I have started a new project in .NET which uses some old system's datababase in MySql. The data stored in mysql is periodicaly transfered to MS Sql on which our system works. I need to authenticate users with their login and password. User's passwords are stored as hash generated by OLD_PASSWORD function from mysql. Is there any way to generate such hash using Ms Sql or .NET ?
1
-
I cannot see what algorithm is used by the OLD_PASSWORD. Additionally the MySql manual says "The PASSWORD() function is used by the authentication system in MySQL Server; you should not use it in your own applications. For that purpose, consider MD5() or SHA1() instead." So without knowing algorithm we can't find how to do it in .NET.Dmytrii Nagirniak– Dmytrii Nagirniak2009-08-07 08:04:58 +00:00Commented Aug 7, 2009 at 8:04
Add a comment
|
2 Answers
I found one at http://www.yourhelpcenter.de/2009/06/mysql-alten-md5-hash-in-c-berechnen-16-stellig/
public static string mysql_old_password(string sPassword)
{
UInt32[] result = new UInt32[2];
bool bDebug = false;
UInt32 nr = (UInt32)1345345333, add = (UInt32)7, nr2 = (UInt32)0x12345671;
UInt32 tmp;
char [] password = sPassword.ToCharArray();
int i;
for (i = 0; i < sPassword.Length; i++)
{
if (password[i] == ' ' || password[i] == '\t')
continue;
tmp = (UInt32)password[i];
nr ^= (((nr & 63) + add) * tmp) + (nr << 8);
nr2 += (nr2 << 8 ) ^ nr;
add += tmp;
}
result[0] = nr & (((UInt32)1 << 31) - (UInt32)1);
UInt32 val = (((UInt32)1 << 31) - (UInt32)1);
result[1] = nr2 & val;
string hash = String.Format("{0:X}{1:X}", result[0], result[1]);
return hash.ToLower();
}
2 Comments
Félix Adriyel Gagnon-Grenier
@user8084772 The first thing in this post refers to your own website. Nobody is making money out of this post, and it can fairly be seen as being educational in purpose. Please see this site about copyright and fair use, or please link to lawful reference that this is really a copyright infringement.
Félix Adriyel Gagnon-Grenier
@user8084772 Also, I took the time to google translate the big red box on your site, but maybe if it were written in english, people would actually think twice before copying your code. For a non-german speaker, the whole page means absolutely nothing.
Here is a Perl module that emulates MySQL's password() function for both 4.0 and prior (which is now OLD_PASSWORD() function) and 4.1 and higher.
While I realize that it's not .NET :-) that's the only piece of code (besides MySQL source)I found when I was looking for this, although I needed Java implementation. It worked for me and helped with migration - perhaps you'll be able to port it to .NET or run it as external process.
