[CryptoAPI] Suggestion: Implement one-way hashing functions

[CryptoAPI] Suggestion: Implement one-way hashing functions

Forge Component
Published on 2015-11-29 by Ricardo Silva
4 votes
Published on 2015-11-29 by Ricardo Silva
Hello Ricardo,

First of all, fantastic work. I looked at the code of this extension and it is great, and your knowledge of cryptography is astounding.

I would suggest, for enriching this component, that you implement a simple function that "hashes" an input (utf-8 string) using the SHA256 algorithm. This is important for all Security Certifications out there (ISO27001, PCI-DSS, HPIAA, etc.)

Thank you and keep up the good work.
Hello Fábio,

Thank you for your feedback.

I have just published a new version of the CryptoAPI component which adds a function which allows you to compute hashes. You can use it to compute SHA256 hashes of UTF-8 strings by default, but you can specify which algorithm to use as long as it's supported by the underlying language.

It also adds a secure way to hash a password for storage in a database with random 24 bytes of salt using SHA512.

Best regards,
Ricardo Silva
Thank you Ricardo. I have already upgraded my Digital Platform factory to use the new CryptoAPI component.

Once more, excellent work!

Best Regards,

Hi, I've to integrate my application to an API that its guide contains the following parameter : signature = merchantPublicKey + ":" + HexString(HMACSHA256(merchantPrivateKey, message)) I'd like to know what actions i need to use from CryptoAPI to get the following: Waht action for the "HexString" ? What action for the HMACSHA256 ? Thanks
On version 1.4 of Crypto API you can probably the KComputeMac action for this.

It takes a message to be MAC'd, a binary data key and returns the HMACSHA256 of the message using the given key. It will output both the Base64 representation of the resulting mac and the hex encoding it.

So I guess you probably have everything you need.