You may not be authorized to see this content. Please contact Data Access Europe for more information.

Cancel Data Access Europe

You are not authorized to see this content.

Cancel Data Access Europe

Security the Basics

Introduction (1m 12s)

Install the workspace (2m 38s)

Data Protection (2m 49s)

Restrict database access to your applications (8m 44s)

Data in transit https Web (13m 15s)

SQL injection (3m 59s)

DataFlex Security Library overview (6m 46s)

Generic hashes (5m 55s)

Keyed hashes (5m 48s)

Data at rest (2m 52s)

Encryption Symmetric key encryption seclib (9m 11s)

Encryption Authenticated Encryption (seclib) (5m 37s)

Encryption Key Storage (1m 15s)

Access Control (2m 54s)

Authentication Overview (2m 32s)

Authentication Passcode Storage (7m 10s)

Authentication Passcode Storage (Web App) (5m 09s)

Key Derivation (6m 02s)

Authentication Stronger Passcodes (2m 54s)

Authentication 2FA (Web, seclib) (12m 03s)

Authentication Loose ends (2m 07s)

Next lesson:

Data at rest

Cancel

Security the Basics

Lesson 8: Keyed hashes

First, create a new handle
Handle hoKeyedHash.
Before reading the file, an object needs to be created
Get Create (RefClass(cSecureHash)) to hoKeyedHash.
A key also needs to be created
Uchar[] ucaKey.
Again, UChar array is used because it’s binary data.
Some random data needs to be applied this time. Normally, there would be a fixed key, but because this is a demonstration system, something random can be generated
Get RandomData of ghoSecurity (MinimumKeyBytes(ghoSecurity
C_SEC_HASH_CNG_HMAC_SHA256)) to ucaKey.
HMAC is used this time because they are keyed hashes. Like the static object above, a hash implementation also needs to be entered
Set piHashImplementation of hoKeyedHsh to C_SEC_HASH_CNG_HMAC_SHA256.
Next is to initialize the keyed hash object
Send Initialize of hoKeyedHash ucaKey.
Add to the original hash:
Send Update of hoKeyedHash ucaData
Finally, a section of code is copied and modified for the new hash…
1. Get Finalize of hoKeyedHash to ucaHash
2. Gen Bin2Hex of ghoSecurity ucaHash to sHexHash
3. Send AddHash of hoResultObject “HMAC SHA256” sHexHash
Press F5 to run the code. From the application screen, select VIEW from the top menu and then GENERATE FILE HASHES. Any file can be opened. Pressing the GENERATE button. Now two hashes are generated; one is shown as a ‘SHA256’ and the other is a ‘HMAC SHA256.’
The difference is that now a key is being used, so the result is different. Therefore, every time GENERATE is pushed, the original will remain the same, but the new, HMAC SHA256, will change.