开发者

Iterative / Additive MD5

开发者 https://www.devze.com 2022-12-29 01:43 出处:网络
I need to generate a checksum over a dictionary. Keys and Values. Is there any simple way to accomplish this in an iterative way.

I need to generate a checksum over a dictionary. Keys and Values.

Is there any simple way to accomplish this in an iterative way.

foreach(var item in dic.Keys) checksum += checksum(dic[item]) + checksum(item);

In this case开发者_运维知识库, keys and values could be converted to strings, concatinated and then a single checksum applied over these but is there a better way?

Ideally MD5 but other options could work. Using this to validate data that is passed over a couple of storage methods. The checksum is then encrypted along with some other information (using AES) so I am not horribly worried about an ideal, unbreakable checksum.


Generating a signature is pretty much the same process all over: create a MD5 hash object, then you digest all the bytes of interest, then you extract the hash value. The important thing is that you and the verifier agree on the bytes to hash and on the order they are hashed.

In C# you can achieve this by calling HashAlgorithm.TransformBlock repeatedly, and then finally calling HashAlgorithm.TransformFinalBlock. This is automated by using a CryptoStream with a HashTransform (MD5 implements ICryptoTransform) and then simply writing your dictionary into the crypto stream.

As aside note, countless protocols and crypto schemes that digest a hash and encrypt it were humiliated in the wild. I would suggest taking the beaten path and use well established industry standards::

  • Use a HMAC, see HMACMD5
  • Use an RSA signature (ie. private key encryption of an MD5 hash), and save your self from all key provisioning and master secret exchange problems, see RSACryptoServiceProvider.SignHash


Answered my own question I think....

GetHashCode() on each item. Add them in an unchecked {} environment. Too simple.


You should not be writing any new code relying on MD5. It's deprecated, and for some extremely solid reasons. You should look at SHA-256, or at the very least SHA-1, instead

And you should take Remus' advice. Cryptography + hashes = digital signatures. Pull something down off a shelf (just not XML-Security, please!), learn it, use it, and get on to other interesting parts of your project.

0

精彩评论

暂无评论...
验证码 换一张
取 消