sha1 will make you feel more secure(c#)

I will share you my c# dll that will get string to sha1

1. download the DLL file View attachment $sha1.zip
this is dll code

Code (csharp):

1.  
2. using System;
3. using System.Collections.Generic;
4. using System.Linq;
5. using System.Text;
6. using System.Security.Cryptography;
7.  
8. namespace sha1
9. {
10.     public class toSha1
11.     {
12.  
13.         public string Sha1Sum(string strToEncrypt)
14.         {
15.             UTF8Encoding ue = new UTF8Encoding();
16.             byte[] bytes = ue.GetBytes(strToEncrypt);
17.  
18.             // encrypt bytes
19.             SHA1 sha = new SHA1CryptoServiceProvider();
20.             byte[] hashBytes = sha.ComputeHash(bytes);
21.  
22.             // Convert the encrypted bytes back to a string (base 16)
23.             string hashString = "";
24.  
25.             for (int i = 0; i < hashBytes.Length; i++)
26.             {
27.                 hashString += Convert.ToString(hashBytes[i], 16).PadLeft(2, '0');
28.             }
29.  
30.             return hashString.PadLeft(32, '0');
31.         }
32.     }
33. }
34.  
35.  

2. Make it work like this....

put it to your project just drag and drop like an object to project tab in unity.

to use make new c# script file and inside it call the sha1.

Code (csharp):

1. using sha1;

after call new class toSha1 to use it.
for example

Code (csharp):

1. toSha1 sha = new toSha1();

and use function Sha1Sum().
for example

Code (csharp):

1. shaString = sha.Sha1Sum("admin");

class is " toSha1 "

function is " Sha1Sum() " using "Sha1Sum([String to Encode])";

this is my final code

Code (csharp):

1.  
2. using UnityEngine;
3. using System.Collections;
4. using sha1;
5. public class sha1string : MonoBehaviour {
6.    
7.     toSha1 sha = new toSha1();
8.     public string shaString;
9.     // Use this for initialization
10.     void Start () {
11.      shaString = sha.Sha1Sum("admin");
12.         print(shaString);
13.     }
14.    
15.     // Update is called once per frame
16.     void Update () {
17.    
18.     }
19. }
20.  
21.  

 

I voted no since Sha1 hashes can easily be decrypted, theres loads of online decrypters for it.

 

Hmmm...

Trust a completely random guy who wants us to:

A) Download a .zip.

B) Use his closed .dll.

Or simply create your own implementation using well established .net libraries:

http://pastebin.com/C02AqsYT

Edit:

SHA1 not secure enough?

http://msdn.microsoft.com/en-us/library/system.security.cryptography.aspx

 

Let me show all code of dll if you not trust me.

Code (csharp):

1. using System;
2. using System.Collections.Generic;
3. using System.Linq;
4. using System.Text;
5. using System.Security.Cryptography;
6.  
7. namespace sha1
8. {
9.     public class toSha1
10.     {
11.  
12.         public string Sha1Sum(string strToEncrypt)
13.         {
14.             UTF8Encoding ue = new UTF8Encoding();
15.             byte[] bytes = ue.GetBytes(strToEncrypt);
16.  
17.             // encrypt bytes
18.             SHA1 sha = new SHA1CryptoServiceProvider();
19.             byte[] hashBytes = sha.ComputeHash(bytes);
20.  
21.             // Convert the encrypted bytes back to a string (base 16)
22.             string hashString = "";
23.  
24.             for (int i = 0; i < hashBytes.Length; i++)
25.             {
26.                 hashString += Convert.ToString(hashBytes[i], 16).PadLeft(2, '0');
27.             }
28.  
29.             return hashString.PadLeft(32, '0');
30.         }
31.     }
32. }
33.  

 

if you use your secure key with your string you will never get the result of sha1 encrypted string

for example

i know that sha1("admin") = d033e22ae348aeb5660fc2140aec35850c4da997;

but who can guess that i randoom my key and concatenate it with admin string for example

randoom key 8651161651

sha1("8651161651admin") = 0996b398d36ae56b7d1faf8b337bd335fe9ca71f;

any questions?

 

NPSF3000 you realy dont like my post`s mate

 

I only realized it was you after the fact

But, especially for things that are security related you broke so many basic rules. While I didn't actually think it was a scam, if you start getting people to think that's a secure way of doing things they'll be like lambs to the slaughter when a really baddy comes.

On the other hand, the releasing of your source code, absolutely perfect It allows peer review, learning, and is easier to use!

+1

Edit:

For something like this, I'd make it static - that way you don't need to instantiate it.

 

Online decryptors of sha1 actually not decrypting, it searchs the same sha1 string that in database and show to you the string that earlier was defined by some persone.

 

Yeah its true .

 

For the people who found this unclear. Here is some more information on it:
http://en.wikipedia.org/wiki/Salt_(cryptography)

 

What? Where did you find that? SHA1 has not been openly broken....Sure there are Rainbow tables for simple things but SHA1 is still secure. Using a salt can better secure your data.

 

That is called a Rainbow Table.

 

Just a public service announcement.

MD5 is completely broken. SHA-1 isn't completely broken, but finding collisions has been getting easier over the past decade. If MD5 taught us anything, we should expect SHA-1 to be cracked within a decade or so.

Certificate authorities, the guys who say your bank is really your bank, are currently moving away from SHA-1 and moving towards SHA-2. Microsoft, and thus Windows, will stop accepting certificates signed with SHA-1 in 2017. Secure government agencies are already required to use SHA-2.

If someone's picking up the Cryptography namespace, might as well learn the latest and greatest!