1

I want to compare plaintext password to crypted_password and salt saved in database for that I have function named passwordisvalid() which has3 parameters (string,byte[],byte[]) string for plaintextpassword,byte[] for saved cryptedpassword and saved salt and crypted_password and salt attributes are of varchar type are in database so my question is how can I convert varchar datatype to byte[] so that I can pass it to passwordisvalid()?

public static bool IsPasswordValid(string passwordPlainText, byte[] savedSaltBytes, byte[] savedHashBytes)
{
    byte[] array1 =GenerateSaltedHash(passwordPlainText,savedSaltBytes);
    byte[] array2 = savedHashBytes;

    if (array1.Length != array2.Length)
        return false;

    for (int i = 0; i < array1.Length; i++)
    {
        if (array1[i] != array2[i])
            return false;
    }

    return true;
}

Any help will be appreciated.

BenMorel
  • 30,280
  • 40
  • 163
  • 285
user3048066
  • 39
  • 8
  • Can you share some of the code? – PaperBirdMaster Feb 17 '14 at 07:59
  • public static bool IsPasswordValid(string passwordPlainText, byte[] savedSaltBytes, byte[] savedHashBytes) { byte[] array1 =GenerateSaltedHash(passwordPlainText,savedSaltBytes); byte[] array2 = savedHashBytes; if (array1.Length != array2.Length) return false; for (int i = 0; i < array1.Length; i++) { if (array1[i] != array2[i]) return false; } return true; } – user3048066 Feb 17 '14 at 08:01

1 Answers1

0

The varchar element from the database should map back to a string. So the question becomes, how can i get a string to convert to a byte array.

Have a look at this post: How do I get a consistent byte representation of strings in C# without manually specifying an encoding? it explains how to do a conversion to byte[] without using an utf encoding.

Community
  • 1
  • 1
Spook Kruger
  • 367
  • 3
  • 15