ONLINE HELP
 WINDEVWEBDEV AND WINDEV MOBILE

Help / WLanguage / WLanguage functions / Standard functions / Hash functions
  • Availability of algorithms
  • HashCheckString and UNICODE
WINDEV
WindowsLinuxUniversal Windows 10 AppJavaReports and QueriesUser code (UMC)
WEBDEV
WindowsLinuxPHPWEBDEV - Browser code
WINDEV Mobile
AndroidAndroid Widget iPhone/iPadIOS WidgetApple WatchMac CatalystUniversal Windows 10 App
Others
Stored procedures
HashCheckString (Function)
In french: HashVérifieChaîne
Checks the Hash of a character string for a specific type of algorithm. You have the ability to check:
  • a simple hash.
  • a hash with message authentication.
  • a hash obtained with a key derivation function that takes a salt as parameter (PBKDF2).
    WEBDEV - Browser codePHP Not available.
Reminder: Hashing is used to summarize a file or a character string. This summary is called Hash.
Example
WindowsLinuxPHP
// Check password:
// - Password typed in the "EDT_TypePassword" control
// - The password Hash is found in the "User.HashPassword" item
IF HashCheckString(HA_MD5_128, EDT_TypePassword, ...
User.HashPassword) = True THEN
Info("Password OK.")
// Rest of process
// ...
ELSE
Error("Wrong password.")
// Resume the input
SetFocusAndReturnToUserInput(EDT_TypePassword)
END
WEBDEV - Browser code
sHash is string = "9F 04 F4 1A 84 85 14 16 20 50 E3 D6"
HashCheckString(HA_SHA_160, "abc", HexaToBuffer(sHash), HashCheckString_Callback)
 
INTERNAL PROCEDURE HashCheckString_Callback(bRes boolean)
IF bRes = False THEN Trace("Error during verification")
END
Syntax

Checking a simple hash Hide the details

<Result> = HashCheckString(<Type of algorithm> , <String> , <Hash>)
<Result>: Boolean
  • True if the result when <String> was hashed by <Type of algorithm> corresponds to <Hash>,
  • False otherwise.
<Type of algorithm>: Integer constant
Indicates the type of algorithm used when hashing the <String>:
DJB2 family (Bernstein)
  • HA_DJB2_32
  • HA_DJB2_64
PHP The constants of this family are not available.
MD4 familyHA_MD4
MD5 familyHA_MD5_128
Caution: this type of algorithm is currently deprecated.
MURMUR family
  • HA_MURMUR_1: Murmur algorithm version 1: 32-bit hash result
  • HA_MURMUR_2: Murmur algorithm version 2: 32-bit hash result
  • HA_MURMUR_2_64A: Murmur algorithm version 2: 64-bit hash result optimized for 64-bit processors
  • HA_MURMUR_2_64B: Murmur algorithm version 2: 64-bit hash result optimized for 32-bit processors
  • HA_MURMUR_2_A: Incremental Murmur algorithm version 2: 32-bit hash result
  • HA_MURMUR_2_BIG_ENDIAN: Murmur algorithm version 2 for big-endian machine: 32-bit hash result
  • HA_MURMUR_2_ALIGNE: Murmur algorithm version 2 for aligned machine: 32-bit hash result
  • HA_MURMUR_3_32: Murmur algorithm version 3: 32-bit hash result
  • HA_MURMUR_3_128_X86: Murmur algorithm version 3: 128-bit hash result optimized for 32-bit processors
  • HA_MURMUR_3_128_X64: Murmur algorithm version 3: 128-bit hash result optimized for 64-bit processors
RIPEMD family
  • HA_RIPEMD_128
  • HA_RIPEMD_160
SHA family
  • HA_SHA_160 (also called SHA-1)
  • HA_SHA_256 (FIPS PUB 198 specifications)
  • HA_SHA_256_DOUBLE
  • HA_SHA_384
  • HA_SHA_512
SHA-3 family
  • HA_SHA3_224
  • HA_SHA3_256
  • HA_SHA3_384
  • HA_SHA3_512
TIGER family
  • HA_TIGER_128
  • HA_TIGER_160
  • HA_TIGER_192
WHIRLPOOL familyHA_WHIRLPOOL
CKSUM family
  • HA_CKSUM_8
  • HA_CKSUM_16
  • HA_CKSUM_32
  • HA_CKSUM_64
  • MD4 / MD5 / SHA / RIPEMD algorithms: standard cryptographic hash functions.
  • TIGER/WHIRLPOOL algorithms: hash functions with high cryptographic properties optimized for the 64-bit mode (but can also be used in 32-bit mode).
  • CKSUM algorithms: hash functions with no cryptographic property, should be used to perform low-level checks or with hashing tables.
  • DJB2 algorithm (Bernstein): hash functions reserved to strings and with no cryptographic property, should be used to perform low-level checks or with hashing tables. Few risks to get an identical hash.
  • MURMUR algorithm: very fast hash functions with no cryptographic properties. This algorithm is used by the "bloom filter" of bitcoin wallets.
<String>: Character string
String for which the Hash will be checked.
<Hash>: Character string
Hash of string to check. This Hash must be the result of HashString previously called for <String> using the <Type of algorithm>.
WEBDEV - Browser code

Checking a simple hash Hide the details

HashCheckString(<Type of algorithm> , <String> , <Hash> , <WLanguage procedure>)
<Type of algorithm>: Integer constant
Indicates the type of algorithm used when hashing the <String>:
SHA family
  • HA_SHA_160 (also called SHA-1)
  • HA_SHA_256 (FIPS PUB 198 specifications)
  • HA_SHA_256_DOUBLE
  • HA_SHA_384
  • HA_SHA_512

Remarks:
  • These hash algorithms are not allowed in Internet Explorer.
  • The HA_SHA_160 algorithm is not allowed in Edge.
<String>: Character string
String for which the Hash will be checked.
<Hash>: Character string
Hash of string to check. This Hash must be the result of HashString previously called for <String> using the <Type of algorithm>.
<WLanguage procedure>: Procedure name
Name of the WLanguage procedure ("callback") called when hashing. This procedure is used to get the hash result. For more details, see Procedure used by HashCheckString.

Checking a hash with message authentication (HMAC/MURMUR algorithm) Hide the details

<Result> = HashCheckString(<Type of algorithm> , <String> , <Hash> , <Secret key>)
<Result>: Boolean
  • True if the result when <String> was hashed by <Type of algorithm> corresponds to <Hash>,
  • False otherwise.
<Type of algorithm>: Integer constant
Indicates the type of algorithm (HMAC or MURMUR) used to hash the <String>:
MD4 familyHA_HMAC_MD4

MD5 familyHA_HMAC_MD5_128
Caution: this type of algorithm is currently deprecated.
MURMUR family
  • HA_MURMUR_1: Murmur algorithm version 1: 32-bit hash result
  • HA_MURMUR_2: Murmur algorithm version 2: 32-bit hash result
  • HA_MURMUR_2_64A: Murmur algorithm version 2: 64-bit hash result optimized for 64-bit processors
  • HA_MURMUR_2_64B: Murmur algorithm version 2: 64-bit hash result optimized for 32-bit processors
  • HA_MURMUR_2_A: Incremental Murmur algorithm version 2: 32-bit hash result
  • HA_MURMUR_2_BIG_ENDIAN: Murmur algorithm version 2 for big-endian machine: 32-bit hash result
  • HA_MURMUR_2_ALIGNE: Murmur algorithm version 2 for aligned machine: 32-bit hash result
  • HA_MURMUR_3_32: Murmur algorithm version 3: 32-bit hash result
  • HA_MURMUR_3_128_X86: Murmur algorithm version 3: 128-bit hash result optimized for 32-bit processors
  • HA_MURMUR_3_128_X64: Murmur algorithm version 3: 128-bit hash result optimized for 64-bit processors
RIPEMD family
  • HA_HMAC_RIPEMD_128
  • HA_HMAC_RIPEMD_160
SHA family
  • HA_HMAC_SHA_160
  • HA_HMAC_SHA_256
  • HA_HMAC_SHA_256_DOUBLE
  • HA_HMAC_SHA_384
  • HA_HMAC_SHA_512
SHA-3 family
  • HA_HMAC_SHA3_224
  • HA_HMAC_SHA3_256
  • HA_HMAC_SHA3_384
  • HA_HMAC_SHA3_512
TIGER family
  • HA_HMAC_TIGER_128
  • HA_HMAC_TIGER_160
  • HA_HMAC_TIGER_192
WHIRLPOOL familyHA_HMAC_WHIRLPOOL
  • MD4 / MD5 / SHA / RIPEMD algorithms: standard cryptographic hash functions.
  • TIGER/WHIRLPOOL algorithms: hash functions with high cryptographic properties optimized for the 64-bit mode (but can also be used in 32-bit mode).
  • MURMUR algorithm: very fast hash functions with no cryptographic properties. This algorithm is used by the "bloom filter" of bitcoin wallets.
<String>: Character string
String for which the Hash will be checked.
<Hash>: Character string
Hash of string to check. This Hash must be the result of HashString previously called for <String> using the <Type of algorithm>.
<Secret key>: Character string or Integer
Authentication key of message. This key must be identical to the one used to calculate the Hash.
WEBDEV - Browser code

Checking a hash with message authentication (HMAC algorithm) Hide the details

HashCheckString(<Type of algorithm> , <String> , <Hash> , <Secret key> , <WLanguage procedure>)
<Type of algorithm>: Integer constant
Indicates the type of algorithm (HMAC) used to hash the <String> string:
SHA family
  • HA_HMAC_SHA_160
  • HA_HMAC_SHA_256
  • HA_HMAC_SHA_384
  • HA_HMAC_SHA_512

Remarks:
  • These hash algorithms are not allowed in Internet Explorer.
  • These hash algorithms are not allowed in Edge.
<String>: Character string
String for which the Hash will be checked.
<Hash>: Character string
Hash of string to check. This Hash must be the result of HashString previously called for <String> using the <Type of algorithm>.
<Secret key>: Character string or Integer
Authentication key of message. This key must be identical to the one used to calculate the Hash.
<WLanguage procedure>: Procedure name
Name of the WLanguage procedure ("callback") called when hashing. This procedure is used to get the hash result. For more details, see Procedure used by HashCheckString.
WindowsLinux

Checking a hash obtained using a key derivation function that takes a salt as parameter (PBKDF2) Hide the details

HashCheckString(<Type of algorithm> , <String> , <Hash> , <Salt> , <Iteration> , <Length>)
<Type of algorithm>: Integer constant
Specifies the type of pseudo-random algorithm used by PBKDF2 to hash <String>:
MD4 familyHA_PBKDF2_HMAC_MD4
MD5 familyHA_PBKDF2_HMAC_MD5_128
Caution: this type of algorithm is currently deprecated.
RIPEMD family
  • HA_PBKDF2_HMAC_RIPEMD_128
  • HA_PBKDF2_HMAC_RIPEMD_160
SHA family
  • HA_PBKDF2_HMAC_SHA_160
  • HA_PBKDF2_HMAC_SHA_256
  • HA_PBKDF2_HMAC_SHA_256_DOUBLE
  • HA_PBKDF2_HMAC_SHA_384
  • HA_PBKDF2_HMAC_SHA_512
SHA-3 family
  • HA_PBKDF2_HMAC_SHA3_224
  • HA_PBKDF2_HMAC_SHA3_256
  • HA_PBKDF2_HMAC_SHA3_384
  • HA_PBKDF2_HMAC_SHA3_512
TIGER family
  • HA_PBKDF2_HMAC_TIGER_128
  • HA_PBKDF2_HMAC_TIGER_160
  • HA_PBKDF2_HMAC_TIGER_192
WHIRLPOOL familyHA_PBKDF2_HMAC_WHIRLPOOL
  • MD4 / MD5 / SHA / RIPEMD algorithms: standard cryptographic hash functions.
  • TIGER/WHIRLPOOL algorithms: hash functions with high cryptographic properties optimized for the 64-bit mode (but can also be used in 32-bit mode).
<String>: Character string
String for which the Hash will be checked.
<Hash>: Character string
Hash of string to check. This Hash must be the result of HashString previously called for <String> using the <Type of algorithm>.
<Salt>: Character string
Cryptographic salt identical to the one used to calculate the Hash.
<Iteration>: Integer
Number of iterations of the algorithm. This parameter must be identical to the one used to calculate the Hash.
<Length>: Integer
Length of the derived key. This parameter must be identical to the one used to calculate the Hash.
Remarks
PHP

Availability of algorithms

PHP Algorithms are available depending on the PHP server configuration ('mhash' extension, PHP 5 with native hash function, etc).

HashCheckString and UNICODE

Cross-platform development: To use Hash of strings between several platforms (a hash generated in iOS and checked in Android or Windows for example), no Unicode string must be used. Indeed, the Unicode strings do not have the same format according to the platforms. In this case, we advise you to use strings in ANSI or UTF 8 format (and to convert the Unicode strings if necessary).
Business / UI classification: Business Logic
Component: wd290com.dll
Minimum version required
  • Version 11
This page is also available for…
Comments
Click [Add] to post a comment

Last update: 05/26/2022

Send a report | Local help