Hashing

[pachjo]

Hi,

if I use result = shaM.ComputeHash(data) how do I get a textbox text into the data array which has to be of type byte?

I am unable to do this as I get an error saying cannot convert string to byte and vice versa?

 

[JohnH]

System.Text.Encoding can be used.

Dim bytes() As Byte = System.Text.Encoding.Default.GetBytes("hello")
 
Dim text As String = System.Text.Encoding.Default.GetString(bytes)

 

[pachjo]

Thanks, is this method suitable for password encryption?

I was thinking of hashing the users password to a table field and then comparing the hash of their logon entry against the saved hashcode

 

[JohnH]

That is a very common way of handing passwords, and used when you don't need to recover the password from the hash, because that is not possible.

 

[pachjo]

Hi,

I think I have lost the plot!

[SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] bytes() [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] [/SIZE][SIZE=2][COLOR=#0000ff]Byte[/COLOR][/SIZE][SIZE=2] = System.Text.Encoding.Default.GetBytes([/SIZE][SIZE=2][COLOR=#0000ff]Me[/COLOR][/SIZE][SIZE=2].txtNewPassword.Text)
[/SIZE][SIZE=2][COLOR=#0000ff]Dim[/COLOR][/SIZE][SIZE=2] text [/SIZE][SIZE=2][COLOR=#0000ff]As[/COLOR][/SIZE][SIZE=2] [/SIZE][SIZE=2][COLOR=#0000ff]String[/COLOR][/SIZE][SIZE=2] = System.Text.Encoding.Default.GetString(bytes)

MessageBox.Show(text)
[/SIZE]

I was expecting to see an encrypted message displayed but got what I typed back.

Have I misunderstood?

 

[JohnH]

Yes. You asked how to get string to bytes, because you needed to hash a bytes array of a string. Do you need code to hash it also? See this: http://www.vbdotnetforums.com/showthread.php?t=10893&highlight=hash

 

[pachjo]

Thanks, this is my neck bit of work and will let you know how I get on

 

[pachjo]

OK I can get this to work where I enter a string and hash it and then write it to a database field.

I then have another function that reads in the database field and compares that hash value with the value the user enters and I don't get a match even though I enter the correct string value.

I see that when I write the hash value to the database using .getstring it is written as

Gãž8ê¨w¶¥Àµwçﬥw)Œ•ìI'„A×

I have tried various field types but am failing miserably!

 

[JohnH]

If you need a string representation of the hashed bytes you have to get a safe string without non-printable and null characters, to do this use the Convert class and its ToBase64String/FromBase64String methods. See the example I posted in the thread linked to.

 

[pachjo]

Thanks

Upon rereading the link and then my code I see that I was hashing the hash code from the database so no wonder it did not match!

Problem sorted, thanks