I am trying to generate a Unix-Style password hash using MD5. I undestand that I need it to look like $1$<salt>$<hash>
, but the <hash>
part does not look the same, no matter what I do. Here is how I generate the hash:
MD5 md5 = System.Security.Cryptography.MD5.Create();
byte[] inputBytes = System.Text.Encoding.UTF8.GetBytes(pass);
byte[] hash = md5.ComputeHash(inputBytes);
StringBuilder sb = new StringBuilder();
for (int i = 0; i < hash.Length; i++)
{
sb.Append((char) hash[i]);
}
String calchash = sb.ToString();
I am pretty sure that it is now I am using the StringBuilder
to make a string from the hashed bytes. But I don't know what the right settings would be.
Unix md5 crypt doesn't use plain md5. That would be insecure, because plain md5 is fast, and password hashes should be slow.
I found a relevant code-project article: http://www.codeproject.com/KB/recipes/Unix_md5crypt.aspx
It's about formatting. The Unix password hash is in hex format, while you're writing it down in binary. Replace the loop body with:
sb.Append(hash[i].ToString("x").PadLeft(2,'0'));
I think you should use hash[i].ToString("X") instead of just converting to char. Because hash bytes may be in any range from 0 to 255, which is not like md5 hash is looking.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.