Sunday, January 28, 2007

SHA2() patch for MySQL 5.0

I've created a patch for MySQL 5.0.33 to provide a function SHA2().
Download it here:

http://www.karwin.com/sha2.patch.gz

It really just calls out to the OpenSSL library for the digest functions. So you have to build MySQL from source with OpenSSL support enabled.

You can use the function in SQL syntax like:

SELECT SHA2('message', 256);

The second argument is 224, 256, 384, or 512, depending on what digest algorithm you want to use. If you pass 0 as the second argument, it uses SHA-256.

This is my first code contribution to MySQL. I'd be grateful if someone wants to review it and let me know if it needs any changes.

UPDATE 2/5/2007: I re-packaged the patch, excluding more of the MySQL generated files. Thanks to Stewart Smith @ MySQL for the suggestion.

UPDATE 12/3/2010: MySQL 5.5.8 has been released for General Availability, including my SHA2() patch. Happy day!

2 comments:

PakK_Pl said...

INCORECT!!!
Hash on '7cbe15d7435fa515db1f76b174d8801a44f90cf2bd3e386c411b54d5f7000740sss'
returns:
'9c0f15d7856d96e2f5c4ddc9800561fbb4360e889c844097d269a4c9aa24cdb'
correct value is
''9c0f15d7856d96e2f5c4ddc9800561fbb4360e889c8440970d269a4c9aa24cdb'

Bill Karwin said...

Hi PakK_PI,

You report an incorrect output that is only 63 hex digits long, but a SHA256 digest should always be 64 digits long. The incorrect string you report is identical to the correct output, except that the 50th hex digit is missing. I suspect tampering.

I just tested your input string against MySQL 5.5.8, and it produces the correct output.