My application have an auto update feature. To verify if it successfully download the file I compare two hash, one to the xml and to the hash generated after downloading. The two hash is same but its throwing me that the two hash not same. When I check the size, xml hash string have 66 and the other is 36. I use the trim method but still no luck.
string file = ((string)e.Argument);
string updateMD5 = "--"+((string)e.Argument).ToUpper()+"--";
string xx="--"+Hasher.HashFile(file, HashType.MD5).ToUpper()+"--";
// Hash the file and compare to the hash in the update xml
int xxx = (updateMD5.Trim()).Length;
int xxxxx = xx.Trim().Length;
if (String.Equals(updateMD5.Trim(), xx.Trim(), StringComparison.InvariantCultureIgnoreCase))
e.Result = DialogResult.OK;
e.Result = DialogResult.No;
internal static string HashFile(string filePath, HashType algo)
return MakeHashString(MD5.Create().ComputeHash(new FileStream(filePath, FileMode.Open)));
return MakeHashString(SHA1.Create().ComputeHash(new FileStream(filePath, FileMode.Open)));
return MakeHashString(SHA512.Create().ComputeHash(new FileStream(filePath, FileMode.Open)));
private static string MakeHashString(byte hash)
StringBuilder s = new StringBuilder();
foreach (byte b in hash)
StringBuilder s=new StringBuilder();
foreach (char c in updateMD5.Trim())
Once you showed the character for character output of the longer string the explanation is clear.
As to why this happens, that's pretty impossible to tell from our end due to the nature of the problem.
Anyway, the problem are these two:
Those two code points are 0x200C and 0x200B aka:
These are invisible characters meant to give hints to word-breaking algorithms and similar gory stuff.
Simply put, somewhere in your code where you concatenate strings you have those two characters as part of your source code. Since they're not visible in your source code either (zero width, remember) they can be hard to spot.
I would take a look at all strings involved in thise, in particular I would starte with the
"x2" format string used to build up the hash code, or possibly the code that returns the MD5 code for the update to apply.