Geeks With Blogs
The Reluctant Blogger Blogging not because I have to, but because I want to

In the project that I’m working on (let’s call it BrainCredits v2.0), I wanted to integrate a user’s Gravatar into the system (like how StackOverflow does it).

To Gravatar’s credit, they make it very easy to incorporate a user’s image – just hash the user’s email address (which I have) to the end of their URL and you’ll get the image back.  The email address just has to be hashed using the MD5 algorithm, and they provide examples of how to do that in PHP.  Oh, it looks so easy:

echo md5( "MyEmailAddress@example.com " );

It’s a one-liner in PHP – just call md5() passing in the string you want to hash and you’ll get your hash back.  There must be a similar method in C#, right?  As far as I can tell, there isn’t.  You have to:

  1. instantiate the MD5CryptoServiceProvider,
  2. convert your string to a byte array,
  3. run that byte array through the crypto provider to compute the hash (and get a byte array back)
  4. and instead of just converting that byte array back to a string, you need to run through each byte and convert it via this:
myByte.ToString("x2").ToLower()

Now you have your string.  Lots of work, especially compared to PHP.  Perhaps this is why so many developers go towards PHP?  Anyway, I need to generate this hash, and decided to create an Extension Method for it.  My full code looks like this:

using System.Text;

namespace System
{
    public static class StringExtensions
    {
        public static String MD5(this String stringToHash)
        {
            var md5 = new System.Security.Cryptography.MD5CryptoServiceProvider();
            byte[] emailBytes = System.Text.Encoding.UTF8.GetBytes(stringToHash.ToLower());
            byte[] hashedEmailBytes = md5.ComputeHash(emailBytes);
            System.Text.StringBuilder sb = new StringBuilder();
            foreach (var b in hashedEmailBytes)
            {
                sb.Append(b.ToString("x2").ToLower());
            }
            return sb.ToString();
        }
    }
}

 

You would call it like this:

String emailToHash = "dhoerster@gmail.com";
String hashedEmail = emailToHash.MD5();

 

Oh, that’s easy!  And it makes sense.

Well, I hope this helps someone, and maybe there will be some suggestions on how to improve this.  Good luck!

Posted on Monday, August 1, 2011 7:53 AM BrainCredits , C# | Back to top


Comments on this post: Creating a PHP MD5() Extension Method for C#

# re: Creating a PHP MD5() Extension Method for C#
Requesting Gravatar...
@thomosbin - thanks!
Left by David Hoerster on Aug 02, 2011 8:57 AM

# re: Creating a PHP MD5() Extension Method for C#
Requesting Gravatar...
hello admin,

You can do it the same as the code below:

FormsAuthentication.HashPasswordForStoringInConfigFile(password, "MD5");

Regards,
Nguyen
Left by quachnguyen on Aug 04, 2011 5:01 AM

# re: Creating a PHP MD5() Extension Method for C#
Requesting Gravatar...
Since MD5CryptoServiceProvider implements IDisposable, it's a good idea to write:
using (var md5 = new MD5CryptoServiceProvider())

Also, since this is a general purpose MD5 method, it's not a good idea to lower the string before hashing it. Might be the right way to do it for Gravatar, but for hashing passwords, it lowers security.
A method like GenerateGravatarUrl could do that lowercasing instead.
Left by Erik Juhlin on Aug 08, 2011 9:08 AM

# re: Creating a PHP MD5() Extension Method for C#
Requesting Gravatar...
@Nguyen - I may not have access to FormsAuth, so I needed something more low-leveled. But that's good to know - thanks.
Left by David Hoerster on Aug 10, 2011 1:08 PM

# re: Creating a PHP MD5() Extension Method for C#
Requesting Gravatar...
@Erik - thanks for the feedback. Yes, I'll updated my code to use the using block. I'll also take the lowering of the string into my security consideration. Thanks again!
Left by David Hoerster on Aug 10, 2011 1:10 PM

# re: Creating a PHP MD5() Extension Method for C#
Requesting Gravatar...
Thanks very much for this Post!!!!
Left by Farhan khan on Jul 26, 2013 2:27 AM

Your comment:
 (will show your gravatar)


Copyright © David Hoerster | Powered by: GeeksWithBlogs.net