.net – MD5CryptoServiceProvider ComputeHash Issues between VS 2003 and VS 2008


I have a database application that generates a MD5 hash and compares the hash value to a value in our DB (SQL 2K). The original application was written in Visual Studio 2003 and a deployed version has been working for years.

Recently, some new machines on the .NET framework 3.5 have been having unrelated issues with our runtime. This has forced us to port our code path from Visual Studio 2003 to Visual Studio 2008.

Since that time the hash produced by the code is different than the values in the database.

The original call to the function posted in code is:


I am looking for expert guidance as to whether or not the MD5 methods have changed since VS 2K3 (causing this point of failure), or where other possible problems may be originating from.

I realize this may not be the best method to hash, but utimately any changes to the MD5 code would force us to change some 300 values in our DB table and would cost us a lot of time. In addition, I am trying to avoid having to redeploy all of the functioning versions of this application.

I am more than happy to post other code including the RemoveInvalidPasswordCharactersFromHashedPassword function, or our Text_Scrub if it is necessary to recieve appropriate feedback.

Thank you in advance for your input.

Public Function GenerateMD5Hash(ByVal strInput As String) As String

    Dim md5Provider As MD5

    ' generate bytes for the input string
    Dim inputData() As Byte = ASCIIEncoding.ASCII.GetBytes(strInput)

    ' compute MD5 hash
    md5Provider = New MD5CryptoServiceProvider
    Dim hashResult() As Byte = md5Provider.ComputeHash(inputData)

    Return ASCIIEncoding.ASCII.GetString(hashResult)

End Function

Best Solution

You are basically asking if the MD5 implementation in .Net 1.1 was broken.

I do not think so. I think the problem lies elsewhere.