into Database for Client Login in Website(.net 1.1 Platform)
After developed the extend program, some of my user reported that some of the password cannot be using in website.
When I checked the coding for encryption, there's some problem that I found.
Here's my part of the encryption method.
Collapse
public string encryptStr(stri ng strPassword)
{
MD5 md5 = new MD5CryptoServic eProvider();
byte[] pwd = Encoding.Unicod e.GetBytes(strP assword);
string ePwd = Encoding.Unicod e.GetString(md5 .ComputeHash(pw d));
return ePwd;
}
If you just run it in Debug Mode, input to Password " you may not find any differ for the String Value "ePwd" in Platform .net 1.1 and 2.0
Using "ePwd" Convert to Byte[] again, you finds that the "pwd" is not same as the Convert Byte Value.
Here's the projects for VS 2003 and VS 2008.
Recently, I'm deleveoping the extend application (.net 2.0) to generate the password, encrpyte the password using MD5 and insert it into Database for Client Login in Website(.net 1.1 Platform)
After developed the extend program, some of my user reported that some of the password cannot be using in website.
When I checked the coding for encryption, there's some problem that I found.
Here's my part of the encryption method.
Collapse
public string encryptStr(stri ng strPassword)
{
MD5 md5 = new MD5CryptoServic eProvider();
byte[] pwd = Encoding.Unicod e.GetBytes(strP assword);
string ePwd = Encoding.Unicod e.GetString(md5 .ComputeHash(pw d));
return ePwd;
}
If you just run it in Debug Mode, input to Password " you may not find any differ for the String Value "ePwd" in Platform .net 1.1 and 2.0
Using "ePwd" Convert to Byte[] again, you finds that the "pwd" is not same as the Convert Byte Value.
Here's the projects for VS 2003 and VS 2008.