Question Implementing Vendor SHA1 Hash

[Potish]

I need to setup a process to send data to a vendor that uses SHA1 with 64k loops to hash sensitive data. The vendor has provided some code in php, .NET and Java under the link below

http://www.fraudlabspro.com/developer/api/sha1-64k-hash

Any pointers on how I can get this implemented in OpenEdge 11.1?
Would the progress SHA1-DIGEST function be of any use?

 

[Cecil]

Too Easy.

Try this code. It's returning the same result as the website you provided. I'm not sure what the relevance of the string 'fraudlabspro_' is? The 'fraudlabspro_' string could be removed or might need to be change to something else, check with your vendor. Let us know how you got on.

FUNCTION fraudlabspro_hash RETURNS CHARACTER (INPUT pchData AS CHARACTER ):

    DEFINE VARIABLE chDataHash AS CHARACTER   NO-UNDO.
    DEFINE VARIABLE inLoop     AS INTEGER     NO-UNDO.

    chDataHash = 'fraudlabspro_' + pchData.

    DO inLoop = 1 TO 65536:

        chDataHash = HEX-ENCODE(SHA1-DIGEST('fraudlabspro_' + chDataHash)).
    END.
    RETURN chDataHash.
END.

MESSAGE fraudlabspro_hash('ABC')
    VIEW-AS ALERT-BOX INFO.

 

[Cecil]

Somebody else might be able to chip in here. I'm never sure if it should be a DO loop or a REPEAT loop when doing this kind of processing.

 

[Potish]

Thank you very much for the suggestion. Ran a couple of tests and results look to be exact matches to what the vendor returns on their online hash generator. I will find out from them what the relevance of the string 'fraudlabspro_' is.

 

[TheMadDBA]

I prefer a DO loop when you know there is a finite number of times for the loop to be executed. With a REPEAT you have to be more careful to make sure it doesn't just loop forever (unhandled errors, bugs, etc).

I think the "fraudlabspro_" is an attempt to semi-seed the string. Doesn't really help if everybody knows what the "seed" is though.

 

[Cecil]

Revised version:

FUNCTION SHA1-64K RETURNS CHARACTER (INPUT pchData AS CHARACTER,
                                     INPUT pchSeed AS CHARACTER):

    DEFINE VARIABLE chDataHash AS CHARACTER   NO-UNDO.
    DEFINE VARIABLE inLoop     AS INTEGER     NO-UNDO.

    chDataHash = pchSeed + pchData.
   
    DO inLoop = 1 TO 0x10000: /* 65536*/
        chDataHash = HEX-ENCODE(SHA1-DIGEST(pchSeed + chDataHash)).
    END.

    RETURN chDataHash.
END.

MESSAGE SHA1-64K('ABC','fraudlabspro_')
    VIEW-AS ALERT-BOX INFO.

 

[Potish]

Solution suggested worked and I was able to get code implemented. Thank you for the suggestion.

 

[Cecil]

Cool. I'm glad that I could help.