Use 6 Cryptographic Hash Functions in Your Next Mule application

Updated: Jun 13

We live in an age where security is a must and cyber security is equally important as our physical security. Cyber security breaches can cost companies millions, identity theft can devastate lives and cyber warfare can be a National nightmare.

As developers it is imperative to consider security upfront rather than make it an afterthought. This post will be the first of a series of posts that focuses on securing Mule applications and messages in transmission. This post will discuss hash functions and demo its use in the DataWeave Crypto library.

A Note About Hash Functions

You may have heard of hash functions in your computer science course and may have used hash tables or hash maps in your projects. Hash functions are also applicable in cryptography. Hash functions are functions that take a message and return an unique value. This is called a message digest (Secure Cryptography, 106). When describing hash functions, Jean-Philippe Aumasson states in his book, Serious Cryptography on page 105

"Hash functions - such as MD5, SHA-1, SHA-256, SHA-3, and BLAKE2 - comprise the cryptographer's Swiss Army Knife: they are used in digital signatures, public-key encryption, integrity verification, message authentication, password protection, key agreement protocols, and many other cryptographic protocols."

Now onto the Mule Stuff

DataWeave 2.0 for Mule 4 ships with a Crypto library that consists of the following hash functions:

  • HMACBinary

  • HMACWith

  • MD5

  • SHA1

  • hashWith

To enable the Crypto library use the following line of code:

import * from dw::Crypto

Read on for information about each hash function and how to use it in Mule.

Hash-Based Message Authentication Code (HMAC)

HMAC is used to calculate message authentication codes. These codes are generated by using a cryptographic key and hashing function. HMACs can be used for authentication and to check data integrity.

DataWeave offers two functions for HMAC (HMACBinary and HMACWith).

As depicted above HMACBinary takes a cryptographic key and message (both as Binary) and returns a HMAC hash code. The default hashing algorithm is HMACSHA1.

The HMACWith function is similar to the HMACBinary function, however you can choose the hashing function. The available options are HMACSHA1, HMAC256 and HMAC512.