Sign In
Create Account
Follow Us on Twitter
Subscribe on Youtube
3
You may have noticed that many sites provide MD5 or SHA hashes of their downloads. These hashes serve as a sort of fingerprint for that file; and a smart developer will check these signatures before using downloaded source or whatever else. Because if the signature of the file downloaded, does not match the signature provided, then you know the file has been tampered with, and cannot be trusted.
Anyways, I'm not an expert on the topic, and I urge you to ask any questions, I may rely on the community or Google to try and provide accurate answers, especially if those questions start with how does the MD5 algorithm work? :c-smile:
To start with, I'm going to ask that you make certain that you are using the following namespaces:
using System.Text; using System.IO; using System.Security.Cryptography;
The Text namespace gives us access to StringBuilder, which we will use to generate the hash signature.
Now to generate a hash, with a crypto provider, you're basically doing this.
hash = provider.ComputeHash(data)
Understood? Great! So, how do you get the data in from the file, and how do you make it human readable?
You start by creating your crypto provider
MD5 crypto_provider = MD5.Create();
Then, you need to provide a way to feed the file into the provider. The easiest and most efficient way I could figure to do this, is with a stream. While some people will read the entire file into memory before computing the hash, it's not feasible or really scalable, especially with large files like DVD images.
using (Stream input_stream = File.OpenRead(@"/path/to/file")) {
crypto_provider.ComputeHash(input_stream);
}
we're almost there, yes, this would compute the hash, but no, it's not human readable. In order to do that, we need to encode the data into a string. And this is pretty easy to do.
StringBuilder sb = new StringBuilder();
using (Stream input_stream = File.OpenRead(@"/path/to/file")) {
foreach (byte b in crypto_provider.ComputeHash(input_stream))
sb.Append(b.ToString("X2").ToLower());
}
string signature = sb.ToString();
let's tie this all together.
example from a console application.
MD5 crypto_provider = MD5.Create ();
string path = @"/home/mike"; //or something like @"C:\"
StringBuilder sb;
Console.WriteLine ("Printing Signatures For: {0}", path);
foreach (string file_path in Directory.GetFiles (path, "*", SearchOption.TopDirectoryOnly)) {
using (Stream input_stream = File.OpenRead (file_path)) {
sb = new StringBuilder ();
foreach (byte b in crypto_provider.ComputeHash (input_stream)) {
sb.Append (b.ToString ("X2").ToLower ());
}
Console.WriteLine ("\t{0} - {1}", file_path, sb);
}
}
Console.WriteLine ("Press <Enter> to terminate...");
Console.ReadLine ();
As always, hope you enjoyed it. You should also know that you can do lots of other interesting things with this. This is the type of thing that is done with the "storing secrets" article I posted the other day, however I used a much stronger algorithm for that.
You can also get creative with what you're checking, see Stream is a pretty abstract class. You could connect that to a Memory Stream, a Network Stream, it shouldn't really matter.
Anyways, have fun, let me know what you think, and anything you come up with.
Edited by sam_coder, 13 December 2010 - 02:13 PM.
still having issues with your / you're =)
Back to top
