hash

Owned by Fiona Sargeant (Unlicensed)
Last updated: Mar 08, 2023 by Thomas Swindells
2 min read


Function: hash()

hash(algorithm,salt,string, [ format ])  Returns a hashed version of the string, optionally with a salt/password.

Four categories of hashing functions are supported:

  1. MessageDigests - Secure one way hash algorithms, if the salt is not _NULL it will be appended to the end of the string. Example values include:
    • SHA-256
    • SHA-384
    • SHA-512
    • SHA-1
    • MD2
    • MD5
  2. Ciphers - Secure encryption using a key. The salt is the encryption key, either in PEM format or as a raw string. The required format and length will depend on the encryption algorithm. Algorithm names can also include 'transformations' which further refine the encryption operation. Example values include:
    • AES
    • AES/CBC/PKCS5Padding
    • Blowfish
    • DES
    • DESede
    • DESede/ECB/PKCS5Padding
    • ECIES
    • RC2
    • RC4
    • RC5
    • RSA
  3. HMACs - Message authentication codes. The salt is the ecnryption key as a raw string. Example values include
    • HmacMD5
    • HmacSHA1
    • HmacSHA224
    • HmacSHA256
    • HmacSHA384
    • HmacSHA512
  4. Signatures - Cryptographic signing algorithms. The salt is the private key either in PEM format or as a raw string. The required format and length will depend on the encryption algorithm. Example values include:
    • MD5withRSA
    • SHA256withRSA
    • SHA384withRSA
    • SHA512withRSA
    • SHA256withDSA
    • SHA384withDSA
    • SHA512withDSA
    • SHA256withECDSA
    • SHA384withECDSA
    • SHA512withECDSA

The full list of available algorithm is Java installation dependent. Further information about available values can be found here https://docs.oracle.com/javase/8/docs/technotes/guides/security/StandardNames.html#Signature

Two output formats are supported. The default is HEX encoding of the bytes. Alternatively Base64 encoding of the resultant value can be requested  using one of the values specified for base64Encode.

Syntax

hash(algorithm,salt,string)

ArgumentTypeDescription

algorithm

String

The name of the following hashing algorithms:

salt

String

Additional salt characters to add to the end of the string before hashing.
If no salt is required, specify _NULL.

string

String

The string to be hashed. Must not be null.

formatStringOptional, specifies the output format, HEX, BASE64, JWT etc

Examples

Basic hash

hash("SHA-256", _NULL, "testValue")

Takes the string testValue, uses SHA-256 algorighm to convert it to a hashed string. No salt is added. Returns the value: 82fe0c834cbea069013c5eb7828e599a693e0d2411887e2ab273271662973082

RS256 JWT token generation

do(
$header = '{"alg":"RS256","typ":"JWT"},
$payload = '{"sub":"1234567890","name":"John Doe","admin":true,"iat":1516239022}',
$key = "-----BEGIN PRIVATE KEY-----\r\n ....",
$prefix = base64Encode($header, "JWT")+"."+base64Encode($payload, "JWT"),
$prefix + "." + hash("SHA256withRSA", $key, $prefix, "JWT"))
)

Generates a RS356 JWT token using a private key and the SHA256withRSA signature hash function.

HS256 JWT token generation

do(
$header = '{"alg":"HS256","typ":"JWT"},
$payload = '{"sub":"1234567890","name":"John Doe","admin":true,"iat":1516239022}',
$key = "0123456789abcdef0123456789abcdef",
$prefix = base64Encode($header, "JWT")+"."+base64Encode($payload, "JWT"),
$prefix + "." + hash("HmacSHA256", $key, $prefix, "JWT"))
)

Constructs an HS256 JWT token using a 32 character key and the HmacSHA256 HMAC hash function.


See Also