PricingLogin

Base64, Hashes, Encryption

Webhook Relay provides a helper package to deal with various hashing and cryptography related operations.

Encoding and decoding base64 data

When base64 encoding is needed, import crypto package:

-- importing the package
local crypto = require('crypto')

local encoded = crypto.base64_encode("some value")

-- do something with encoded value

To decode some value:

-- importing the package
local crypto = require('crypto')

-- supplying base64 value
local decoded, err = crypto.base64_decode("aGVsbG8gd29ybGQ=")
if err then error(err) end

-- do something with 'decoded' value

Create MD5 hash

To create MD5 message-digest algorithm based hashes:

-- importing the package
local crypto = require('crypto')

local md5_hashed_value = crypto.md5("<some value to hash>")

Note: MD5 is considered cryptographically broken, if you can, use SHA256 hashing algorithm.

Create SHA1, SHA256, SHA512 hashes

SHA-2 (Secure Hash Algorithm 2) hashing functions are provided by the crypto package:

-- importing the package
local crypto = require('crypto')

-- to hash with SHA1
local sha1_hashed_value = crypto.sha1("<some value to hash>")

-- to hash with SHA256
local sha256_hashed_value = crypto.sha256("<some value to hash>")

-- to hash with SHA512
local sha512_hashed_value = crypto.sha512("<some value to hash>")

Calculating HMAC

HMAC can be calculated using MD5, SHA1, SHA256 and SHA512 algorithms combined with the data and the key. It may be used to simultaneously verify both the data integrity and the authenticity of a message.

-- importing the package
local crypto = require('crypto')

-- to calculate HMAC of the request body using SHA256:
local calculated_hmac = crypto.hmac('sha256', r:RequestBody , '<secret key>')

-- check whether calculated HMAC matches the one that was sent
-- with the message

Method hmac takes three parameters:

  1. Algorithm, valid values: md5, sha1, sha256, sha512

  2. Data to verify

  3. Secret key in a string form (not base64 encoded)

Calculating CRC32 checksum

CRC32 is an error-detecting code commonly used to detect accidental changes to raw data. It computes the CRC-32 checksum using the IEEE polynomial. 

-- importing the package
local crypto = require('crypto')

-- to get a string value of crc hash (uses hex encoding):
local encoded_crc2 = crypto.crc32(r:RequestBody)

-- to get a raw value:
local raw_crc2 = crypto.crc32(r:RequestBody, true)
PreviousJWT authenticationNextIntegrating into CI/CD

Last updated