c# - Validate Stored Encrypted Password in SQL Server 2012 -

-

in sql server run command:

select hashbytes('sha2_256', '12345678') encryptedstring

it gives 0xef797c8118f02dfb649607dd5d3f8c7623048c9c063d532cc95c5ed7a898a64f string output, string has 66 characters.

on same side, itried encrypt password c# code, using this:

public string getshaencryptedcode(string text) {     //sha1 sha26 = new sha1cryptoserviceprovider();     sha256 sha26 = new sha256cryptoserviceprovider();     byte[] sha256bytes = system.text.encoding.utf8.getbytes(text);     byte[] crystring = sha26.computehash(sha256bytes);     string sha256str = string.empty;     (int = 0; < crystring.length; i++)     {         sha256str += crystring[i].tostring("x");     }     return sha256str; }

suupose, if enter same "12345678" in c# code returns me string of 62 character long, string ef797c8118f02dfb64967dd5d3f8c762348c9c63d532cc95c5ed7a898a64f. how validate encrypted string coming sql server , other string c# code in order login user login page?

your c# format string incorrect - it missing leading 0s when hex value less 10.

instead need use "x2" format string padded 2 numbers:

public string getshaencryptedcode(string text) {     //sha1 sha26 = new sha1cryptoserviceprovider();     sha256 sha26 = new sha256cryptoserviceprovider();     byte[] sha256bytes = system.text.encoding.utf8.getbytes(text);     byte[] crystring = sha26.computehash(sha256bytes);     string sha256str = string.empty;     (int = 0; < crystring.length; i++)     {         sha256str += crystring[i].tostring("x2");     }     return sha256str; }

this correctly returns ef797c8118f02dfb649607dd5d3f8c7623048c9c063d532cc95c5ed7a898a64f , can append 0x start.

in case, should not converting values string anyway. hashbytes() , sha256.computehash() both return byte arrays, more efficient , safer compare instead. can use methods described in this answer that.

or maybe better still, assume storing password in database encrypted (aren't you...?), encrypt input value byte array in c#, pass database , use like

select * users username = @username , password = @passwordbytes


Comments

Post a Comment

Popular posts from this blog

java - Unable to make sub reports with Jasper -

-
i using jaspersoft studio create reports. having sub report in jasper main report. problem unable make work, because if add sub report detail band of main report, sub report generated number of times, row row, entire sub report repeated in number of pages. can't put in summery band due same reason. i unable put in column footer band or other footers because displays below error net.sf.jasperreports.engine.jrexception: net.sf.jasperreports.engine.jrruntimeexception: subreport overflowed on band not support overflow. @ com.jaspersoft.studio.editor.preview.view.control.reportcontroler.fillreport(reportcontroler.java:467) @ com.jaspersoft.studio.editor.preview.view.control.reportcontroler.access$18(reportcontroler.java:442) @ com.jaspersoft.studio.editor.preview.view.control.reportcontroler$4.run(reportcontroler.java:334) @ org.eclipse.core.internal.jobs.worker.run(worker.java:54) caused by: net.sf.jasperreports.engine.jrruntimeexception: subreport overflowe...
Read more

sql - The object name contains more than the maximum number of prefixes. The maximum is 2 -

-
i facing similar issue many others error message "the object name contains more maximum number of prefixes. maximum 2." my scenario is, create procedure dbo.[usp_procedure] begin declare @loadtime datetme2(7) set @loadtime = (select loadtime [linkedservername].[databasename].[schemaname].[tablename] tablename = 'xxxxxx') insert [currentserver].[schemaname].[tablename] select column1, column2, .... tablename join tablename1 on .... ... ... end the table containing loadtime present in linked server/database , important value utilized further in clause of procedure via @loadtime . query select loadtime .... works fine when try on present server individually. when run part of procedure, procedure fails above mentioned error. linked server connection set , working fine. , procedure needs run on present server, removes scope of creating procedure on linked server. hope scenario articulate. replies welcome. in advance. the line : insert [currentser...
Read more

scala - play framework: Modules were resolved with conflicting cross-version suffixes -

-
i want use elastic search play framework followed this guide here build.sbt file name := """es-with-play""" version := "1.0-snapshot" lazy val root = (project in file(".")).enableplugins(playscala) scalaversion := "2.11.1" librarydependencies ++= seq( jdbc, anorm, cache, ws, "com.clever-age" % "play2-elasticsearch" % "1.4-snapshot" ) resolvers += "sonatype oss snapshots" @ "https://oss.sonatype.org/content/repositories/snapshots" and in play console when compile code gives following errors [error] modules resolved conflicting cross-version suffixes in {file:/media/sara/new%20volume/programs/programs/play/es-with-play/}root: [error] com.jsuereth:scala-arm _2.11, _2.10 [error] com.typesafe.play:play-functional _2.11, _2.10 [error] com.typesafe.akka:akka-actor _2.11, _2.10 [error] com.typesafe.play:play-json _2.11, _2.10 [error] com.type...
Read more