将密码散列到SQL中 [英] Hashing password into SQL

问题描述

我像这样直接在SQL中对密码进行哈希处理:

I'm hashing a password in SQL directly like this :

DECLARE @HashThis nvarchar(4000);
SET @HashThis = 'SecretPizza'

INSERT into Users (UserId,Password)
Values ('CryptTest',HASHBYTES('SHA1', @HashThis))

结果:

当我尝试将SHA1算法更改为SHA2_256或SHA2_512时，出现以下错误:

When I try and change the SHA1 Algorithm to SHA2_256 or SHA2_512 I get the following error :

问题1 -这真的应该给我中文字符吗?
问题2 -这些是有效的算法，所以我为什么不能使用它们，为什么加密将@HashThis设置为null?

Question 1 - Is this really supposed to give me chinese like characters ?
Question 2 - Those are valid algorithm so how come I can't use them and why is encryption setting @HashThis to null?

推荐答案

问题1:由于将HASHBYTES返回的varbinary值插入到nvarchar列中，因此会出现"like like"字符，因此SQL Server试图解释该字符.字节作为Unicode代码点(字符).

Question 1: You get "Chinese like" characters because you are inserting a varbinary value returned by HASHBYTES into an nvarchar column, so SQL Server is trying to interpret the bytes as Unicode code points (characters).

问题2:SQL Server 2012之前不支持-请参阅 SQL Server 2008 R2 HASHBYTES SHA2返回null

Question 2: Not supported before SQL Server 2012 - see SQL Server 2008 R2 HASHBYTES SHA2 returns null

这篇关于将密码散列到SQL中的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！