C#C
C#2y ago
konstantine

BCrypt : EnhancedVerify() doesn't work

Hi ! I'm using BCrypt to hash passwords. The method EnhancedHashPassword() works, but the method EnhancedVerify() doesn't. I have this error during the execution :
 An unhandled exception has occurred while executing the request.
      BCrypt.Net.SaltParseException: Invalid salt version

I'm reading in some old forums that there is a bug in the update of those 2 methods. The hashing one converts in a 2a hashing, whereas the verifying method convets in 2y.
Well, this post was 10 years ago. Is still not working ?

Did you find a way to work with it ? Thank you

Here my code : 

[HttpPost]
public async Task<ActionResult<User>> PostUser(User user)
{
    var PasswordUserHashed = BCrypt.Net.BCrypt.EnhancedHashPassword(user.PasswordUser, 13);
[...]
}

 [HttpPost("login")]
 public async Task<ActionResult<User>> LoginUser(UserLoginDTO userLoginDTO)
 {
     var userToVerify = await _context.Users.FirstOrDefaultAsync(u => u.EmailUser == userLoginDTO.EmailUser);
     if (BCrypt.Net.BCrypt.EnhancedVerify(userToVerify.PasswordUser, userLoginDTO.PasswordUser, HashType.SHA384))
     {

         return userToVerify;
     }
     return BadRequest();
 }
Was this page helpful?