HASH_MD5, HASH_SHA1, HASH_SHA256, and HASH_SHA512
The hashing functions return a 128-bit, 160-bit, 256-bit, or 512-bit hash of the input data, depending on the algorithm selected.
- expression
- An expression that represents the string value to be hashed. This expression can return any built-in or distinct data type. A distinct type is treated as its source data type. If the value is numeric or datetime, it is implicitly cast to VARCHAR before the function is evaluated. If the value is XML, an implicit XMLSERIALIZE to CLOB(2G) CCSID 1208 is performed before the function is evaluated.
Function name | Algorithm | Result size | Number of return values | Result length | Corresponding algorithm value for use in the HASH function |
---|---|---|---|---|---|
HASH_MD5 | MD5 | 128 bit | 2128 | 16 | 0 |
HASH_SHA1 | SHA1 | 160 bit | 2160 | 20 | 1 |
HASH_SHA256 | SHA-256 | 256 bit | 2256 | 32 | 2 |
HASH_SHA512 | SHA-512 | 512 bit | 2512 | 64 | 3 |
The data type of the result is BINARY with the result length determined by the function name as shown in Table 1.
If the argument can be null, the result can be null. If the argument is null, the result is the null value.
Notes
Whitespace affects the hash; a fixed length character string with trailing blanks will generate a different result than a varying length character string that has no trailing blanks. The CCSID of expression can cause strings that compare as equal to generate different result values.
Security flaws have been identified in both the SHA1 and MD5 algorithms. You can find acceptable hash algorithms in applicable compliance documentation, such as National Institute of Standards and Technology (NIST) Special Publication 800-131A.
Syntax alternative: The HASH function with a single argument is similar to HASH_MD5. A second argument can be specified for HASH to indicate the algorithm to use. The algorithm values are shown in Table 1. The second argument can be an expression that must return a value of any built-in numeric, character-string, or graphic-string data type. A string argument is converted to integer before evaluating the function. The result data type for HASH is VARBINARY. If there is only one argument, the length attribute of the result is 16. If the second argument is specified by an integer constant, the length attribute of the result is the result length shown in Table 1. Otherwise, the length attribute of the result is 64. If either argument can be null, the result can be null. If either argument is null, the result is the null value.
Examples
- Use the MD5 algorithm to generate hashed
data.
The following value is returned:VALUES HEX(HASH_MD5('ABCDEFGHIJKLMNOPQRSTUVWXYZ'))
5156BECBC019E3F0F9520B143435427E
- Use the SHA1 algorithm to generate hashed
data.
The following value is returned:VALUES HEX(HASH_SHA1('ABCDEFGHIJKLMNOPQRSTUVWXYZ'))
55324E3DD1FA95040F65709D193E82575237EF86
- Use the SHA-256 algorithm to generate hashed
data.
The following value is returned:VALUES HEX(HASH_SHA256('ABCDEFGHIJKLMNOPQRSTUVWXYZ'))
011F7AD1ECD8E5A4CC8533D1ECD497DC5D95E848B14F8BCFD56A73D7F41843E2
- Use the SHA-512 algorithm to generate hashed
data.
The following value is returned:VALUES HEX(HASH_SHA512('ABCDEFGHIJKLMNOPQRSTUVWXYZ'))
D8AC4B838921A83C4207B62B8B63628F8FBE836EB012167310331FFC070FC977D224F39148 8806CB1FE2AA9C8C739E5104CAD1C4C6E97967DA6223D657CD9295