Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

C# Hash SHA256Managed is not equal to TSQL SHA2_256

Tags:

c#

sql-server

tsql

encoding

hash

I am using hashed passwords with a salt (the username).

Problem is that the hashed values of c# are not equal to the initial values I add to the database by a TSQL Script.

TSQL:

UPDATE [Users]
SET Password = HASHBYTES('SHA2_256', 'test123'+UPPER([UserName]))
GO;

C#:

var passBytes = new UnicodeEncoding().GetBytes(pass);
var saltBytes = new UnicodeEncoding().GetBytes(userName.ToUpper());

var dataToHash = new byte[passBytes.Length + saltBytes.Length];
Array.Copy(passBytes, dataToHash, passBytes.Length);
Array.Copy(saltBytes, dataToHash, saltBytes.Length);

var sha = new SHA256Managed();
return sha.ComputeHash(dataToHash);

I guess it has something to do with the encoding. But i have no idea how to fix this.

UserName is varchar(50)

The DB is an existing one so changing the varchar will not be so easy.

I already tried:

UPDATE [Users]
SET Password = HASHBYTES('SHA2_256', N'test123'+UPPER([UserName]))
GO;
like image 801
Beejee Avatar asked Oct 06 '13 19:10

Beejee

People also ask

What C is used for?

C programming language is a machine-independent programming language that is mainly used to create many types of applications and operating systems such as Windows, and other complicated programs such as the Oracle database, Git, Python interpreter, and games and is considered a programming foundation in the process of ...

What does %= mean in C?

%= Modulus AND assignment operator. It takes modulus using two operands and assigns the result to the left operand. C %= A is equivalent to C = C % A.

What is C full form?

Originally Answered: What is the full form of C ? C - Compiler . C is a general-purpose, high-level language that was originally developed by Dennis M. Ritchie to develop the UNIX operating system at Bell Labs. C was originally first implemented on the DEC PDP-11 computer in 1972.

How old is the letter C?

The letter c was applied by French orthographists in the 12th century to represent the sound ts in English, and this sound developed into the simpler sibilant s.

1 Answers

If your SQL Server database is configured to use the default collation of SQL_Latin1_General_CP1_CI_AS, then in your C# code, use code page 1252 to convert characters to bytes. Thus, the equivalent of

HASHBYTES('SHA2_256', 'test123' + UPPER([UserName]))

is

byte[] data = Encoding.GetEncoding(1252).GetBytes("test123" + userName.ToUpper());
var sha = new SHA256Managed();
byte[] hash = sha.ComputeHash(data);
like image 152
Michael Liu Avatar answered Sep 24 '22 18:09

Michael Liu
Sign in to Comment

Related questions

Iterating a dictionary in C#
AutoResetEvent vs. boolean to stop a thread
Bind a button to a command (Windows Phone 7.5)
How can I assert that a C# async method throws an exception in a unit test? [duplicate]
Razor View IsAuthenticated not working as expected
How can I set the column width of a Property Grid?
How to draw Chart based on DataTable from console application?
How to manage parsing an null object for DateTime to be used with ADO.NET as DBNULL
Guid Uniqueness On different machine [duplicate]
How to use a timer to wait?
How do I send an email from a Windows Phone 8 application?
jQuery put with WebApi - Not even calling the Controller method
Why is this process crashing as soon as it is launched?
Determining if a file has a digital signature in c# without actually verifying the signature
How to create a new database in MongoDB using the c# driver
Get domain name of a url in C# / .NET [duplicate]
When is a System.Double not a double?
Dispose a dictionary in C# best practice
CS1009: Unrecognized escape sequence
How to add New Row in datagridview which is bound to the datasource [duplicate]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!