Sign Up ›
  • greg.ayling
  • NEWBIE
  • 0 Points
  • Member since 2010
  • Chatter
    Feed
  • 0
    Best Answers
  • 0
    Likes Received
  • 0
    Likes Given
  • 1
    Questions
  • 1
    Replies
2 replies

Encrypting password to match encrypted nvarchar in SQL

Here are my steps:
1. Take in a username and password from a Visualforce page.
2. With Apex, I'm encrypting the password using the following function.


private string Encrypt(string preHashValue){
       Blob bPrehash = Blob.valueOf(preHashValue);
       Blob bsig = Crypto.generateDigest('SHA1', bPrehash);

       return EncodingUtil.convertToHex(bsig);        
}

 

3. This gives me a 40-digit hex number.

4. I store that number in Salesforce.

Now the problem:

 

Currently, I've got an encrypted (SHA1) password in my SQL database that I want to compare to the encrypted password in Salesforce.
The issue is that these values, after encrypting the same plaintext password, are not the same.

After some digging, I've found that when the SQL stored procedure is encrypting the plaintext password, it's storing it as an nvarchar(255). Then encrypting it using       HashBytes('SHA1',@Password)

So,

       HashBytes( 'SHA1', Cast( 'TestPassword' as nvarchar(255) ) )

and
       HashBytes( 'SHA1', 'TestPassword' )

give two different values.

My Question:
Is there a way to encrypt the value in Apex so that it matches the encrypted nvarchar(255) in the SQL database?

Any help would be greatly appreciated,

Greg

2 replies

Encrypting password to match encrypted nvarchar in SQL

Here are my steps:
1. Take in a username and password from a Visualforce page.
2. With Apex, I'm encrypting the password using the following function.


private string Encrypt(string preHashValue){
       Blob bPrehash = Blob.valueOf(preHashValue);
       Blob bsig = Crypto.generateDigest('SHA1', bPrehash);

       return EncodingUtil.convertToHex(bsig);        
}

 

3. This gives me a 40-digit hex number.

4. I store that number in Salesforce.

Now the problem:

 

Currently, I've got an encrypted (SHA1) password in my SQL database that I want to compare to the encrypted password in Salesforce.
The issue is that these values, after encrypting the same plaintext password, are not the same.

After some digging, I've found that when the SQL stored procedure is encrypting the plaintext password, it's storing it as an nvarchar(255). Then encrypting it using       HashBytes('SHA1',@Password)

So,

       HashBytes( 'SHA1', Cast( 'TestPassword' as nvarchar(255) ) )

and
       HashBytes( 'SHA1', 'TestPassword' )

give two different values.

My Question:
Is there a way to encrypt the value in Apex so that it matches the encrypted nvarchar(255) in the SQL database?

Any help would be greatly appreciated,

Greg