Hello Erik, Months ago I incurred in your same problem using MD5, described among other things in the following message:
http://www.mail-archive.com/[EMAIL PROTECTED]/msg04941.html My solution (with MD5) was simply to truncate the generated Base-64 string to 20 characters: in your case (using SHA) it would simply mean to truncate to 24 characters. Hope it helps, Vincenzo > -----Original Message----- > From: Erik Beijnoff [mailto:[EMAIL PROTECTED] > Sent: luned� 1 dicembre 2003 16.40 > To: [EMAIL PROTECTED] > Subject: Problem with trimmed SHA stored passwords in database > > > Hello. I'm using James connected to a SQL Server, storing the users in a > table. I'm having a trimming problem with the password hash generated by > James. After adding a user with telnet with the password "testing", the key > below is stored in the db: > > 3HJK8Y+91OWRifX+dopfgxFS > > However, when I generate the password directly from code, I get a slightly > longer hash: > > 3HJK8Y+91OWRifX+dopfgxFScFA= > > As you can see, the last few characters generated from my own code is > cropped in the password generated by James. This means that I'm having a bit > of a problem adding users with anything else then James and telnet. Any idea > why this occurrs and how to solve it? > > Regards Erik Beijnoff > > Password generating code below: > > ----------------------------------------------------------------------- > > String hashThis= "testing"; > > try { > > byte[] bytes= hashThis.getBytes("UTF-8"); > > java.security.MessageDigest messageDigest= > java.security.MessageDigest.getInstance("SHA"); > > messageDigest.update(bytes); > > > byte[] raw= messageDigest.digest(); > > > String hash = (new sun.misc.BASE64Encoder()).encode(raw); > > > System.out.println("Result:" + hash); > > } catch (java.security.NoSuchAlgorithmException ne) { > > // > > } catch (java.io.UnsupportedEncodingException ue) { > > // > > } > > ----------------------------------------------------------------------- > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
