WE Have A Database of Hashed Passwords, Created Via A C # Windows App And Queried Using PHP. I Wrote The Following Code:
Private void btnhashit_click (Object Sender, System.Eventargs E)
{
Byte [] plaintext = system.text.encoding.Unicode.getbytes (this.textBox1.text);
MD5CryptoserviceProvider Hasher = New MD5CryptoServiceProvider ();
Byte [] hash = Hasher.computehash (plaintext);
String strhex = "";
Foreach (Byte B in Hash)
{
Strhex = String.Format ("{0: x2}", b);
}
this.TextBox2.text = strhex;
}
The password that's generated from this app is then placed in the database. On the front end a PHP script captures the password, hashes it, then compares it to the value in the database. The trouble is they're not the same. :( After a bit of thinking and a bit of testing I realised it was because I was hashing the unicode version of the password and PHP was hashing the ASCII version. I changed the line byte [] plainText = System.Text.Encoding.Unicode.GetBytes (THIS.TEXTBOX1.TEXT); to byte [] plaintext = system.text.Encoding.ascii.getBytes (this.textbox1.text); and it works.
