Forum Discussion

quangtran's avatar
quangtran
Icon for Cirrus rankCirrus
Feb 01, 2023
Solved

What is the output of crypto::hash

I have a piece of irule code:

when HTTP_REQUEST_DATA {
set data [findstr [HTTP::payload] "Data" 9 \" ]
log local0. "raw data = $data"
set hash_data [CRYPTO::hash -alg sha256 $data ]
log local0. "hashsing data = $hash_data"
set enc_data [CRYPTO::encrypt -alg rsa-priv -key $pri_key $hash_data]
log local0. "encrypted data = $enc_data"

When transmitting data segment

{
"Data": "eyJVc2VyTmFtZSI6ImVjdXN0"
}

log returned in var/log/ltm has the form:

<HTTP_REQUEST_DATA>: raw data = yJVc2VyTmFtZSI6ImVjdXN0
<HTTP_REQUEST_DATA>: hashsing data = Ù<¥.)m¿]F² ŪôN3Z}9½® 5
<HTTP_REQUEST_DATA>: encrypted data = G
$©!s(© C³> Ã ±3vÜOÍQà ÍWô@▒ · Ò t3|ß
+r`å{¾SæäÀÄ `¸ñ5¹ etP íc«: ;TæM>À+Cå"Ls:ÑkÕ Ï ¯Ñ5 êAU2Ñ/çèî(Dl²Gw_¿ Nô Ð0/^F/W³èýÀ

I have tried online hashing tools,

input: eyJVc2VyTmFtZSI6ImVjdXN0
output: ee4afdbe5ed669d6e751ecbccde4a75e19ad7540514ba8f32d5d8c64409df250

Is there a way for my CRYPTO::hash function and CRYPTO::encrypt function to return the same value as the online hasher output

Any and all help is appreciated. Thanks you

  • Hi quangtran, you need to represent the binary string as a string of hex digits in your code:

        when RULE_INIT {
            set data "hello, world"
            log local0. "raw data = $data"
            set hash_data [CRYPTO::hash -alg sha256 $data ]
            log local0. "hashing data = $hash_data"
            binary scan $hash_data H* hash_data_hex
            log local0. "hashing data as string = $hash_data_hex"
        }

    This results in my log file as:

    Feb  2 17:51:16 ltm3.test.local info tmm[115055]: Rule /Common/hash_example <RULE_INIT>: raw data = hello, world
    Feb  2 17:51:16 ltm3.test.local info tmm[115055]: Rule /Common/hash_example <RULE_INIT>: hashing data =         Ê~NªnéÇÒaq)HdMߺ|¿¼L6 [
    Feb  2 17:51:16 ltm3.test.local info tmm[115055]: Rule /Common/hash_example <RULE_INIT>: hashing data as string = 09ca7e4eaa6e8ae9c7d261167129184883644d07dfba7cbfbc4c8a2e08360d5b

    And you can see that that string matches the online generated hash as well:

5 Replies

  • Hi quangtran, you need to represent the binary string as a string of hex digits in your code:

        when RULE_INIT {
            set data "hello, world"
            log local0. "raw data = $data"
            set hash_data [CRYPTO::hash -alg sha256 $data ]
            log local0. "hashing data = $hash_data"
            binary scan $hash_data H* hash_data_hex
            log local0. "hashing data as string = $hash_data_hex"
        }

    This results in my log file as:

    Feb  2 17:51:16 ltm3.test.local info tmm[115055]: Rule /Common/hash_example <RULE_INIT>: raw data = hello, world
    Feb  2 17:51:16 ltm3.test.local info tmm[115055]: Rule /Common/hash_example <RULE_INIT>: hashing data =         Ê~NªnéÇÒaq)HdMߺ|¿¼L6 [
    Feb  2 17:51:16 ltm3.test.local info tmm[115055]: Rule /Common/hash_example <RULE_INIT>: hashing data as string = 09ca7e4eaa6e8ae9c7d261167129184883644d07dfba7cbfbc4c8a2e08360d5b

    And you can see that that string matches the online generated hash as well: