Tuesday, March 15, 2011

How to Verify a Hash Value in console application.


To verify a hash value:
Get the original data and the secret hash.
Create a byte array to hold the hash to compare against the original hash.
Convert the original data to a byte array or stream.
Create a hash object to generate the comparison hash.
Call the ComputeHash method.

You can compare data to a hash value to determine its integrity. In most situations, you hash the data at a certain time and protect it in some way. Later, you or the party to which you send the data will hash the data again and compare the newly hashed data to the protected hash value. If the hash values match, the data is unaltered. However, if the values do not match, the data is corrupted. For this system to work, you must encrypt the protected hash or keep it secret from all parties whom you do not trust.

Verifying a Hash Value
 The following steps are applicable across all .NET Framework classes that perform hash operations:

1. Obtain the original data and the stored secret hash value of that data.
2. Create a byte array variable to hold the new hash value to compare with the hash value from     Step 1.
3. Convert the original data into a byte array or stream object that the ComputeHash method can process.
4. Create an object instance of the class that you used to generate the original hash value. For example, you can create an MD5 object, a SHA1 object, or one of the objects that implement these algorithms.
5. Call the ComputeHash method by passing the object that you created in Step 3, and
    assign its result to the byte array that you created in Step 2.

Example of verify  Hash value:
using System;
using System.Security.Cryptography;
using System.Text;
class Class1
{
    static void Main()
{
//This hash value is produced from "This is the original message!"
//using SHA1Managed.
byte[ ] SentHashValue = {59,4,248,102,77,97,142,201,210,
12,224,93,25,41,100,197,213,134,130,135};
//This is the string that corresponds to the previous hash value.
string MessageString = "This is the original message!";
byte[ ] CompareHashValue;
//Create a new instance of the UnicodeEncoding class to
//convert the string into an array of Unicode bytes.
UnicodeEncoding UE = new UnicodeEncoding();
//Convert the string into an array of bytes.
byte[ ] MessageBytes = UE.GetBytes(MessageString);
//Create a new instance of the SHA1Managed class to create
//the hash value.
SHA1Managed SHhash = new SHA1Managed();
//Create the hash value from the array of bytes.
CompareHashValue = SHhash.ComputeHash(MessageBytes);
bool Same = true;
//Compare the values of the two byte arrays.
for(int x = 0; x < SentHashValue.Length;x++)
{
if (SentHashValue[x] != CompareHashValue[x])
{
Same = false;
}
}
//Display whether the hash values are the same.
if(Same)
{
Console.WriteLine("The hash codes match.");
}

else
{
Console.WriteLine("The hash codes do not match.");
}
Console.ReadLine();
}
}

Note: examples use the SHA1Managed class to verify a hash value. The code creates a byte array that contains the first hash value and a string that contains the original message. It then creates a second byte array to hold the hash value to compare against the original. The code then uses a UnicodeEncoding object to convert the original message into a byte array, creates a SHA1Managed object, and calls the ComputeHash method to generate a hash value of the original message. It then compares the sent hash value with the newly generated hash value and sends a message to the console based on whether the two hash values match.
Output is display below:


No comments:

Recent Posts