Invalid length for a base-64 char array

Topics: Cryptography Application Block
Apr 4, 2011 at 8:14 PM
Edited Apr 4, 2011 at 8:23 PM

I want to implement hashing passwords into a website.  I downloaded the current (5.x) version of entlib, and went through the cryptography/hashing tutorial.  Now Im trying to place it on my website, using the same features as the tutorial documents. I go through the process to hash a password, and store it into a 1000 varchar column in a sql server database.  When I retrieve the password and compare it to the password entered using the CompareHash method, System.Convert.FromBase64String consistently throws the error in the subject line.  I used sha256managed both when I  went through the tutorial and in the website Im trying to use it on.

If I immediately compare the cleartext with the hash, CompareHash gives me a true; so apparently something is happening during the store/retrieve into the database, but I dont know what.  Any ideas on what I can try?

Thanks very much

 

configuration section:

 

 

 

 

section name="securityCryptographyConfiguration" type="Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.Configuration.CryptographySettings, Microsoft.Practices.EnterpriseLibrary.Security.Cryptography, Version=5.0.414.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" requirePermission="true"

 code:

  

 

 

 

 

 

 

 

 

 

 

 

 

 

public static string CreateHash(string Text)

{

 

 

string hashText = null

 

 

CryptographyManager crypto = EnterpriseLibraryContainer.Current.GetInstance<CryptographyManager

 

 

 

 

 

return

 

 

public static bool CommpareHash(string clearText, string

 

 

bool compare = false

 

 

CryptographyManager crypto = EnterpriseLibraryContainer.Current.GetInstance<CryptographyManager

 

>();

 

 

 

 

return

 

 

 compare;

 

}

 

 

compare = crypto.CompareHash("HASHER", clearText, hashedText);

;

 

 

hashedText)

 

{

 

return  hashText;

 

}

 

HASHER", clearText);

 

 

 

 

 

>();

hashText = crypto.CreateHash("

 

 

;

 

 

Apr 5, 2011 at 3:21 AM

Could you try changing your column to varchar(max)?  I'm thinking maybe the hashed value is quite long and gets truncated when saving it to a column with a size of 1000.

 

Sarah Urmeneta
Global Technologies and Solutions
Avanade, Inc.
entlib.support@avanade.com

Apr 5, 2011 at 5:43 PM

Thanks for the reply, Sarah.  Initially I was thinking along these lines, and changed it from 200 to 1000 characters.

Turns out the problem was a dumb coding mistake - I was passing in the parameters as (hashedtext, cleartext) when the method requires them in the other order.