|
Hash
DescriptionConverts
a variable-length string to a fixed-length string that can act as
a “fingerprint” or unique identifier for the original string. It
is not possible to convert the hash result back to the source string.
Function syntaxHash(string [, algorithm [, encoding ]])
HistoryColdFusion
MX 7: Added the algorithm and encoding parameters.
Parameters
Parameter
|
Description
|
string
|
String to hash.
|
algorithm
|
(Optional) The algorithm to use to hash
the string. ColdFusion installs a cryptography library with the
following algorithms:
CFMX_COMPAT: Generates a
hash string identical to that generated by ColdFusion MX and ColdFusion
MX 6.1 (default).
MD5: (default) Generates a 32-character, hexadecimal string,
using the MD5 algorithm (The algorithm used in ColdFusion MX and
prior releases).
SHA: Generates a 28-character string using the Secure Hash
Standard SHA-1 algorithm specified by Nation Institute of Standards
and Technology (NIST) FIPS-180-2.
SHA-256: Generates a 44-character string using the SHA-256
algorithm specified by FIPS-180-2.
SHA-384: Generates a 64-character string using the SHA-384
algorithm specified by FIPS-180-2.
SHA-512: Generates an 88-character string using the SHA-1
algorithm specified by FIPS-180-2.
|
|
The Enterprise Edition of ColdFusion installs
the RSA BSafe Crypto-J library, which provides FIPS-140 Compliant Strong
Cryptography. It includes the following algorithms:
MD2: The MD2 hash algorithm defined by RFC 1319.
MD5: The defined by RFC 1321.
RIPEMD160: RACE Integrity Primitives Evaluation Message Digest
160-bit message digest algorithm and cryptographic hash function.
SHA-1: The 160-bit secure hash algorithm defined by FIPS
180-2 and FIPS 198.
SHA-224: The 224-bit secure hash algorithm defined by FIPS
180-2 and FIPS 198.
SHA-256: The 256-bit secure hash algorithm defined by FIPS
180-2 and FIPS 198.
SHA-384: The 384-bit secure hash algorithm defined by FIPS
180-2 and FIPS 198.
SHA-512: The 512-bit secure hash algorithm defined by FIPS
180-2 and FIPS 198.
If you install a security
provider with additional cryptography algorithms, you can also specify
any of its hashing algorithms.
|
encoding
|
(Optional; to use this attribute, also specify
the algorithm parameter) A string specifying the encoding
to use when converting the string to byte data used by the hash
algorithm. Must be a character encoding name recognized by the Java
runtime. The default value is the value specified by the defaultCharset
entry in the neo-runtime.xml file, which is normally UTF-8. Ignored
when using the CFMX_COMPAT algorithm.
|
UsageThe result
of this function is useful for comparison and validation. For example, you
can store the hash of a password in a database without exposing
the password. You can check the validity of the password by hashing
the entered password and comparing the result with the hashed password
in the database.
ColdFusion uses the Java Cryptography Extension
(JCE) and installs a Sun Java runtime that includes the Sun JCE
default security provider. This provider includes the algorithms
listed in the Parameters section. The JCE framework includes facilities
for using other provider implementations; however, Adobe cannot
provide technical support for third-party security providers.
The encoding attribute
is normally not required. It provides a mechanism for generating
identical hash values on systems with different default encodings. ColdFusion
uses a default encoding of UTF-8 unless you modify the defaultCharset
entry in the neo-runtime.xml file.
ExampleThe
following example lets you enter a password and compares the hashed password
with a hash value saved in the SecureData table of the cfdocexamples database.
This table has the following entries:
User ID
|
Password
|
blaw
|
blaw
|
dknob
|
dknob
|
<h3>Hash Example</h3>
<!--- Do the following if the form is submitted. --->
<cfif IsDefined("Form.UserID")>
<!--- query the data base. --->
<cfquery name = "CheckPerson" datasource = "cfdocexamples">
SELECT PasswordHash
FROM SecureData
WHERE UserID = <cfqueryparam value = "#Form.userID#"
cfsqltype = 'CF_SQL_VARCHAR'>
</cfquery>
<!--- Compare query PasswordHash field and the hashed form password
and display the results. --->
<cfoutput>
<cfif Hash(Form.password, "SHA") is not checkperson.passwordHash>
User ID #Form.userID# or password is not valid. Try again.
<cfelse>
Password is valid for User ID #Form.userID#.
</cfif>
</cfoutput>
</cfif>
<!--- Form for entering ID and password. --->
<form action="#CGI.SCRIPT_NAME#" method="post">
<b>User ID: </b>
<input type = "text" name="UserID" ><br>
<b>Password: </b>
<input type = "text" name="password" ><br><br>
<input type = "Submit" value = "Encrypt my String">
</form>
|