Is SHA-1 correctly implemented in OpenEdge or am I doing som

Posted by pieter.brouwer on 30-Apr-2018 04:24

Hi,

When I run this piece of code, I expect to get a 'yes' as a result. However computer says No. When I compare the result with what online-code-generator.com/sha1-hash-with-optional-salt.php says, it should be 99c7a7ad5073610a101581f0a6c56a02f2b1e48b. Other sources tell me that this is indeed the correct answer. Am I doing something wrong here or is the implementation of Progress incorrect?

Kind regards,

Pieter Brouwer

  DEFINE VARIABLE cValue      AS CHARACTER NO-UNDO.
  DEFINE VARIABLE cResultValue AS CHARACTER NO-UNDO.
  DEFINE VARIABLE cSalt       AS CHARACTER NO-UNDO.

  ASSIGN
    cValue      = "19670901"
    cSalt       = "7A6579284B41376B"
    cResultValue = HEX-ENCODE(SHA1-DIGEST(cValue + cSalt, cSalt)).

  MESSAGE cResultValue EQ "99c7a7ad5073610a101581f0a6c56a02f2b1e48b" VIEW-AS ALERT-BOX INFO.

OpenEdge Development - Forum

Posted by Ruben Dröge on 30-Apr-2018 04:38

Hi Pieter,

You're using the hash value twice, should be:

cResultValue = HEX-ENCODE(SHA1-DIGEST(cValue, cSalt)).

All Replies

Posted by Ruben Dröge on 30-Apr-2018 04:38

Hi Pieter,

You're using the hash value twice, should be:

cResultValue = HEX-ENCODE(SHA1-DIGEST(cValue, cSalt)).

Posted by pieter.brouwer on 30-Apr-2018 05:08

Does that mean that the salt is automatically added to the value prior to hashing? Didn't know that. Thnx

Posted by gdb390 on 30-Apr-2018 05:10

HEX-ENCODE(SHA1-DIGEST(cValue + cSalt)) gives the same as HEX-ENCODE(SHA1-DIGEST(cValue,cSalt))

This thread is closed