SHA1CryptoServiceProvider changed in .NET 4

Posted by WebDude on Stack Overflow See other posts from Stack Overflow or by WebDude
Published on 2010-05-31T20:40:39Z Indexed on 2010/05/31 20:43 UTC
Read the original article Hit count: 235

Filed under:

cryptography

|

.net-4.0

|

sha1

I am currently trying to upgrade a project of mine from .NET 3.5 to .NET 4.0

Everything was going really well, all code compiled, all tests passed.
Then I hit a problem deploying to my stagomg environment.
Suddenly my logins were no longer working.

It seems my SHA1 hashed passwords are being hashed differently in .NET 4.

I am using the SHA1CryptoServiceProvider:

SHA1CryptoServiceProvidercryptoTransformSHA1 = new SHA1CryptoServiceProvider();

To test I created a new Visual Studio project with 2 console applications.
The first targeted at .NET Framework 3.5 and the second at 4.0.
I ran exactly the same hashing code in both and different results were produced.

Why is this happening and how can I fix this?
I obviously cannot go update all of my users passwords considering I do not know what they are.

Any help would be greatly appreciated.

© Stack Overflow or respective owner

Related posts about cryptography

Visual Basic Cryptography Question

as seen on Stack Overflow - Search for 'Stack Overflow'
I am trying to mimic the results of some C code that uses the OpenSSL library using the system.security.crytography library in the .net 3.5 world, and I can't seem to get it right. I need some help... part of the issue is my understanding of crytography in general. Here's what is supposed to happen: I… >>> More
External iPhone Cryptography Libs

as seen on Stack Overflow - Search for 'Stack Overflow'
Are there any legal problems using external crypto libs in my iPhone application? I know that Apple has to comply to US cryptography export rules but do I as a developer have any responsibility? How does it work? >>> More
MD5 implementation notes

as seen on Programmers - Search for 'Programmers'
While going through RFC1321, I came across the following paragraph: This step uses a 64-element table T[1 ... 64] constructed from the sine function. Let T[i] denote the i-th element of the table, which is equal to the integer part of 4294967296 times abs(sin(i)), where i is in radians… >>> More
What should web programmers know about cryptography?

as seen on Programmers - Search for 'Programmers'
Should programmers who build websites/web applications understand cryptography? I have no idea how most crypographic algorithms work, and I really don't understand the differences between md5/des/aes/etc. Have any of you found any need for an in-depth understanding of cryptography? I haven't needed… >>> More
Java Cryptography Extension

as seen on Programmers - Search for 'Programmers'
I was told that in order to support AES256 encryption inside my Java app that I would need the JCE with Unlimited Strength Jurisdiction Policy Files. I downloaded this from Oracle and unzipped it and I'm only seeing 2 JARs: local_policy.jar; and US_export_polic.jar I just want to confirm I'm… >>> More

Related posts about .net-4.0

Apt-Get Update: failure to fetch; can't connect to any sources

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I realize there are dozens of "apt-get update: failure to fetch" questions (I read through all I could find), but my present circumstance is unique to 12.04 and it affects all sources; not just launchpad. Additionally, I've tried several different servers in Europe and the U.S. as well as the "main… >>> More
12.04: Apt-Get Update: failure to fetch; can't connect to any sources

as seen on Ask Ubuntu - Search for 'Ask Ubuntu'
I realize there are dozens of "apt-get update: failure to fetch" questions (I read through all I could find), but my present circumstance is unique to 12.04 and it affects all sources; not just launchpad. Additionally, I've tried several different servers in Europe and the U.S. as well as the "main… >>> More
What's New in ASP.NET 4

as seen on Geeks with Blogs - Search for 'Geeks with Blogs'
The .NET Framework version 4 includes enhancements for ASP.NET 4 in targeted areas. Visual Studio 2010 and Microsoft Visual Web Developer Express also include enhancements and new features for improved Web development. This document provides an overview of many of the new features that are included… >>> More
.NET Reflector 6, .NET Reflector Pro, TestDriven.NET, .NET 4.0 and Mono

as seen on Simple Talk - Search for 'Simple Talk'
By now you may well have noticed that .NET Reflector 6 and .NET Reflector Pro are out in the wild. The official launch happened today, although we actually put the software out last Thursday as part of a phased release plan to ensure that everything went smoothly today which, so far, it seems to have… >>> More
Redmine on Apache2 with Passenger issue

as seen on Server Fault - Search for 'Server Fault'
I installed Redmine and run it in Apache2 with the Passenger module. Apache2 boots, Passenger module gets loaded and the Redmine welcome page is shown, however when trying to login or navigate to other parts of the Redmine site, the browser keeps loading and loading and loading forever, although the… >>> More