topic Re: SHA256 Encryption in SAS Programming

SHA256 Encryption

Deen — Wed, 17 Feb 2016 21:44:36 GMT

Hi All,

Do we have Encryption function which supports SHA256 in SAS9.3? I saw this function exists in SAS 9.4 but

per the new features SAS9.3 in bleow link

http://support.sas.com/documentation/cdl/en/whatsnew/64209/HTML/default/viewer.htm#p1fvz9q0q3wo8xn1lzo578emenup.htm

it says that SHA256 encrpytion does exist in SAS 9.3.

Please suggest.

Thanks,

Deen

Re: SHA256 Encryption

LinusH — Wed, 17 Feb 2016 22:30:17 GMT

It does for encrypting passwords, but I don't think it became a part of the SAS Language until 9.4.

Re: SHA256 Encryption

ChrisHemedinger — Thu, 18 Feb 2016 00:46:58 GMT

The SHA256 function was added in SAS 9.4m1. See this post: A fresh helping of hash: the SHA256 function in SAS 9.4m1.

I'm pretty sure that it wasn't present before then, even as an undocumented function. I remember researching that before I wrote the blog post...

My colleague Rick Langston will have a Hashing Technique paper published for SAS Global Forum (April) -- might be of interest!

Re: SHA256 Encryption

Deen — Wed, 09 Mar 2016 16:20:05 GMT

I see that SHA-256 encryption is availbale in SASv9.4 but also I see that its available in SAS9.3 in below link (under Encrpyption section)

http://support.sas.com/documentation/cdl/en/whatsnew/65742/HTML/default/viewer.htm#p1fvz9q0q3wo8xn1lzo578emenup.htm

but I think it requires SAS/Secure license..is it correct?

Re: SHA256 Encryption

FriedEgg — Wed, 09 Mar 2016 17:35:21 GMT

You can use the method I shared at the following link to create a hashing function for use in SAS prior to v9.4 where many new functions for this were added

https://gist.github.com/FriedEgg/79ad315afa1b315e8ac3

PROC GROOVY was introduced in SAS 9.3 but this method will work similarly for version prior using Java Component Objects and compiling the Java classes outside of SAS. I do not have a example specific for plain SHA-256, however, the SHA-1 examples should be very easily adaptable.

I have a write-up for this as well:

https://communities.sas.com/t5/Base-SAS-Programming/Enable-SHA1-Hash-MessageDigest-in-SAS-with-Javaobj/td-p/28315

Re: SHA256 Encryption

ChrisHemedinger — Thu, 10 Mar 2016 17:56:50 GMT

I think the feature you've referenced in SAS 9.3 was using SAS/SECURE, which encrypts data "on the wire". SAS/SECURE is part of the Base package in SAS 9.4, but yes -- a separate license was needed in SAS 9.3.

Re: SHA256 Encryption

Deen — Sun, 27 Mar 2016 23:39:33 GMT

I think this would work and looks like simple..

looks like it requires java..

but it seems I need to get java on my machine..

do you have similar code which uses Groovy...I read something on Proc Groovy..something there should be in proc groovy to achieve this..

meanwhile I do further research.. could you please post some commands in proc groovy to achieve sha256 in sas9.3

Thanks a lot!!

Re: SHA256 Encryption

Deen — Mon, 28 Mar 2016 00:27:57 GMT

also

i tried to make use of the proc groovy from one of your sugested programs in below link

https://gist.github.com/FriedEgg/79ad315afa1b315e8ac3

%let toHash=something to hashify;

proc groovy;

submit "&toHash.";
import java.security.MessageDigest
exports.sha1 = new BigInteger(1, MessageDigest.getInstance("SHA1").digest(args[0].getBytes())).toString(16)
endsubmit;

quit;

%put &sha1.;

it produces below result

8d3d5f3c32ca98e8d9c4125509b3d7a00466d296

I think above code performs SHA256 hashing ...

and when I test above code for 'abc123' text as below its not producing the desired result as one of our requirements.

%let toHash=abc123;

proc groovy;

submit "&toHash.";
import java.security.MessageDigest
exports.sha1 = new BigInteger(1, MessageDigest.getInstance("SHA1").digest(args[0].getBytes())).toString(16)
endsubmit;

quit;

%put &sha1.;

am getting below result for the above code.

6367c48dd193d56ea7b0baad25b19455e529f5ee

but whereas expected result for hashing 'abc123' text using SHA256 algorithm is below.

Pbb2/dJkywFxhuW2O33twGm+Gu67UfoEFupDMUeBnuo=

the requirement is below from our end user.

Hashing Requirements

1.Concatenate last name and date of birth to create Salt input

–Last Name is uppercase

–Date is in string format YYYY-MM-DD

–Output as string (varchar), e.g. "JONES1983-12-30’

2.Hash result from Step 1 one time using SHA 256 to create the Salt

3.Concatenate the results from Steps 1 and 2

4.Convert result from Step 3 to lower case and remove binary "0x"

5.Hash result from Step 4 one time using SHA 256

6.Hash result of Step 5 for 1000 iterations

7.Base 64 hashed result from step 6

8.Output value in ME998

Hashing Audit

Hashed value for ‘abc123’ based on single round, should be:

Pbb2/dJkywFxhuW2O33twGm+Gu67UfoEFupDMUeBnuo=

if I have a proc groovy code or any suggestions to achieve above requirement it would be really helpful.

Thanks..

Re: SHA256 Encryption

FriedEgg — Mon, 28 Mar 2016 02:14:49 GMT

@Deen

You are using SHA-1 encrypting in the code you posted. Which is what my example you used does... not SHA-256. The correct value for SHA-256 encryption is

6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090

for an input value of:

abc123

Your requirements go far beyond just a regular SHA-256 hash and several components of those instructions make little to no sense to me. They appear to be written for some specific platform rather than a generalization...

Step 4. The notion of removing a binary '0x' doesn't make sense, but lets assume that this just means that we want to convert the byte array produced in step2 to a string of hex values in the form of

6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090

rather than

0x6ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090

No matter what, this isn't 'binary'

Next, we want to convert that value to lower case, so step4 is ultimately equal to

abc1236ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090

or are we expected to somewhere convert the result of step 1 to a hex string as well?

616263313233366ca13d52ca70c883e0f0bb101e425a89e8624de51db2d2392593af6a84118090

Is this then meant to get hashed with SHA-256 as a string or as a byte array of itself? Very unclear instructions...

Finally in Step 8, I've never heard of anything called ME998 before, so, I am left to assume this is some internal system or table to your environment.

Regardless of the method I tried as outlined above, I cannot produce the 'expected' output you provided.

import java.security.MessageDigest
import java.security.NoSuchAlgorithmException
import javax.xml.bind.DatatypeConverter

def toHexString(byte[] bytes) {
    return DatatypeConverter.printHexBinary(bytes)
}
def toByteArray(String s) {
    return DatatypeConverter.parseHexBinary(s)
}

def Sha256(byte[] bytes) throws NoSuchAlgorithmException {
    MessageDigest md = MessageDigest.getInstance("SHA-256")
    md.update(bytes)
    return md.digest()
}

def Base64(byte[] bytes) {
    return new String(Base64.getEncoder().encodeToString(bytes))
}

def merryGoRound(byte[] bytes) {
    step6 = bytes
    for (i=0; i<1000; i++) { step6 = Sha256(step6) }
    return step6
}
def DeenEncrypt1(String input) {
    step2 = Sha256(input.getBytes())
    step3 = input + toHexString(step2)
    step4 = step3.toLowerCase()
    step5 = Sha256(step4.getBytes())
    step6 = merryGoRound(step5)
    step7 = Base64(step6)
    return step7
}

def DeenEncrypt2(String input) {
    step2 = Sha256(input.getBytes())
    step3 = toHexString(input.getBytes()) + toHexString(step2)
    step4 = step3.toLowerCase()
    step5 = Sha256(step4.getBytes())
    step6 = merryGoRound(step5)
    step7 = Base64(step6)
    return step7
}

def DeenEncrypt3(String input) {
    step2 = Sha256(input.getBytes())
    step3 = toHexString(input.getBytes()) + toHexString(step2)
    step4 = step3.toLowerCase()
    step5 = Sha256(toByteArray(step4))
    step6 = merryGoRound(step5)
    step7 = Base64(step6)
    return step7
}

def to0xString(byte[] bytes) {
    return "0x" + toHexString(bytes)
}

def DeenEncrypt4(String input) {
    step2 = Sha256(input.getBytes())
    step3 = input + toHexString(step2)
    step4 = step3.toLowerCase()
    step5 = Sha256(step4.getBytes())
    step6 = to0xString(step5)
    for (i=0; i<999; i++) { step6 = to0xString(Sha256(step6.getBytes()))}
    step7 = Base64(Sha256(step6.getBytes()))
    return step7
}

myString="abc123"
println(DeenEncrypt1(myString))
//Ir4+t3lTvPeE0s+daBIZY3btG0u8ist8znq6FnhIJNc=
println(DeenEncrypt2(myString))
//UqPhYbaI/bZ5s7jO3jnVIfPP4mT+BvPDYLWgInRSHB4=
println(DeenEncrypt3(myString))
//pobTckp4TAuDudylcugnzJGBc9YM4poSUPRk2zTgHrY=
println(DeenEncrypt4(myString))
//2wQPtEPxQJLCkmpH1Bo4t1OFqdcnGR8bzA7/uUrDiTY=

I would recommend you get some clearer hashing requirements

Re: SHA256 Encryption

Deen — Mon, 28 Mar 2016 03:08:14 GMT

Matt,

Thanks for your prompt response with more detailed explanation . I will test your code once again and test our requirements.

You got the correct understanding about our requirement.however, after my testing and would check with the requirements once again..

Thanks a ton!!!

Re: SHA256 Encryption

Deen — Mon, 28 Mar 2016 19:27:38 GMT

Matt,

I tried to test your code by keeping it between proc groovy and quit but somehow i was getting bleow error.

81     import java.security.MessageDigest
       ------
       180
ERROR 180-322: Statement is not valid or it is used out of proper order.

100                  i<1000;
                     -
                     180
ERROR 180-322: Statement is not valid or it is used out of proper order.

100                          i++) { step6 = Sha256(step6) }
                             -
                             180
ERROR 180-322: Statement is not valid or it is used out of proper order.

139                  i<999;
                     -
                     180
ERROR 180-322: Statement is not valid or it is used out of proper order.

139                         i++) { step6 = to0xString(Sha256(step6.getBytes()))}
                            -
                            180
ERROR 180-322: Statement is not valid or it is used out of proper order.

Here are the clear requirements recieved from end user.

Step 1: hashing the input ('abc123' in our example) using SHA 256 algorithm
Step 2: input + lower (convert to hexadecimal(step 1 result))
Step 3: hashing the step 2 result using SHA 256 algorithm
Step 4: hashing the step 3 result for 1000 times using SHA 256 algorithm

Hashed value for ‘abc123’ based on single round, should be:

Pbb2/dJkywFxhuW2O33twGm+Gu67UfoEFupDMUeBnuo=

Hashed value on above result after 1000 rounds, should be:

aJDhkskZ9OwP1n1akIoOgReHjm+iFJ0ofPt3CNhvFy8=

Re: SHA256 Encryption

FriedEgg — Mon, 28 Mar 2016 19:49:30 GMT

You requirements are still missing a component to fully make sense.

Most obviously, the two strings you posted here are Base64 encoded, which isn't in the instructions. I can now duplicate the 'single round' value. When does the Base64 encoding applied? Just for display? In between each round?

Re: SHA256 Encryption

Deen — Mon, 28 Mar 2016 20:19:03 GMT

Thanks for your response

Re: SHA256 Encryption

Deen — Mon, 28 Mar 2016 20:20:49 GMT

yes for display purpose only we need Base64 encoding.

Re: SHA256 Encryption

FriedEgg — Mon, 28 Mar 2016 21:57:52 GMT

Okay, turns out the problem is that the last step should read... Hash it 999 more times, for 1000 total... Not 1000 more times...

Re: SHA256 Encryption

FriedEgg — Mon, 28 Mar 2016 22:33:35 GMT

filename groovy temp;

proc http method='get'
url="http://central.maven.org/maven2/org/codehaus/groovy/groovy-all/2.4.6/groovy-all-2.4.6.jar"
out=groovy;
run;

filename xmlbind temp;

proc http method='get'
url="http://central.maven.org/maven2/javax/xml/bind/jaxb-api/2.2.12/jaxb-api-2.2.12.jar"
out=xmlbind;
run;

filename cp temp;

options set=classpath= "%sysfunc(pathname(cp,f))";

proc groovy classpath=cp;
add classpath=groovy;
add classpath=xmlbind;
add sasjar="commons_codec" version="1.7.0.0_SAS_20121211183158"; *version is specific to SAS Installation and may differ from this;

submit parseonly;

import javax.xml.bind.DatatypeConverter
import java.security.MessageDigest
import java.security.NoSuchAlgorithmException
import java.util.ArrayList
import org.apache.commons.codec.binary.Base64

/**
 * DeenHash Requirements
 *
 *
 * 1. Hash an input String (ex. "abc123") using SHA-256 algorithm
 * 2. Concatenate input string + hexDump of step1 result
 * 3. Hash step2 result using SHA-256 algorithm
 *      a. this marks a single-round
 *      b. print raw step3 result in Base64 encoding
 * 4. Hash step3 result 999 additional times using SHA-256 algorithm
 */
public class DeenHash {

    private String input = "abc123";
    private String algorithm = "SHA-256";
    protected ArrayList<byte[]> results=new ArrayList();

    public DeenHash() {}

    public DeenHash(String input) {
        setInput(input);
    }

    public DeenHash(String algorithm, String input) throws NoSuchAlgorithmException{
       setAlgorithm(algorithm);
    }

    public String getInput() {
        return this.input;
    }

    public void setInput(String input) {
        this.input = input;
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String algorithm) throws NoSuchAlgorithmException {
        MessageDigest.getInstance(algorithm);
        this.algorithm = algorithm;
    }

    private String toHexString(byte[] bytes) {
        return DatatypeConverter.printHexBinary(bytes);
    }

    private String toBase64(byte[] bytes) {
        Base64 base64 = new Base64();
        return new String(base64.encode(bytes));
    }

    private byte[] merryGoRound(byte[] bytes) throws NoSuchAlgorithmException {
        byte[] step4 = bytes;
        for (int i=0; i<999; i++) { step4 = doSingleHash(step4); }
        return step4;
    }

    public byte[] doSingleHash(byte[] bytes) throws NoSuchAlgorithmException {
        MessageDigest md = MessageDigest.getInstance(this.algorithm);
        md.update(bytes);
        return md.digest();
    }

    public void doDeenHash() throws NoSuchAlgorithmException {
        byte[] step1 = doSingleHash(this.input.getBytes());
        String step2 = this.input + toHexString(step1).toLowerCase();
        byte[] step3 = doSingleHash(step2.getBytes());
        this.results.add(step3);
        byte[] step4 = merryGoRound(step3);
        this.results.add(step4);
    }

    public String getFinalHash() {
        return toBase64(this.results.get(1));
    }

    public String getInitialHash() {
        return toBase64(this.results.get(0));
    }

    public void main(String[] args) {
        if (args.length == 1) {
            setInput(args[0]);
        } else if (args.length == 2) {
            try {
                setAlgorithm(args[0]);
                setInput(args[1]);
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }
        }

        try {
            doDeenHash();
            System.out.println("Single Round: " + toBase64(this.results.get(0)));
            System.out.println("Final Round: " + toBase64(this.results.get(1)));
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
    }
}
endsubmit;

submit;
foo = new DeenHash()
foo.main()
endsubmit;

quit;

data foo;
input foo $;
cards;
abc123
;
run;

data _null_;
dcl javaobj hash('DeenHash');
do until(done);
set foo end=done;
length one thousand $ 64;
hash.callVoidMethod('setInput',strip(foo)); *strip is important;
hash.callVoidMethod('doDeenHash');
hash.callStringMethod('getInitialHash',one);
hash.callStringMethod('getFinalHash',thousand);
put (one thousand) (=/);
end;
stop;
run;

 190        endsubmit;
 NOTE: The SUBMIT command completed.
 191        
 192        submit;
 193        foo = new DeenHash()
 194        foo.main()
 195        endsubmit;
 Single Round: Pbb2/dJkywFxhuW2O33twGm+Gu67UfoEFupDMUeBnuo=
 Final Round: aJDhkskZ9OwP1n1akIoOgReHjm+iFJ0ofPt3CNhvFy8=
 NOTE: The SUBMIT command completed.
 196        
 197        quit;
 
 NOTE: PROCEDURE GROOVY used (Total process time):
       real time           0.14 seconds
       cpu time            0.01 seconds

 215        put (one thousand) (=/);
 216        end;
 217        stop;
 218        run;
 
 one=Pbb2/dJkywFxhuW2O33twGm+Gu67UfoEFupDMUeBnuo=
 thousand=aJDhkskZ9OwP1n1akIoOgReHjm+iFJ0ofPt3CNhvFy8=
 NOTE: There were 1 observations read from the data set WORK.FOO.
 NOTE: DATA statement used (Total process time):
       real time           0.02 seconds
       cpu time            0.00 seconds

Re: SHA256 Encryption

Deen — Tue, 29 Mar 2016 02:52:17 GMT


NOTE: PROCEDURE HTTP used (Total process time):
      real time           8.63 seconds
      cpu time            0.21 seconds



NOTE: PROCEDURE HTTP used (Total process time):
      real time           0.15 seconds
      cpu time            0.01 seconds


NOTE: The ADD CLASSPATH command completed.
NOTE: The ADD CLASSPATH command completed.
NOTE: The ADD CLASSPATH command completed.
java.lang.IllegalArgumentException: Failed to find sasjar commons_codec
1.7.0.0_SAS_20121211183158.
     at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
     at
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:44)
     at
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java
:27)
     at java.lang.reflect.Constructor.newInstance(Constructor.java:516)
     at org.codehaus.groovy.reflection.CachedConstructor.invoke(CachedConstructor.java:77)
     at
org.codehaus.groovy.reflection.CachedConstructor.doConstructorInvoke(CachedConstructor.java:71)
     at
org.codehaus.groovy.runtime.callsite.ConstructorSite$ConstructorSiteNoUnwrap.callConstructor(Con
structorSite.java:84)
     at
org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallConstructor(CallSiteArray.java:52)
     at
org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:192)
     at
org.codehaus.groovy.runtime.callsite.AbstractCallSite.callConstructor(AbstractCallSite.java:200)
     at Script9.findJar(Script9.groovy:2)
     at Script9$findJar.callCurrent(Unknown Source)
     at
org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCallCurrent(CallSiteArray.java:44)
     at
org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:143)
     at
org.codehaus.groovy.runtime.callsite.AbstractCallSite.callCurrent(AbstractCallSite.java:159)
     at Script9.run(Script9.groovy:3)
ERROR: Failed to add sasjar commons_codec.
ERROR: The SUBMIT command failed.
org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
script14592196615082045114769.groovy: 6: unable to resolve class
org.apache.commons.codec.binary.Base64
 @ line 6, column 1.
   import org.apache.commons.codec.binary.Base64
   ^

1 error

     at org.codehaus.groovy.control.ErrorCollector.failIfErrors(ErrorCollector.java:296)
     at org.codehaus.groovy.control.CompilationUnit.applyToSourceUnits(CompilationUnit.java:860)
     at org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:521)
     at
org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:497)
     at org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:474)
     at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:292)
     at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:263)
     at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:207)
     at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:217)
ERROR: The SUBMIT command failed.
org.codehaus.groovy.control.MultipleCompilationErrorsException: startup failed:
Script10.groovy: 1: unable to resolve class DeenHash
 @ line 1, column 7.
   foo = new DeenHash()
         ^

1 error

     at org.codehaus.groovy.control.ErrorCollector.failIfErrors(ErrorCollector.java:296)
     at org.codehaus.groovy.control.CompilationUnit.applyToSourceUnits(CompilationUnit.java:860)
     at org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:521)
     at
org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:497)
     at org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:474)
     at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:292)
     at groovy.lang.GroovyShell.parseClass(GroovyShell.java:727)
     at groovy.lang.GroovyShell.parse(GroovyShell.java:739)
     at groovy.lang.GroovyShell.parse(GroovyShell.java:766)
     at groovy.lang.GroovyShell.parse(GroovyShell.java:757)

NOTE: The SAS System stopped processing this step because of errors.
NOTE: PROCEDURE GROOVY used (Total process time):
      real time           1.31 seconds
      cpu time            0.00 seconds




NOTE: The data set WORK.FOO has 1 observations and 1 variables.
NOTE: DATA statement used (Total process time):
      real time           0.05 seconds
      cpu time            0.00 seconds



WARNING: Could not initialize classpath.  Classpath variable is not set.
ERROR: Could not find class DeenHash at line 925 column 17.  Please ensure that the CLASSPATH
       is correct.
ERROR: DATA STEP Component Object failure.  Aborted during the EXECUTION phase.
java.lang.ClassNotFoundException: DeenHash
     at java.lang.ClassNotFoundException.<init>(ClassNotFoundException.java:77)
     at java.net.URLClassLoader.findClass(URLClassLoader.java:385)
     at java.lang.ClassLoader.loadClass(ClassLoader.java:653)
     at groovy.lang.GroovyClassLoader.loadClass(GroovyClassLoader.java:674)
     at groovy.lang.GroovyClassLoader.loadClass(GroovyClassLoader.java:773)
     at java.lang.ClassLoader.loadClass(ClassLoader.java:619)
NOTE: The SAS System stopped processing this step because of errors.
NOTE: There were 1 observations read from the data set WORK.FOO.
NOTE: DATA statement used (Total process time):
      real time           0.27 seconds
      cpu time            0.00 seconds

/*****Here is the code which I used for above log file***********/

filename groovy '$DATA/deen_temp.html';

proc http method='get'
url="http://central.maven.org/maven2/org/codehaus/groovy/groovy-all/2.4.6/groovy-all-2.4.6.jar"
out=groovy;
run;

filename xmlbind '$DATA/deen_xml.html';

proc http method='get'
url="http://central.maven.org/maven2/javax/xml/bind/jaxb-api/2.2.12/jaxb-api-2.2.12.jar"
out=xmlbind;
run;

filename cp '$DATA/deen_hash.txt';

options set=classpath= "%sysfunc(pathname(cp,f))";

proc groovy classpath=cp;
add classpath=groovy;
add classpath=xmlbind;
add sasjar="commons_codec" version="1.7.0.0_SAS_20121211183158"; *version is specific to SAS Installation and may differ from this;

submit parseonly;

import javax.xml.bind.DatatypeConverter
import java.security.MessageDigest
import java.security.NoSuchAlgorithmException
import java.util.ArrayList
import org.apache.commons.codec.binary.Base64

/**
 * DeenHash Requirements
 *
 *
 * 1. Hash an input String (ex. "abc123") using SHA-256 algorithm
 * 2. Concatenate input string + hexDump of step1 result
 * 3. Hash step2 result using SHA-256 algorithm
 *      a. this marks a single-round
 *      b. print raw step3 result in Base64 encoding
 * 4. Hash step3 result 999 additional times using SHA-256 algorithm
 */
public class DeenHash {

    private String input = "abc123";
    private String algorithm = "SHA-256";
    protected ArrayList<byte[]> results=new ArrayList();

    public DeenHash() {}

    public DeenHash(String input) {
        setInput(input);
    }

    public DeenHash(String algorithm, String input) throws NoSuchAlgorithmException{
       setAlgorithm(algorithm);
    }

    public String getInput() {
        return this.input;
    }

    public void setInput(String input) {
        this.input = input;
    }

    public String getAlgorithm() {
        return this.algorithm;
    }

    public void setAlgorithm(String algorithm) throws NoSuchAlgorithmException {
        MessageDigest.getInstance(algorithm);
        this.algorithm = algorithm;
    }

    private String toHexString(byte[] bytes) {
        return DatatypeConverter.printHexBinary(bytes);
    }

    private String toBase64(byte[] bytes) {
        Base64 base64 = new Base64();
        return new String(base64.encode(bytes));
    }

    private byte[] merryGoRound(byte[] bytes) throws NoSuchAlgorithmException {
        byte[] step4 = bytes;
        for (int i=0; i<999; i++) { step4 = doSingleHash(step4); }
        return step4;
    }

    public byte[] doSingleHash(byte[] bytes) throws NoSuchAlgorithmException {
        MessageDigest md = MessageDigest.getInstance(this.algorithm);
        md.update(bytes);
        return md.digest();
    }

    public void doDeenHash() throws NoSuchAlgorithmException {
        byte[] step1 = doSingleHash(this.input.getBytes());
        String step2 = this.input + toHexString(step1).toLowerCase();
        byte[] step3 = doSingleHash(step2.getBytes());
        this.results.add(step3);
        byte[] step4 = merryGoRound(step3);
        this.results.add(step4);
    }

    public String getFinalHash() {
        return toBase64(this.results.get(1));
    }

    public String getInitialHash() {
        return toBase64(this.results.get(0));
    }

    public void main(String[] args) {
        if (args.length == 1) {
            setInput(args[0]);
        } else if (args.length == 2) {
            try {
                setAlgorithm(args[0]);
                setInput(args[1]);
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }
        }

        try {
            doDeenHash();
            System.out.println("Single Round: " + toBase64(this.results.get(0)));
            System.out.println("Final Round: " + toBase64(this.results.get(1)));
        } catch (NoSuchAlgorithmException e) {
            e.printStackTrace();
        }
    }
}
endsubmit;

submit;
foo = new DeenHash()
foo.main()
endsubmit;

quit;

data foo;
input foo $;
cards;
abc123
;
run;

data _null_;
dcl javaobj hash('DeenHash');
do until(done);
set foo end=done;
length one thousand $ 64;
hash.callVoidMethod('setInput',strip(foo)); *strip is important;
hash.callVoidMethod('doDeenHash');
hash.callStringMethod('getInitialHash',one);
hash.callStringMethod('getFinalHash',thousand);
put (one thousand) (=/);
end;
stop;
run;

Re: SHA256 Encryption

Deen — Tue, 29 Mar 2016 02:55:01 GMT

Matt,

Its good to know that you got some solution (Yey!!!) Thanks for your support....

but It seems there is some issue in our environment or in my code execution. I provided the code along with the log file (contains error).

and I use SAS 9.3 in IBM -AIX OS. Please let me know how to make it successful at my end..

Re: SHA256 Encryption

FriedEgg — Tue, 29 Mar 2016 12:37:59 GMT

@Deen

As I noted in the comment for the line that gave you the error:

add sasjar="commons_codec" version="1.7.0.0_SAS_20121211183158"; *version is specific to SAS Installation and may differ from this;

You need to find the correct version number for you installation.

You can find this by browsing your SAS installation

ls -d /path/to/SASHome/SASVersionedJarRepository/9.3/eclipse/plugins/commons_codec*

This should display something like

/path/to/SASHome/SASVersionedJarRepository/9.3/eclipse/plugins/commons_codec_1.3.0.0_SAS_20081023153014/

You want to then modify the proc groovy with the correct version

add sasjar="commons_codec" version="1.3.0.0_SAS_20081023153014";

Re: SHA256 Encryption

Deen — Tue, 29 Mar 2016 15:14:14 GMT

I found the right sasjar version and executed the code below is log file. though it shows couple of warnings but it produced the desired result.


NOTE: PROCEDURE HTTP used (Total process time):
      real time           9.42 seconds
      cpu time            0.21 seconds



NOTE: PROCEDURE HTTP used (Total process time):
      real time           0.20 seconds
      cpu time            0.01 seconds


NOTE: The ADD CLASSPATH command completed.
NOTE: The ADD CLASSPATH command completed.
NOTE: The ADD CLASSPATH command completed.
WARNING: SAS jars do not have a source compatibility guarantee across versions of SAS. Future
         versions of these jars can change without notice.
NOTE: The ADD SASJAR command completed.
NOTE: The SUBMIT command completed.
Single Round: Pbb2/dJkywFxhuW2O33twGm+Gu67UfoEFupDMUeBnuo=

Final Round: aJDhkskZ9OwP1n1akIoOgReHjm+iFJ0ofPt3CNhvFy8=

NOTE: The SUBMIT command completed.

NOTE: PROCEDURE GROOVY used (Total process time):
      real time           0.64 seconds
      cpu time            0.00 seconds



NOTE: The data set WORK.FOO has 1 observations and 1 variables.
NOTE: DATA statement used (Total process time):
      real time           0.13 seconds
      cpu time            0.00 seconds



WARNING: Could not initialize classpath.  Classpath variable is not set.

one=Pbb2/dJkywFxhuW2O33twGm+Gu67UfoEFupDMUeBnuo=

thousand=aJDhkskZ9OwP1n1akIoOgReHjm+iFJ0ofPt3CNhvFy8=

NOTE: There were 1 observations read from the data set WORK.FOO.
NOTE: DATA statement used (Total process time):
      real time           0.00 seconds
      cpu time            0.00 seconds

If any quick suggestions to resolve the warning it would be really helpful for me ..also meanwhile, I need to extend this functionality to apply this hashing on a big dataset column for final requirements.