Hash a string (MD5) in TCL on IOS

Similar Messages

• Small unique hash for Strings???

  I have a list of Strings that can have maximum length 25.
  I want to map each String to another unique String that is 25 character long.
  One way i try was to use md5 (Java Security API) but the md5 hash(in hex) generated for
  each String was around 40 character long! but i only have 25 character length
  (yes i can not increase it due to some reason).
  Is there any way to map a String on another hash or String that is unique?
  regards,
  TH

  well, the md5 hash is 16 bytes. You can encode this as 32 characters using ASCII hex encoding. You can then keep the first 25 bytes and throw the rest away. That is one solution.
  A better solution is to base64 encode the md5 hash. The base64 encoding of 16 bytes takes only 22 characters, so this is better.
  When using md5, or any other cryptographic hash function, there is very small probability of having two strings hash to the same value at random. Using the methods outlined above, this probability is neglible. However, there are recent cryptanalytic results on md5 and even sha1 that show that, in certain scenarios, it may be much easier to choose a string that hashes to the same value as another string.
  Perhaps the best option is to investigate algorithms for constructing what are called perfect hash functions. Just google "perfect hash function".

• Hashing a string

  Using Oracle 10g R2.
  I want to hash a string using SHA-1 and the documentation that comes with 10g R2 talks about using the DBMS_CRYPTO package. It apparently has a nice little Hash function where you pass it your string and the type of crypto you want to use.
  Unfortunately there isn't a DBMS_CRYPTO package.
  There is however a DBMS_CRYPTO_TOOLKIT package which also has a Hash function in it, but this seems to take a few more parameters including "Persona"'s etc. and there's no documentation on this package included in the Oracle documentation.
  All I want to do is generate a SHA-1 hash value for a string.
  Can anyone give me any pointers please.
  Cheers

  Through both TOAD and SQL*Plus (logged on as sys user) it doesn't exist...
  (output from SQL Plus session)
  SQL> exec dbms_crypto.hash('a');
  BEGIN dbms_crypto.hash('a'); END;
  ERROR at line 1:
  ORA-06550: line 1, column 7:
  PLS-00201: identifier 'DBMS_CRYPTO' must be declared
  ORA-06550: line 1, column 7:
  PL/SQL: Statement ignored
  SQL> exec dbms_crypto_toolkit.hash('a');
  BEGIN dbms_crypto_toolkit.hash('a'); END;
  ERROR at line 1:
  ORA-06550: line 1, column 7:
  PLS-00306: wrong number or types of arguments in call to 'HASH'
  ORA-06550: line 1, column 7:
  PL/SQL: Statement ignoredThe dbms_crypto_toolkit exists, but not the dbms_crypto package.

• How can I hash with the MD5 for file

  I am a new learner in Java.
  Is there any useful code example or materials for me to learn how can i hash with MD5 for file.

  import java.security.*;
  import sun.security.provider.Sun;
  import java.io.*;
  import sun.misc.*;
  public class DigestOfFile
      public DigestOfFile(String mode) throws Exception
          assert(mode != null);
          digestAgent = MessageDigest.getInstance(mode, "SUN");
      synchronized public byte[] digestAsByteArray(File file) throws Exception
          assert(file != null);
          digestAgent.reset();
          InputStream is = new BufferedInputStream(new FileInputStream(file));
          for (int bytesRead = 0; (bytesRead = is.read(buffer)) >= 0;)
              digestAgent.update(buffer, 0, bytesRead);
          is.close();
          byte[] digest = digestAgent.digest();
          return digest;
      synchronized public String digestAsBase64(File file) throws Exception
          byte[] digest = digestAsByteArray(file);
          String digestAsBase64 = base64Encoder.encode(digest);
          return digestAsBase64;
      synchronized public String digestAsHex(File file) throws Exception
          byte[] digest = digestAsByteArray(file);
          String digestAsHex = encodeBytesAsHex(digest);
          return digestAsHex;
      private static String encodeBytesAsHex(byte[] bites)
          char[] hexChars = new char[bites.length*2];
          for (int charIndex = 0, startIndex = 0; charIndex < hexChars.length;)
              int bite = bites[startIndex++] & 0xff;
              hexChars[charIndex++] = HEX_CHARS[bite >> 4];
              hexChars[charIndex++] = HEX_CHARS[bite & 0xf];
          return new String(hexChars);
      private static final char[] HEX_CHARS =
      {'0','1','2','3','4','5','6','7','8','9','a','b','c','d','e','f'};
      private MessageDigest digestAgent;
      private BASE64Encoder base64Encoder = new BASE64Encoder();
      private byte[] buffer = new byte[4096];
      public static void main(String[] args)
          try
              java.security.Security.addProvider(new Sun());
              DigestOfFile shaDigestAgent = new DigestOfFile("SHA");
              DigestOfFile md5DigestAgent = new DigestOfFile("MD5");
              for (int argIndex = 0; argIndex < args.length; argIndex++)
                      String base64Digest = shaDigestAgent.digestAsBase64(new File(args[argIndex]));
                      System.out.println("Base64 SHA of " + args[argIndex] + " = [" + base64Digest + "]");
                      String hexDigest = shaDigestAgent.digestAsHex(new File(args[argIndex]));
                      System.out.println("Hex    SHA of " + args[argIndex] + " = [" + hexDigest + "]");
                      String base64Digest = md5DigestAgent.digestAsBase64(new File(args[argIndex]));
                      System.out.println("Base64 MD5 of " + args[argIndex] + " = [" + base64Digest + "]");
                      String hexDigest = md5DigestAgent.digestAsHex(new File(args[argIndex]));
                      System.out.println("Hex    MD5 of " + args[argIndex] + " = [" + hexDigest + "]");
          catch (Exception e)
              e.printStackTrace(System.out);
  }

• MD5 Encryption in cisco IOS

  Hello,
  the encrypted password (MD5) in my Cisco devices is in 30 characters instead of 32.
  could someone let me why is not in 32 characters ? can I see the saved password in 32 characters ?
  Many thanks for your help.
  Regards,

  Check the links below...
  http://www.oracle-base.com/articles/9i/StoringPasswordsInTheDatabase9i.php
  http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14258/d_obtool.htm
  -Ammad

• SOA 10g - Convert string to MD5 hash

  Hi Guys,
  Is there a way apart from using Java to convert a string to MD5 hash in soa bpel process ?
  Thanks
  K

  Sorted it out, used java embedding and it worked, example below of java embedding
  String md5=getVariableData("md5Var").toString(); //this is the variable that needs to be md5 hashed
  try{              
  MessageDigest md = MessageDigest.getInstance("MD5");
  byte[] myByteArray1 = md5.getBytes("UTF-8");
  byte[] myByteArray2 = md.digest(myByteArray1);
  BigInteger bigInt = new BigInteger( 1, myByteArray2);
  String javahashedstring = bigInt.toString(16);
  setVariableData("md5Var", javahashedstring, false); //return md5 hashed variable
  }catch (Exception ex){     
  ex.printStackTrace();
  }

• JPasswordField and MD5 hashes

  I have two methods to make an MD5 String from an entered password in a JPasswordField. Which one is better for security? Can anyone recommend any changes?
  * Create MD5 of password field
  * @param JPasswordField - location of the password
  * @return String - an MD5 hash of the field text
  private String getMD5(javax.swing.JPasswordField field) {
      java.security.MessageDigest md;
      String passwdString = "";
      char[] passwdChars = field.getPassword();
      int i;
      field.setText("");
      // char[] to string and blank out chars
      for (i = 0; i < passwdChars.length; i++) {
          passwdString += passwdChars;
  passwdChars[i] = 0; // blank after for security
  try {
  md = java.security.MessageDigest.getInstance("MD5");
  } catch (java.security.NoSuchAlgorithmException e) {
  return null;
  byte[] passwdMD5 = md.digest(passwdString.getBytes());
  passwdString = "xxxxxxxxxxxxxxxxxxxxxxxxx"; // security
  return dumpBytes(passwdMD5);
  * Create MD5 of password field
  * @param JPasswordField - location of the password
  * @return String - an MD5 hash of the field text
  private String getMD5a(javax.swing.JPasswordField field) {
  java.security.MessageDigest md;
  String MD5;
  try {
  md = java.security.MessageDigest.getInstance("MD5");
  } catch (java.security.NoSuchAlgorithmException e) {
  return null;
  MD5 = dumpBytes(md.digest(new String(field.getPassword()).getBytes()));
  field.setText("");
  return MD5;
  * Byte[] to String conversion
  * @param byte[]
  * @return String
  private static String dumpBytes(byte[] bytes) {
  int i;
  StringBuffer sb = new StringBuffer();
  for (i=0; i<bytes.length; i++) {
  if (i%32 == 0 && i!=0) {
  sb.append("\n");
  String s = Integer.toHexString(bytes[i]);
  if (s.length() < 2) {
  s = "0"+s;
  if (s.length() > 2) {
  s = s.substring(s.length()-2);
  sb.append(s);
  return sb.toString();

  Thanks for the replies.
  Unfortunately I can't get the charsToBytes function to work. For example, if you run the following code you can see that it doesn't seem to give me the correct md5 (if you to to http://pajhome.org.uk/crypt/md5/ and calculate the MD5 for 'test' you will see that function getMD5a works but not getMD5b):
  public class test {
      public static void main(String args[]) {
          new test();
      public test() {
          char[] chars = {'t','e','s','t'};
          System.out.println("Method a: "+getMD5a(chars));
          System.out.println("Method b: "+getMD5b(chars));
      private String getMD5a(char[] passwd) {
          java.security.MessageDigest md;
          String MD5;
          try {
              md = java.security.MessageDigest.getInstance("MD5");
          } catch (java.security.NoSuchAlgorithmException e) {
              return null;
          MD5 = dumpBytes(md.digest(new String(passwd).getBytes()));
          return MD5;
      private String getMD5b(char[] passwd) {
          java.security.MessageDigest md;
          String MD5;
          try {
              md = java.security.MessageDigest.getInstance("MD5");
          } catch (java.security.NoSuchAlgorithmException e) {
              return null;
          MD5 = dumpBytes(md.digest(charsToBytes(passwd)));
          return MD5;
      public static byte[] charsToBytes(char[] chars) {
          byte[] bytes = new byte[chars.length*2];
          int b,c;
          for (b = 0, c = 0; c < chars.length; c++, b+=2) {
              bytes[b] = (byte)((chars[c] >> 8) & 0xFF);
              bytes[b+1] = (byte)(chars[c] & 0xFF);
          return bytes;
      public static String dumpBytes(byte[] bytes) {
          int i;
          StringBuffer sb = new StringBuffer();
          for (i=0; i<bytes.length; i++) {
              if (i%32 == 0 && i!=0) {
                  sb.append("\n");
              String s = Integer.toHexString(bytes);
  if (s.length() < 2) {
  s = "0"+s;
  if (s.length() > 2) {
  s = s.substring(s.length()-2);
  sb.append(s);
  return sb.toString();

• Migrate users from qmail to sun messaging  (import MD5 hashed passwords)

  Hi,
  we are planning to migrate about 2000 users from our current mail system (qmail + openldap) to Sun Messaging 6.2.
  We have encountered a problem with user password migration. In our current ldap user passwords are MD5 encrypted, but it appears as Directory 5.2 does not support MD5 encryption method.
  This is what I have found :
  http://docs.sun.com/source/817-7616/config.html#wp26092
  The following encryption types are supported by Directory Server:
  * SSHA (Salted Secure Hash Algorithm) is the recommended method as it is the most secure.
  * SHA (Secure Hash Algorithm). This is the method supported by 4.x Directory Servers.
  * CRYPT is the UNIX crypt algorithm. It is provided for compatibility with UNIX passwords.
  * If this attribute is set to CLEAR, passwords are not encrypted and appear in plain text.
  We want to import MD5 hashed passwords so users can use their old password after we migrate to SUN, but as passwords are updated they will be SSHA hashed.
  We only have a problem with importing MD5 hashed passwords in ldap directory.
  Current password on openLDAP are created with the following PHP code:
  $info["userPassword"]= '{md5}' . base64_encode(pack('H*', md5($passwd)));
  I have tried to copy userpassword value from openldap to directory but the directory ignores {md5} and hashed the string again using SSHA.
  Example:
  cleartextpass: password
  md5_base64_hash={MD5}X03MO1qnZdYdgyfeuILPmQ==
  after ldap modify userpassword field loks like this:
  userpassword:{SSHA}a+dFsejrTGwQAgdU07kkgzWWOC16SiIW2UsPcQ==
  What is the correct procedure to import MD5 hashed passwords in Sun Directory?
  (NS-MTA-MD5 Password Storage Plug-In is enabled)

  Sun Directory 5.2 has a plugin NT-MTA-MD5 which should enable users to authenticate with MD5 hashed passwords.
  I have checked in cn=config and NS-MTA-MD5 plugin is enabled.
  I have tried with {NS-MTA-MD5} prefix and still directory does not allow users to authenticate.
  Example:
  cleartextpass: foo
  md5_base64_hash={NS-MTA-MD5}rL0Y20zC+Fzt72VPzMSk2A==
  after ldap modify userpassword field loks like this( NS-MTA-MD5 is accepted by directory):
  userpassword:{NS-MTA-MD5}rL0Y20zC+Fzt72VPzMSk2A==
  but
  ldap bind fails with "invalid credentials" error
  We are using solaris 10 so I tried using the prefix {crypt} and it did not work. You said something about the right config in /etc/security/crypt.conf. Here is the content of my crypt.conf file:
  1 crypt_bsdmd5.so.1
  2a crypt_bsdbf.so.1
  md5 crypt_sunmd5.so.1
  This should be the right config "md5 crypt_sunmd5.so.1"
  Am I missing something here?
  Is there anything else I need to do to enable directory to use MD5 hashed passwords?
  Maybe NS-MTA-MD5 plugin is not enough?

• Cisco ISE NTP MD5 hash is 20-Bytes?

  When attempting to configure an NTP authentication-key in the Cisco ISE CLI I noticed that it will not accept an md5 hash of 32 characters (16 bytes). Instead it is expecting a 40 character (20 bytes) hash. That is in line with a SHA-1 hash, not an MD5 hash even though there is no SHA-1 keyword, only an MD5 keyword.
  What's the deal?
  Cisco ISE Version: 1.1.2.145 (Update 3)
  ise/user(config)# ntp authentication-key 75 ?
    md5  MD5 authentication
  ise/user(config)# ntp authentication-key 75 md5 hash ?
    <WORD>  Hashed key for authentication (Max Size - 40)
  ise/user(config)# ntp authentication-key 75 md5 hash 12345678901234567890123456789012
  % ERROR: Bad hashed key.
  ise/user(config)# ntp authentication-key 75 md5 plain test
  ise/user(config)# do show run | i md5
  ntp authentication-key 75 md5 hash 97dc37c94236ec1b4c56871c2e482cbd6f56bd33
  That's not an MD5 hash as it's 40 characters long (20 bytes).

  Hmm, that is an interesting observation. I am guessing that it is a typo and should be "sha-1" because 40 characters is definitely not MD5 :)
  I would suggest you open a case with Cisco TAC and report this. If you get a bug ID or a different answer please let us know. 
  Thank you for rating helpful posts!

• Using MD5 to generate Dimension IW Keys

  Hi Guys
  I had wanted to use MD5 to hash concatenated strings in a dimension table to come up with IW Keys. I must be missing something because I couldn't find much around the net when looking for it.
  Basically were looking at facts and dimension data in Star Schema. Now typically in a star schema for each dimension we generate an IW Key which we store in the fact to link the two:
  So a region table might look like:
  Region=IW Key
  A=1
  B=2
  c=3
  And A fact table would be like
  RegionIWKey,Metric1,Metric2
  1,3.0,4.0
  2,3.0,4.1
  3,3.0,4.0
  1,3.2,4.3
  Now to load the fact we need to load the dimensions first and then get the IW key, and this takes a lot of time.
  After all that here's the question?
  Why couldn't we just hash the dimension fields to get an IW Key then we could load facts and dimesnions in parallel.
  My understanding is that an MD5 Hash should do this, correct? Then we can index the hashed field. If I am missing something has anyone found out a way to do this successfully and get hashes with no collisions.
  Thanks for light anyone could shed on this.

  http://forum.java.sun.com/thread.jsp?forum=31&thread=225812

• An MD5 implementation for my final project (look inside)

  Hey, I'll just cut to the chase: I'm making an MD5 implementation, from the pseudo-code on the wikipedia page, which is located here. This is what I have so far:
  import java.util.Random;
  public class MD {
  static int i = 0;
  static int f,g;
  public static String MD5(String df) {
  //Note: All variables are unsigned 32 bits and wrap modulo 2^32 when calculating
  //r specifies the per-round shift amounts
  int[] k = new int[64];
  int r[] = {7, 12, 17, 22, 7, 12, 17, 22, 7, 12, 17, 22, 7, 12, 17, 22,
  5, 9, 14, 20, 5, 9, 14, 20, 5, 9, 14, 20, 5, 9, 14, 20,
  4, 11, 16, 23, 4, 11, 16, 23, 4, 11, 16, 23, 4, 11, 16, 23,
  6, 10, 15, 21, 6, 10, 15, 21, 6, 10, 15, 21, 6, 10, 15, 21};
  {color:#000000}
  {color}
  {color:#000000}//Use binary integer part of the sines of integers (Radians) as constants:
  for (int i = 0; i <= 63; i++)
  k[i] =
  +*}{color}*+
  Random gen = new Random();+
  *//Initialize variables:*
  int h0 = 0x67452301;+
  int h1 = 0xEFCDAB89;+
  int h2 = 0x98BADCFE;+
  int h3 = 0x10325476;+
  +*{color:#ff6600}//Pre-processing:*+
  *df {color}*+{color:#ff6600}*= 0x1;*
  *//TODO: append "0" bits until message length in bits = 448 (% 512);*
  *//**append bit / bit, not byte / length of unpadded message as 64-bit little-endian integer to message*
  +//Process the message in successive 512-bit chunks:+
  for each 512-bit chunk of message*
  +break chunk into sixteen 32-bit little-endian words w, 0 <= i <= 15+*
  +/+
  +//Initialize hash value for this chunk:+
  int w[] = new int[16];
  for (int i = 0; i < w.length; i+)
  w[i] = 0;
  //what do I do here?
  }{color}
  int a = h0;
  int b = h1;
  int c = h2;
  int d = h3;
  //Main loop:
  //from 0 to 63
  for (; i < 64; i++)
  if (0 <= i && i <= 15)
  f = (b & c) | ((~ b) & d);
  g = i;
  else if (16 <= i && i <= 31)
  f = (d & b) | ((~ d) & c);
  g = (5*i +1) % 16;+
  +}+
  else if (32 <= i && i <= 47)
  +{+
  f = b ^ c ^ d;
  g = (3*i 5) % 16;
  else if (48 <= i && i <= 63)
  f = c ^ (b | (~ d));
  g = (7*i) % 16;
  int temp = d;
  //can be declared earlier?
  d = c;
  c = b;
  {color:#ff6600}b += leftrotate((a ++ f + +k[i] ++ w[g]) , r[i]);{color}
  a = temp;
  //Add this chunk's hash to result so far:
  h0 += a;+
  h1 = b;
  h2 += c;+
  h3 = d;
  int digest = h0 h1 h2 + h3;
  String valrtn = Integer.toHexString(digest);
  return valrtn;
  //leftrotate function definition
  {color:#ff6600}private static int leftrotate (int x, int c)
  return ((x << c) | (x >> (32-c)));
  //for some reason, this usually gives an error...
  }{color}private static String ToHex (String df)
  //not used right now...
  public static void main (String[]args)
  System.out.println(MD5((("1234567891113111"))));
  //add to hex later
  // String df = "1278186781234567812345678";
  //s.t(df.substring(0,15));
  //-1 from both
  (The above code is copyright me, Chris Blake, and cannot be used without my permission, except for the comments, they're not mine.)
  I'm having a problem with the colored parts, the first part is the part that's supposed to break the plaintext into chunks. (ignore the bold please) I just haven't quite figured out how to do it yet, and it always returns 88888884. The other orange parts have explanations with them.
  Thanks in advance to all that help. :D
  Also, is this in the right forum? Thanks in advance.
  Edited by: Zeroknight on May 26, 2009 5:04 PM
  Edited by: Zeroknight on May 26, 2009 5:15 PM

  Hi,
  You're going to find that there's only a very small group of people that want to install a program with a known exploit, and the developers aren't going to be keen on allowing ongoing access to faulty code.
  Best bet would be to look for the source code. On the [http://www.oracle.com/technetwork/java/javase/downloads/index.html Oracle website] there's the source for JDK 6; have a look around there. You may have to drop back a version to get access.
  Ian.

• Hashing trouble

  Hi, I've been given an issue to solve but I'm not getting close to the solution.
  Problem is to hash (MD5 128 bits) an ip address (with salt = 0x12345678) following this example.
  "+The IP is represented as 4 bytes thus: 217.57.160.193 = in Hex D9.39.A0.C1, so the 32-bit value of the IP is 0xD939A0C1.+
  +When hashing the IP, the binary buffer sent for the MD5 operation is always 8 bytes long, in which the first 4 bytes are the salt and the last 4 bytes are the IP value+".
  In this case, the binary buffer sent to the MD5 is: 0x12345678D939A0C1.
  Result should be: 6cb3fa0c1e04fc9d9f37a2617fa57bb4.
  I addressed the first part with this code:
  long salt = (long) 0x12345678;
  String ipAddress = "217.57.160.193";
  String strToHash;
  byte[] hsh = null;
  long result = 0;
  String[] octets = ipAddress.split("\\.");
  +for (int i = 3; i >= 0; i--) {+
  result |= (Long.parseLong(octets[3 - i]) << (i * 8));
  +}+
  result = result & 0xFFFFFFFF;
  System.out.println("217.57.160.193 in hex = " Long.toHexString(result));+
  Obtaining: 0xD939A0C1
  Then I tried to hash w/ salt:
  String md5="";
  byte[] md5Byte = null;
  +try {+
  +//md5Byte = DigestUtils.md5(((Long.toHexString(salt)) + (Long.toHexString(result))).getBytes("UTF-8"));+
  md5 = DigestUtils.md5Hex(strToHash.getBytes());
  +} catch (Exception ex) {+
  java.util.logging.Logger.getLogger(HttpMonitorNG.class.getName()).log(java.util.logging.Level.SEVERE, null, ex);
  +}+
  System.out.println("217.57.160.193 hashed = " md5);+
  Obtaining this value: 0b348be5b3ebe7c54bff9170a24a5362
  Any idea would be appreciated.
  Thank you
  ny

  There is just so so so much wrong with that code.
  This gives the result you expect -
  final byte[] salt =
              (byte) 0x12, (byte) 0x34, (byte) 0x56, (byte) 0x78
          final byte[] ip =
              (byte) 0xD9, (byte) 0x39, (byte) 0xA0, (byte) 0xC1
          final MessageDigest digestAgent = MessageDigest.getInstance("MD5");
          digestAgent.update(salt);
          digestAgent.update(ip);
          final byte[] digest = digestAgent.digest();
          for (byte b : digest)
              System.out.printf("%02x", b & 0xff);
          System.out.println();and using your original salt and IP data types            int salt = 0x12345678;
              String ipAddress = "217.57.160.193";
              final MessageDigest digestAgent = MessageDigest.getInstance("MD5");
              for (int j = 24; j >= 0; j -= 8)
                  digestAgent.update((byte) (salt >>> j));
              for (String s : ipAddress.split("\\."))
                  digestAgent.update((byte) Integer.parseInt(s));
              final byte[] digest = digestAgent.digest();
              for (byte b : digest)
                  System.out.printf("%02x", b & 0xff);
             System.out.println();Edited by: sabre150 on Jul 31, 2009 1:00 PM
  Refined second bit of code

• Forms md5

  Hello.
  I've been looking for some way to encrypt the passwords for database users. What I want is prevent them from logging on directly to the database with their username and password, so the password is encrypted before logging on to the database.
  I'm curious how I could run a hashing function like md5 in forms (I'm not logged in to the database so I can't use dbms_obsfucation). I could only find one project for md5 in pl/sql but was discontinued because of the above mentioned package. Will I have to code the algorithm in pl/sql?

  Well, you don't pass the component to the method. (The error message already told you that.) You need a String. (Your code tells you that.)
  So how do you get a String from a JPasswordField? Well unfortunately that's a little more difficult that most text fields. Usually you do the obvious thing and call the getText() method, but in this case it's deprecated and you are supposed to use the getPassword() method. But it returns an array of chars.
  Left as an exercise for the student to find out how to make an array of chars into a String.

• Can I create ASP user validated website using existing MD5 passwords from SQL table?

  I'm attempting to build a user authenticated site in Dreamweaver CS5 using an existing USERS table from another site.  The password field in the existing SQL table appears to be MD5 encoded.  How can I MD5 encode the form field (or the SQL query) so that it verifies MD5 to MD5?
  Currently, it's comparing the form's plain text field to the MD5 encrypted password field in SQL.
  I've built a simple login form using the following:
  <form id="form1" name="form1" method="POST" action="<%=MM_LoginAction%>">
      <input name="username" type="text" id="username" accesskey="u" tabindex="1" /><input name="password" type="password" id="password" accesskey="p" tabindex="2" /><input name="submit" type="submit" value="submit" />
      </form>
  With the stock Dreamweaver Log In User Server Behavior as follows:
  <%
  ' *** Validate request to log in to this site.
  MM_LoginAction = Request.ServerVariables("URL")
  If Request.QueryString <> "" Then MM_LoginAction = MM_LoginAction + "?" + Server.HTMLEncode(Request.QueryString)
  MM_valUsername = CStr(Request.Form("username"))
  If MM_valUsername <> "" Then
    Dim MM_fldUserAuthorization
    Dim MM_redirectLoginSuccess
    Dim MM_redirectLoginFailed
    Dim MM_loginSQL
    Dim MM_rsUser
    Dim MM_rsUser_cmd
    MM_fldUserAuthorization = ""
    MM_redirectLoginSuccess = "results.asp"
    MM_redirectLoginFailed = "error.html"
    MM_loginSQL = "SELECT user_name, password"
    If MM_fldUserAuthorization <> "" Then MM_loginSQL = MM_loginSQL & "," & MM_fldUserAuthorization
    MM_loginSQL = MM_loginSQL & " FROM dbo.users WHERE user_name = ? AND password = ?"
    Set MM_rsUser_cmd = Server.CreateObject ("ADODB.Command")
    MM_rsUser_cmd.ActiveConnection = MM_ADSX_STRING
    MM_rsUser_cmd.CommandText = MM_loginSQL
    MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param1", 200, 1, 32, MM_valUsername) ' adVarChar
    MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 32, Request.Form("password")) ' adVarChar
    MM_rsUser_cmd.Prepared = true
    Set MM_rsUser = MM_rsUser_cmd.Execute
    If Not MM_rsUser.EOF Or Not MM_rsUser.BOF Then
      ' username and password match - this is a valid user
      Session("MM_Username") = MM_valUsername
      If (MM_fldUserAuthorization <> "") Then
        Session("MM_UserAuthorization") = CStr(MM_rsUser.Fields.Item(MM_fldUserAuthorization).Value)
      Else
        Session("MM_UserAuthorization") = ""
      End If
      if CStr(Request.QueryString("accessdenied")) <> "" And false Then
        MM_redirectLoginSuccess = Request.QueryString("accessdenied")
      End If
      MM_rsUser.Close
      Response.Redirect(MM_redirectLoginSuccess)
    End If
    MM_rsUser.Close
    Response.Redirect(MM_redirectLoginFailed)
  End If
  %>
  Please help!

  unfortunately classic asp does not have a built in function for md5. what we used for our legacy sites is a javascript that hashes a string to MD5. here's the code we've used in the past http://pajhome.org.uk/crypt/md5/md5.html
  your asp should have something like this...
  <script language="jscript" src="path_to_js_file/md5.js" runat="server"></script>
  <%
  'hash the password
  Dim md5password       ' md5password variable will hold the hashed text from form variable txtPassword
  md5password = hex_md5(""&Request("txtPassword")&"")
  ' based on the code you posted...
  MM_rsUser_cmd.Parameters.Append MM_rsUser_cmd.CreateParameter("param2", 200, 1, 32, md5password) ' adVarChar
  %>

• Getting the MD5 of an entire ROW ?

  Hi All,
  I'm looking for how to get the MD5 of an entire row (or a known set of columns).
  I've found the DBMS_OBFUSCATION_TOOLKIT.MD5 function, which takes either "input IN RAW" or "input_string IN VARCHAR2" as a parameter.
  So, I've three questions:
  1) Is is possible to get the entire value Row in a manner to pass into this function? (e.g. As a String)
  2) Is this DBMS_OBFUSCATION_TOOLKIT package only in Enterprise edition and not in Standard edition ? (How do I check this)
  3) or Is there a better way to get the MD5 of a Row ??
  My row of data will contain a column of type MDSYS.SDO_GEOMETRY.
  Cheers,
  Ronan

  Still no luck with that one...
  select DBMS_OBFUSCATION_TOOLKIT.MD5( input_string => TO_CHAR( ROUTEN ) ) ) AS MD5 FROM interstates;
  ERROR at line 1:
  ORA-00907: missing right parenthesis
  I've seen examples, using that input_string, but only in a procedure, I can't get it to work through a standard SQL statement.
  For example:
  SQL> SET SERVEROUTPUT ON;
  SQL> BEGIN
  2 DBMS_OUTPUT.PUT_LINE (
  3 'md5 hash => ' ||
  4 DBMS_OBFUSCATION_TOOLKIT.MD5 (
  5 input => UTL_RAW.CAST_TO_RAW ('plain text'))
  6 );
  7 END;
  8 /
  md5 hash => 31BC5C2B8FD4F20CD747347B7504A385
  PL/SQL procedure successfully completed.
  SQL> SELECT DBMS_OBFUSCATION_TOOLKIT.MD5 ( input => UTL_RAW.CAST_TO_RAW ('plain text')) FROM DUAL;
  SELECT DBMS_OBFUSCATION_TOOLKIT.MD5 ( input => UTL_RAW.CAST_TO_RAW ('plain text')) FROM DUAL
  ERROR at line 1:
  ORA-00907: missing right parenthesis