今天在开发一个软件时,同时在B/S版和C/S版中都要用到MD5加密,在
ASP.NET中使用的是
/**//// <summary>
/// 取得MD5加密串
/// </summary>
/// <param name="input">源明文字符串</param>
/// <returns>密文字符串</returns>
public static string GetMD5Hash(string input)
...{
return System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile(strOriginal, "MD5");
}
的加密方式;
而在WinForm中用的是
/**//// <summary>
/// 取得MD5加密串
/// </summary>
/// <param name="input">源明文字符串</param>
/// <returns>密文字符串</returns>
public static string GetMD5Hash(string input)
...{
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
byte[] bs = System.Text.Encoding.Default.GetBytes(input);
bs = md5.ComputeHash(bs);
System.Text.StringBuilder s = new System.Text.StringBuilder();
foreach (byte b in bs)
...{
s.Append(b.ToString("x2").ToUpper());
}
string password = s.ToString();
return password;
}
但发现同样一个字符串,两种方式得出的密文是不一样的,最后才发现原来是编码方式导致的,ASP.NET里默认的是UTF-8编码,把WinForm程序里的System.Text.Encoding.Default.GetBytes(input);替换成System.Text.Encoding.UTF8.GetBytes(input);即可
最终正确版:
/**//// <summary>
/// 取得MD5加密串
/// </summary>
/// <param name="input">源明文字符串</param>
/// <returns>密文字符串</returns>
public static string GetMD5Hash(string input)
...{
System.Security.Cryptography.MD5CryptoServiceProvider md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
byte[] bs = System.Text.Encoding.UTF8.GetBytes(input);
bs = md5.ComputeHash(bs);
System.Text.StringBuilder s = new System.Text.StringBuilder();
foreach (byte b in bs)
...{
s.Append(b.ToString("x2").ToUpper());
}
string password = s.ToString();
return password;
}