In an MSSQL environment, I've got a stored procedure which I use to generate hashes. Currently, the stored procedure uses MD5 (with an appropriate security key).
I'm trying to change the stored procedure so that it uses Blowfish instead.
The current line in the stored procedure is:
select #hashedvalue = convert(nvarchar(32),hashbytes('MD5',#querystring+#hashpassword),2)
What's the correct syntax for hashing via Blowfish as opposed to MD5 please?
I've had a look at this but I couldn't work out which algorithm option I should be using...
Thanks!
HASHBYTES does not support Blowfish
You would need to use a CLR function (search for one) or see what this from Chilkat does
Personally I would use SHA2_512 for simple hashes.
Password hashing is different, you need bcrypt or other iterative hashing solutions.
Related
Our company is setting up a new Snowflake instance, and we are attempting to migrate some processing currently being done is MS SQL Server. I need to migrate a Table-Valued SQL Function into snowflake. The source function has procedural logic in it, which is not allowed to my knowledge in snowflake UDTFs. I have been searching for a workaround with no success.
To be as specific as I can, I need a function that will take a string for input, decode that string, and return a table with the keys and their corresponding values. I cannot condense all of the logic to split the string and decode the keys into one SQL statement, so Snowflake SQL UDTFs will not work.
I looked into whether a UDTF can call a procedure and somehow I could simply return a result, but it does not look like that will work. Please let me know if there is any way to work around this.
I think Javascript UDTF is what you're looking for in Snowflake:
https://docs.snowflake.com/en/sql-reference/udf-js-table-functions.html
funny I just stumbled onto this as I'm running into the same thing myself. I found there is a SPLIT_TO_TABLE function that may be able to accomplish this. As Greg suggested nesting this together in the form of a CTE combined with a JOIN may allow you to accomplish what you need to do.
G'day, I am currently tasked with creating a stored procedure with T-SQL which will be able to make a GET call using an MSXML2.serverXMLHttp instance that contains a signed OAuth authorization header.
I have been able to do everything short of generate the RSA-SHA1 signature string because I cannot find a hash_signing function.
I created the base string and generated the hash digest using the HASHBYTES() function, but am unable to find a corresponding hash signing function as the documentation is very confusing to me.
So, my question really boils down to: Is it possible to generate an RSA-SHA1 signature in T-SQL without using CLR or other external work-arounds? And if so which functions are required to do this? Thanks in advance.
I have a requirement to encrypt the customer's membership number in our database. So okay, we're using MS SQL Server, I figured I use encryptbypassphrase, change every place that writes this field to encrypt and every place that reads it to decrypt, etc.
Except ... there are places in the DB where the field is used to link multiple records. I was thinking no problem, I just change the join from "join blahblah on a.member_number=b.member_number", to "join blahblah on a.member_number_encrypted=b.member_number_encrypted". But this doesn't work, because I discovered that if I encrypt the same value twice, I don't get the same encrypted value. I guess it's adding some salt in there or something. And I don't want to say "join blahblah on decryptbypassphrase(#pw, a.member_number_encrypted)=decryptbypassphrase(#pw, b.member_number_encrypted), as that would turn an index lookup into a full-file search. I thought it would be ugly to have to index on the much bigger encrypted value, but ...
So ... Is there some way to force encryptbypassphrase to always encrypt the same input to the same output? Or does this mean that it is simply not practical to join on an encrypted field in most cases?
Or am I missing something?
What you are looking for is deterministic encryption.
You can achieve deterministic encryption by using a hash of plaintext as your IV, thus, you will get the same ciphertext every time you encrypt a given plaintext. Please see this article for reference.
If you are using/can use MS SQL Server 2016 you should look at Always Encrypted feature. Depending on what operations you want to do on your data. Always Encrypted will make your task easier, since it supports deterministic encryption. Few links that will help you.
Getting Started with Always Encrypted
This feature will make it easier to test Always Encrypted without writing an app
Configure Always Encrypted using SQL Server Management Studio
I have briefly explained the security guarantee provided by Always Encrypted here
How can I copy WordPress password to another table with SHA1? As per my knowledge WordPress using MD5
Currently I am using simple query something like
INSEERT INTO rc_user(password)
SELECT user_pass
FROM wp_users
So I have no idea how to convert encryption. Please help me.
You can't. Both SHA1 and MD5 are hash functions and they do one way conversion of data so there is no way to "decrypt" it after md5 is applied.
I need to hash (MD5) all the password in our Sql Server 2000 database. I can easily generate a C#/VB.NET program to convert (hash) all the passwords, but I was wondering (more for my education than for a real compelling need) if it was possible to calculate MD5 hash directly in T-SQL.
Thanks to anyone who will answer.
In 2005 and later, you can call the HashBytes() function. In 2000, the closest thing is pwdencrypt/pwdcompare, though those functions have their own pitfalls (read the comments of the link).
It is using this code, but it is not native to the language.
http://www.codeproject.com/KB/database/xp_md5.aspx
No, there is no native TSQL command to generate MD5 hash's in SQL Server 2000.
In 2005 and above you can use the HashBytes function: http://msdn.microsoft.com/en-us/library/ms174415.aspx
Please see below example/solution using 2008
DECLARE #HashThis nvarchar(4000);
SELECT #HashThis = CONVERT(nvarchar(4000),'dslfdkjLK85kldhnv$n000#knf');
SELECT HashBytes('md5', #HashThis);
GO
There is nothing magical about md5, you can implement it as a pure tsql function if you want to. I'm not sure it would be fun in tsql, but there should be nothing preventing you from doing so :)
Just for the record:
UPDATE T_WHATEVER_YOUR_TABLE_NAME_IS
SET PREFIX_Hash = LOWER(SUBSTRING(master.dbo.fn_varbintohexstr(HashBytes('MD5', LOWER('a-string-with-utf8-encoded-international-text'))), 3, 32) )