I'm working on a ColdFusion site that needs to talk to another system through Webservices. For the other system I have a sample in PHP about how to generate a SHA512 based hash, and I'm trying to replicate the same function in ColdFusion but it is just not working.

The sample includes a string and key, and the expected encoded outcome. But I do not get the same encoded string with ColdFusion. Maybe I'm missing a ToBase64 or another conversion function somewhere, but I'm out of ideas and really need help to get this working.

Any help would be soo much appreciated.

Here's the PHP Sample Code

//signature to acquire a session$apiId = '1lie8ficql9h5';$apiSecret = 'j6hriaKY2iZi+Y2uo9JJldmO1Bq79XB8d1v2uHzAK0Zvy972mIs8ThsJSQeDlZJz+HzmLD6Q1MUZb5X1Zf9MzQ==';//build the string to sign//note the order of the entries is important.//The http headers must be in alphabetical order by key name$httpMethod = 'POST';$apiKey = 'x-csod-api-key:'.$apiId;$httpUrl = '/services/api/sts/session';date_default_timezone_set('UTC');$date = 'x-csod-date:'.date('Y-m-d').'T'.date('H:i:s').'.000';$stringToSign = $httpMethod."\n".$apiKey."\n".$date."\n".$httpUrl;/* produces the following string:*  POST\nx-csod-api-key:1lie8ficql9h5\nx-csod-date:2015-09-08T11:27:32.000\n/services/api/sts/session*///Generate the signature$secretKey = base64_decode($apiSecret);$signature = base64_encode(hash_hmac('sha512', $stringToSign, $secretKey, true));/** signature produced:* 3x5ETGSoqJa4vLl8gOFzdhxReOS0k8Nk2CpKVFN2A60ItF8wfP2tr+GUY2mELXjL90B57B5imLIrzou3ZQMfqQ==*/

Here's the ColdFusion code I have, but it's not producing the same encoded string:

<cfoutput><cfset api_id=      "1lie8ficql9h5"><cfset api_secret=  "j6hriaKY2iZi+Y2uo9JJldmO1Bq79XB8d1v2uHzAK0Zvy972mIs8ThsJSQeDlZJz+HzmLD6Q1MUZb5X1Zf9MzQ=="><cfset api_string= "POST\nx-csod-api-key:1lie8ficql9h5\nx-csod-date:2015-09-08T11:27:32.000\n/services/api/sts/session"><cfset temp_key= ToString(ToBinary( api_secret))><cfset temp_signature= HMAC( api_string, temp_key, "HMACSHA512", "UTF-8")><cfset temp_signature1= ToBase64( temp_signature)>api_string:<br> #api_string#<br><br>temp_signature:<br> #temp_signature#<br>temp_signature1:<br> #temp_signature1#<br><br>EXPECTED: (Copied from the PHP Sample code)<br>3x5ETGSoqJa4vLl8gOFzdhxReOS0k8Nk2CpKVFN2A60ItF8wfP2tr+GUY2mELXjL90B57B5imLIrzou3ZQMfqQ==</cfoutput>

I am trying to make an application that takes user's input and it hashes it using the SHA512 algorithm. I have got the code to compile without any issues (using g++) but then i realised that the output of the is binary. Thus, i have used the answer from this post to convert the output from binary to ASCII.

#include <iostream>   #include <string.h> #include <stdio.h>          #include <stdlib.h>#include <fstream>#include <openssl/sha.h>using namespace std;//Ignore some of these libraries since i am going to use them in the futureint main() {  unsigned char password[] = "tudor";  unsigned char hash[SHA512_DIGEST_LENGTH];  SHA512(password,size_t strlen(password), hash);  for(int i = 0; i < SHA512_DIGEST_LENGTH; ++i) {    printf("%02x", (unsigned char)hash[i]);  }  cout<<endl;  return 0;}

The weird thing is that each and single time i run the code there is a different output and none of them match this correct hash:

89FF151754C48795A26F43797E9B50ADAB82D1A2DD1B6329E9ACD49B2C6F7BF60960146ED286C14AE702886C49F1261B25F064FC63F4195597C6346F3C35A68D

I am a noob at C++ and i might have done something wrong when using the SHA512 function so that might be why.

Thank you for your answers, as always.

I'm trying to duplicate PHP's crypt() function in JavaScript with regards to generating a SHA512 hash, such as this:

$hash = crypt( $text, '$6$' . $salt );

This generates something like this:

$6$salt$hashedtext

I'm trying with CryptoJS, like this:

var hash = CryptoJS.SHA512( text );

And this does generate the SHA512 hash for me, like this:

hashedtext

But I don't see any way to supply a salt. I've never used CryptoJS before, so I'm totally novice on this.. but I've done some googling and haven't been able to locate an answer to this. Hopefully it's simple and just evading me.

How can I generate a string that matches the above-formatted string returned by the crypt() example?

I am trying to use a payment module in OpenCart version 2.0.1.1, and I need to update our Hash to HMAC-SHA-512, so the checkout page authorizes successfully. I just don´t know how to change the hash and where exactly I can do this.

We use Plesk, with PHP 7. The domain is www.didikong.de

The payment module is WireCard Checkout Page version 1.2.0.

So this wirecard generates a Fingerprint, which is encrypted via HMAC-SHA-512. And our website uses SSL.

Thanks in Advance.

Is there a repository which can tell US which Linux / UNIX version compatible with SHA512 password hashing algorithms.

However for RHEL 5 & 6 ..

The kickstart parameter to set password hashing algorithm is:

authconfig --passalgo=sha256 --kickstartOR

authconfig --passalgo=sha512 --kickstart

To switch to SHA-256 or SHA-512 on an already installed Red Hat Enterprise Linux, run the following command

authconfig --passalgo=sha256 --update

OR

authconfig --passalgo=sha512 --update