MD5 Hash Compare C# Created Hash to SQL 2005 Create Hash - ASP.NET Forums

Home ›

ASP.NET Forums » General ASP.NET » Security » MD5 Hash Compare C# Created Hash to SQL 2005 Create Hash

Shortcuts

Previous Next

MD5 Hash Compare C# Created Hash to SQL 2005 Create Hash

Last post 04-21-2008 4:01 AM by GavH. 2 replies.

Sort Posts:

MD5 Hash Compare C# Created Hash to SQL 2005 Create Hash

04-19-2008, 8:20 AM

Contact

Reply

194 point Member
GavH
Member since 10-12-2006, 9:06 AM
Posts 83

HI All,

I have an issue which is most likely a lack of knowledge on my part,

I have a situation which requires me to compare a hash (MD5) generated in an ASP.Net application against a text value (the pre-hashed value) in SQL 2005.

The hash comes from a cookie and was hashed as MD5 using System.Web.Security.FormsAuthentication.HashPasswordForStoringInConfigFile()

In SQL I am using the function HASHBYTES

Please consider the following query:

SELECT     UID
FROM         t_Collected_Users
WHERE     HashBytes('MD5',Username) = @Username
        AND HashBytes('MD5', Password) = @Password

Where the paramaters @Username and @Password are 32 character hashes generated ASP.Net side. The trouble is the sql function HashBytes creates a 16 character hash, so the two never compare.

What can I do to the 32 Character ASP.Net hash to make it a 16 character SQL compatible MD5 hash?

Many Thanks

Re: MD5 Hash Compare C# Created Hash to SQL 2005 Create Hash

04-19-2008, 11:51 AM

Contact

Answer

Reply

92,380 point All-Star
SGWellens
Member since 01-02-2007, 4:27 PM
Twin Cities, MN
Posts 7,530

This may help you:

master.dbo.fn_varbintohexstr(HashBytes('MD5',Username))

Note: This is an undocumented function.

Note: The string it returns is prefixed with 0x which you may need to deal with.

Steve Wellens

My blog

Re: MD5 Hash Compare C# Created Hash to SQL 2005 Create Hash

04-21-2008, 4:01 AM

Contact

Reply

194 point Member
GavH
Member since 10-12-2006, 9:06 AM
Posts 83

Thanks,

thats just what I needed.

Much appreciated.

Page 1 of 1 (3 items)

RSS Available

Contact | Advertise | Issue Management by Axosoft's OnTime | Running IIS7
All Rights Reserved. | Terms of Use | Trademarks | Privacy Statement
© 2009 Microsoft Corporation.

Channel 9

Channel 9: Nikolaj Bjørner and Leonardo de Moura: The Z3 Constraint Solver

Channel 9

Channel 9: MEF & Silverlight 4 Beta - Part 1, Introduction

WindowsClient

WindowsClient: The (Near) Final Word on Multi-Monitor Taskbars for Windows 7 - Ultramon vs. DisplayFusion

WindowsClient

WindowsClient: Looking back at 2009, and forward to 2010

Silverlight

Silverlight: Polling Video – A Viable sub-second alternative?

TechNet Edge

TechNet Edge: Windows Server 2008 R2 Quick Look #2 - Active Directory Recycle Bin

Channel 10

Channel 10: I'm a Windows 7 PC Themes

Channel 10

Channel 10: 24 Years of Windows Box Art

WindowsClient

WindowsClient: Silverlight tutorial: HOW TO build CommandLink Control in Silverlight with Expression Blend 3 and Behaviors

ASP.NET

ASP.NET: Converting an RGB Color To Hex With JavaScript

Silverlight

Silverlight: Silverlight HVP Design – Configuration & Scenarios

Channel 9

Channel 9: Channel 9 Live at PDC09: Day 3 Welcome

Channel 9

Channel 9: Channel 9 Live at PDC09: TWoC9 Day 3

Channel 10

Channel 10: Microsoft's Mobicast: Stiched Cell Streams

Channel 10

Channel 10: Festive Bing

TechNet Edge

TechNet Edge: How Microsoft Reduces Operational Risk through Business Continuity Management

Channel 9

Channel 9: Jeffrey Van Gogh and Bart De Smet: Inside System.Interactive

WindowsClient

WindowsClient: Runtime Fault Injection using TestAPI

TechNet Edge

TechNet Edge: TechNet Radio: Community Corner with John Weston (Episode 1)

TechNet Edge

TechNet Edge: Windows Firestarter Events (Part 3 of 5): IE8 - Browse the Web in Style!

Microsoft Communities