Question SHA-512 hash-codes

W

Wolfgang Schölmberger

Member
I know that MESSAGE-DIGEST ("SHA-512", "1234@docuware!1") returns a 64 byte string, but shouldn't at least the first 32 bytes be the same using GENERATE-PBE-KEY("1234@docuware!1") ??

Try the following code:
Code: 
SECURITY-POLICY:SYMMETRIC-ENCRYPTION-ALGORITHM = 'AES_CBC_256'.
SECURITY-POLICY:PBE-HASH-ALGORITHM             = 'SHA-512'.
SECURITY-POLICY:ENCRYPTION-SALT                = ?.   /* '?' --> NO salt-value is used       */

MESSAGE message-digest("SHA-512", "1234@docuware!1")
    "~n~n" GENERATE-PBE-KEY("1234@docuware!1")  VIEW-AS ALERT-BOX.
Could somebody please explain ?
 
Last edited by a moderator:
W

Wolfgang Schölmberger

Member
Found the solution, but don't really understand !

First thing: if one adds...

Code: 
SECURITY-POLICY:PBE-KEY-ROUNDS = 1. /* just 1 hash algorithm iteration */

...the result is almost the same, the strings differ only at position 5 and 32

Seond: the funny thing:

If one uses HEX-ENCODE, the first 32 bytes are identical. Try the following code:

SECURITY-POLICY:SYMMETRIC-ENCRYPTION-ALGORITHM = 'AES_CBC_256'. 
SECURITY-POLICY:PBE-HASH-ALGORITHM = 'SHA-512'. 
SECURITY-POLICY:ENCRYPTION-SALT = ?. /* '?' --> NO salt-value is used */ 
SECURITY-POLICY:PBE-KEY-ROUNDS = 1. /* just 1 hash algorithm iteration */ 

DEFINE VARIABLE digest AS RAW NO-UNDO. DEFINE VARIABLE PBEKEY AS RAW NO-UNDO. 
DEFINE VARIABLE vChar1 AS CHARACTER NO-UNDO. 
DEFINE VARIABLE vChar2 AS CHARACTER NO-UNDO.  

ASSIGN digest = MESSAGE-DIGEST("SHA-512", "aaaaa"). 

PBEKEY = GENERATE-PBE-KEY("aaaaa"). 

vChar1 = HEX-ENCODE(digest). 
vChar2 = HEX-ENCODE(PBEKEY).  

MESSAGE STRING(digest) SKIP string(pbekey) SKIP(2) "Equal:~t" STRING(digest) BEGINS string(pbekey) SKIP(3)
       vChar1 SKIP vChar2 SKIP(2) "Equal:~t" vChar1 BEGINS vChar2
    VIEW-AS ALERT-BOX.

WHY ?????
 
Last edited by a moderator:
Cecil

Cecil

19+ years progress programming and still learning.
Displaying a raw value using STRING() function will convert the output to BASE64 encoding. Base64 requires the output to have a modular division length of 4 characters so, the output is padded out with a equal symbol '='.

Example:

zzz = enp6
zz = eno=
z = eg==

Hope that explaines why there is a difference.
 
You must log in or register to reply here.

Similar threads

W
Question AES CBC encryption
Replies
10
Views
2K
Wolfgang Schölmberger
W
R
  • Locked
[Stackoverflow] [Progress OpenEdge ABL] Progress 4GL DECRYPT fails
Replies
0
Views
1K
rgolinski
R
C
  • Locked
[Progress Communities] [Progress OpenEdge ABL] Forum Post: FW: Progress Alert and Notification Service Article Alert OpenEdge
Replies
0
Views
482
Community Admin
C
R
  • Locked
[progress Communities] [progress Openedge Abl] Forum Post: Http Client Multipart Form Data...
Replies
0
Views
1K
Rod Anderson
R
W
  • Locked
[Progress Communities] [Progress OpenEdge ABL] Forum Post: Webservice Method Rest
Replies
0
Views
515
wsartorelli
W
Top