Hi
I have been dabbling with a password salted hashing scheme, so to encrpyt my passwords in my users table in mySQL
the code i have done is vb.net with asp
The code seems to run fine until I try to execute the query
and it throws the following exception at the line
objCmd.ExecuteNonQuery()
"Unable to cast object of type 'System.Byte[]' to type 'System.IConvertible'."
Any help/suggestions would be greatly appreciated
My code is as follows
<%@ Page Language="VB" AutoEventWireup="false" CodeFile="Default.aspx.vb" Inherits="_Default" %>
<%@ Import Namespace="System.Security.Cryptography.SHA384Mana ged" %>
<%@ Import Namespace="System.Text" %>
<%@ Import Namespace="System.Data" %>
<%@ Import Namespace="mysql.data.mysqlclient" %>
<script runat="server" language="VB">
Sub CreateAccount(ByVal sender As Object, ByVal e As EventArgs)
Dim literror As New LiteralControl
'1. Create a connection
'Create connection string to pass database, string holds login information to mySQL,
Dim connectionString As String
connectionString = "Server=localhost; uid=; pwd=;database=ftp1;"
'Builds .net mysql connection and passes connection string into method
Dim connection As New MySqlConnection(connectionString)
Try
'2. Create a command object for the query
Dim strSQL As String = _
"INSERT INTO Useraccount(Username,Password) " & _
"VALUES(?Username, ?Password)"
Dim objCmd As New MySqlCommand(strSQL, connection)
'3. Create parameters
Dim paramUsername As MySqlParameter
paramUsername = New MySqlParameter("?Username", SqlDbType.VarChar, 25)
paramUsername.Value = txtUsername.Text
objCmd.Parameters.Add(paramUsername)
'Encrypt the password
Dim shaHash As New System.Security.Cryptography.SHA384Managed()
Dim hashedBytes As Byte()
Dim encoder As New UTF8Encoding()
hashedBytes = shaHash.ComputeHash(encoder.GetBytes(txtPwd.Text & txtUsername.Text))
Dim paramPwd As MySqlParameter
paramPwd = New MySqlParameter("?Password", SqlDbType.Binary, 16)
paramPwd.Value = hashedBytes
objCmd.Parameters.Add(paramPwd)
'Insert the records into the database
connection.Open()
objCmd.ExecuteNonQuery()
connection.Close()
Catch ex As Exception
literror.Text = ex.Message
MsgBox(ex.Message)
End Try
Response.Redirect("userhome.aspx")
End Sub