user2438154
Reputation: 3
SQL Server sha1 value in prepared statement gives a different value than hardcoded string
I am trying to encrypt a password in SQL Server and I'm getting two different results when I use a string vs. using a prepared statement parameter.
For example:
SELECT
sys.fn_varbintohexstr(HASHBYTES('sha1', ?)),
sys.fn_varbintohexstr(HASHBYTES('sha1', 'password'))
Where the ? is populated by 'password'. It gives me
0xe8f97fba9104d1ea50479...
0x5baa61e4c9b93f3f06822...
Why am I getting two different results for what should be the same thing?
Also, this is only happening in SQL Server, if I do a similar query in MySQL, it returns the same value for both.
I know I should be using better encryption, but I am stuck with sha1 (no salt) for now.
Thanks
Upvotes: 0
Views: 768
Answers (1)
Robert McKee
Reputation: 21477
One is a varchar the other nvarchar
SELECT
sys.fn_varbintohexstr(HASHBYTES('sha1','password')),
sys.fn_varbintohexstr(HASHBYTES('sha1',N'password'))
returns
0x5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8
0xe8f97fba9104d1ea5047948e6dfb67facd9f5b73
Upvotes: 1
Related Questions
- HASHBYTES 'SHA1' return value that differ to standard SHA1 implementation
- Why do I get different hash encoding results in SQL Server depending on how I convert a string?
- SQL Server 2008 R2 HASHBYTES SHA2 returns null
- SHA2_256 Hashbytes generating different value on SQL Server 2012 with different version
- SQL Server 2008 R2, HASHBYTES SHA256 returning NULL
- SHA1 not producing same hash value for same string input?
- sha1 function giving a different result to equivalent .net code
- Sql Server Storing SHA256 String as Question Marks
- sha1 in php not storing properly in mysql
- Same string, different SHA1 hash values obtained from VB.net and PHP