Hello
We wish to stop our users (internal and external) from using passwords that are known to have featured in a security breach.
There is a web API for this which basically requires us to pass a UTF-8 SHA-1 hash of the password we want the check.
I'm struggling to take a string and convert it to the SHA-1 hash.
I am using this function (cribbed from the help file) to return the hash:
function sys_computeHash(sToDigest string, sAlgorithm string) returns string
define sBase64,
sResult string,
dgst security.Digest
try
let dgst = security.Digest.CreateDigest(sAlgorithm )
call dgst.AddStringData(sToDigest )
let sBase64 = dgst.DoBase64Digest()
let sResult = util.Strings.base64DecodeToString(sBase64)
catch
call sys_showMessage("Error", STATUS||" - "||SQLCA.SQLERRM, "")
end try
return sResult
end function
When executed, for a passed string of "Password1", the value of sBase64 is:
cMzZAHM41tgd07YnFiG5z5qX6gA=
But the call to base64DecodeToString returns null.
Using an online SHA-1 hash generator gives:
70ccd9007338d6d81dd3b6271621b9cf9a97ea00
The server this is being executed on has its character set to utf8.
I would welcome any guidance on where I may be going wrong.
Thanks
Gary
