Home Forums Article Discussions Article Discussions by Author Discuss Content Posted by Michael Coles Using salts with base 64 encoding decoding RE: Using salts with base 64 encoding decoding

  • September 8, 2008 at 6:20 pm

    #868802

    No problems Alex,

    From your description you have a set of data being posted along with an HMAC-SHA1 of that data, and your receiving system needs to validate that post by regenerating the HMAC-SHA1 from that data and comparing it to the posted HMAC, correct?

    Raul Garcia blogged about generating MACs here a few years ago, though it's SQL2005-specific. His solution was to simply append the "salt" value to the end of the plaintext before hashing it with SHA1 which does the job but isn't quite RFC compliant.

    Are you using SQL2000 or SQL2005? For 2000 you need to use either a 3rd party XP or a T-SQL implementation (or a hybrid using COM OLE Automation) of the hashing algorithms, whereas in SQL2005 you have the builtin HashBytes() function and can also write your own CLR function to do the job using the dotNET crypto libs.

    These will give you your SHA1 hashing - but only the Chilkat or dotNET CLR solutions will do your HMAC-SHA1 in a standard manner. Shouldn't be too hard to modify the T-SQL implementation or wrap the 3rd-party XP solution in RFC-correct code either. Do you have control over the posting website so that you can modify the HMAC algorithm?

    Regards,

    Jacob