I was working on some password hashing stuff and ran into a gotcha I thought I’d pass along.

When you have code like the following:

Byte[] data = Encoding.ASCII.GetBytes(pass);
SHA1Managed sham = new SHA1Managed();
Byte[] hash = sham.ComputeHash(data);
string result = "";
foreach (Byte b in hash)
{
result += b.ToString("X"); // convert byte to hex
}
return result;

You’ll get some odd errors. The reason is that statement with the ToString(”X”) call in it. I found out the hard way that this only returns a single character when the value should have a leading zero in it: “D” instead of “0D”.

Use ToString(”X2″) to get the properly-formatted value.

(h/t Anthony Ogden for the sample source code)

Blogged with Flock

Tags: Hex, SHA1, ToString, C#