从准则和规则GetHash code报价通过埃里克利珀:
规则:的GetHash code,消费者不能依靠它是稳定的时间或跨应用程序域
假设你有一个客户对象 有一帮像名称字段, 处理,等等。如果你做两个 这些对象具有完全相同 在两个不同的处理数据,它们 不必返回相同的哈希 code。如果您对这样一个对象 周二在一个进程,将其关闭, 并再次运行程序 周三,散列codeS可以 不同的。
Suppose you have a Customer object that has a bunch of fields like Name, Address, and so on. If you make two such objects with exactly the same data in two different processes, they do not have to return the same hash code. If you make such an object on Tuesday in one process, shut it down, and run the program again on Wednesday, the hash codes can be different.
这已经咬伤人过去。 该文档 System.String.GetHash code注 特别是两个相同的 字符串可以有不同的hash codeS 在不同版本的CLR,并 其实他们这样做。 不要储存字符串在数据库中的哈希值,并期望他们永远是一样的,因为他们不会。
This has bitten people in the past. The documentation for System.String.GetHashCode notes specifically that two identical strings can have different hash codes in different versions of the CLR, and in fact they do. Don't store string hashes in databases and expect them to be the same forever, because they won't be.
那么,什么是创造,我可以在数据库中存储的字符串的哈希值code正确的方法是什么?
So what is the correct way to create a HashCode of a string that I can store in a database?
(请告诉我,我不是已经离开这个bug的软件,我写的第一人!)
(Please tell me I am not the first person to have left this bug in software I have written!)
推荐答案
这取决于你想要的散列有属性。例如,你的可以的只是这样写:
It depends what properties you want that hash to have. For example, you could just write something like this:
public int HashString(string text)
{
// TODO: Determine nullity policy.
unchecked
{
int hash = 23;
foreach (char c in text)
{
hash = hash * 31 + c;
}
return hash;
}
}
只要你的文件的是,它是哈希是如何计算的,这是有效的。这是没有办法的加密安全之类的东西,但你可以没有问题仍然存在吧。两个字符串这是在序意义上绝对平等的(如:没有文化的平等等应用,完全字符逐个字符一样)会产生相同的哈希值与此code。
So long as you document that that is how the hash is computed, that's valid. It's in no way cryptographically secure or anything like that, but you can persist it with no problems. Two strings which are absolutely equal in the ordinal sense (i.e. with no cultural equality etc applied, exactly character-by-character the same) will produce the same hash with this code.
该问题,当你依靠的无证的哈希来 - 即一些东西,服从 GetHash code(),但绝不保证从版本保持一致,以版本......像 string.GetHash code()。
The problems come when you rely on undocumented hashing - i.e. something which obeys GetHashCode() but is in no way guaranteed to remain the same from version to version... like string.GetHashCode().
写作和记录自己的哈希像这样有点像说:这敏感信息被混杂了MD5(或其他)。只要它是一个良好定义的hash,这很好。
Writing and documenting your own hash like this is a bit like saying, "This sensitive information is hashed with MD5 (or whatever)". So long as it's a well-defined hash, that's fine.
编辑:其他答案建议使用密码散列,如SHA-1或MD5。我要说的是,直到我们知道有一个用于加密安全,而不仅仅是稳定的要求,有一个在经历字符串转换为字节数组和散列是的繁琐程序没有任何意义。当然,如果哈希的是的意思用于任何与安全有关的,符合行业标准的哈希的完全的你应该深远的。但是,这不是在问题提及任何地方。
Other answers have suggested using cryptographic hashes such as SHA-1 or MD5. I would say that until we know there's a requirement for cryptographic security rather than just stability, there's no point in going through the rigmarole of converting the string to a byte array and hashing that. Of course if the hash is meant to be used for anything security-related, an industry-standard hash is exactly what you should be reaching for. But that wasn't mentioned anywhere in the question.
相关推荐
最新文章