Calculate & Validate Checksum with Mule 4

Updated: Oct 9

Do you have an important file that you want to determine if its been tampered with or obtained errors during transmission? This can be done by validating the data integrity of the file. This post is the second in a series of posts that focuses on security around Mule applications. The previous post focused on hash functions in the DataWeave crypto library. If interested in the previous post, feel free to check it out here. This post will discuss the two Checksum operations in Mule 4's Cryptography module .

What is a checksum?

A checksum is a unique value resulting from running a cryptographic hash function. This function takes in a string representation (or file) and assigns it a hash value. If the hash value of the checksum of the original file is known, then it can be validated.


In this case the sender runs his/her file through the hash function utility and receives an assigned value. This value is provided to the receiver. Once the file is downloaded the receiver takes the file and runs it through a hash function utility. The result is compared with the checksum value of the original file.


Validation Outcomes

  • A successful validation occurs when the expected checksum (checksum of the original file) matches the actual checksum of the copy of the file that was sent to the receiver.

  • An unsuccessful validation occurs when the expected checksum (checksum of the original file) does not match the actual checksum of the copy of the file that was sent to the receiver.

The receiver will use the validation results to determine if the data integrity of the file has been upheld.


How does the receiver know the expected checksum?

The sender will provide the receiver with the expected checksum. In cases where the receiver downloads a file from a website, the sender may provide the expected checksum value as part of the content on the website. The screenshot below is the SHA-256 checksum that MuleSoft provides to developers downloading AnypointStudio-7.8.0-win64.zip. The highlighted portion of the screenshot represents the initial checksum value assigned to the file. In this scenario the checksum value is shown in plain sight.

If the receiver is downloading the file from an Application Programming Interface (API), the sender may include a checksum value in the response headers or body associated with the request. Check out these APIs:

How can we calculate and validate checksums in Mule 4?

As mentioned earlier, Mule offers a Cryptography module that allows developers to build in their flows the ability to calculate and validate checksums. Let's get started!


Installation

To utilize the Cryptography module, first download the module from the exchange. Inside your project, locate the Mule palette in Anypoint Studio. Click on "Search in Exchange." Search for "Cryptography Module." Select "Add >." Then click "Finish."