C
C#•5mo ago
konstantine

BCrypt : EnhancedVerify() doesn't work

Hi ! I'm using BCrypt to hash passwords. The method EnhancedHashPassword() works, but the method EnhancedVerify() doesn't. I have this error during the execution : 
 An unhandled exception has occurred while executing the request.
      BCrypt.Net.SaltParseException: Invalid salt version
 An unhandled exception has occurred while executing the request.
      BCrypt.Net.SaltParseException: Invalid salt version
I'm reading in some old forums that there is a bug in the update of those 2 methods. The hashing one converts in a 2a hashing, whereas the verifying method convets in 2y. Well, this post was 10 years ago. Is still not working ? Did you find a way to work with it ? Thank you Here my code : 
public async Task<ActionResult<User>> PostUser(User user)
{
    var PasswordUserHashed = BCrypt.Net.BCrypt.EnhancedHashPassword(user.PasswordUser, 13);
[...]
}

 [HttpPost("login")]
 public async Task<ActionResult<User>> LoginUser(UserLoginDTO userLoginDTO)
 {
     var userToVerify = await _context.Users.FirstOrDefaultAsync(u => u.EmailUser == userLoginDTO.EmailUser);
     if (BCrypt.Net.BCrypt.EnhancedVerify(userToVerify.PasswordUser, userLoginDTO.PasswordUser, HashType.SHA384))
     {

         return userToVerify;
     }
     return BadRequest();
 } 
public async Task<ActionResult<User>> PostUser(User user)
{
    var PasswordUserHashed = BCrypt.Net.BCrypt.EnhancedHashPassword(user.PasswordUser, 13);
[...]
}

 [HttpPost("login")]
 public async Task<ActionResult<User>> LoginUser(UserLoginDTO userLoginDTO)
 {
     var userToVerify = await _context.Users.FirstOrDefaultAsync(u => u.EmailUser == userLoginDTO.EmailUser);
     if (BCrypt.Net.BCrypt.EnhancedVerify(userToVerify.PasswordUser, userLoginDTO.PasswordUser, HashType.SHA384))
     {

         return userToVerify;
     }
     return BadRequest();
 }
2 Replies
Dev Master
Dev Master•5mo ago
if (BCrypt.Net.BCrypt.Verify(password.Text, passdb)) { // logged in } // not logged in
konstantine
konstantine•5mo ago
I also had to change the hashing method too 
EnhancedHashPassword()
EnhancedHashPassword()
-> 
HashPassword()
HashPassword()
. It works, thank you 🙂
Want results from more Discord servers?
Add your server
More Posts
How to structure query functions in servicesI have the following function in my service layer csharp: PS: A category can have List<Item> ```csh✅ Possible bug in ternary operator when incrementing in razorpages?inside some .cshtml: @{ int a; int k; if(Model.SomeArray != null) { a = Model.SCan anyone explain me why referencing newer package versions is possible? net8 in net6 solutionIn a .NET6 project this seems to work without problems, how it is possible and is it just so that ht✅ quick recursion questionI have a tests about lists and recursion next friday and I'm really worried because these are easilyDependency issueHello, I imported a private package to my project and now I can't start the project, I have this ersql-net-pcl library, UpdateAll method is always returning 0, resulting in no update.So in my project, after users make some changes to title and many other fields, I am trying to updat