"Ted" <r.ted.byers@rogers.com> wrote in message
news:1136582034.332084.182490@o13g2000cwo.googlegr oups.com...
> OK, the main program is written in Java, as part of a number of
> servlets, and making use of JDBC. I am using a function from the Java
> security API that produces binary data (this would be the message
> digest for now, but I need a function that is guaranteed to have a one
> to one relation between the input and output and a digest won't give
> that to me; the way I am using it, there is about 512 bits of data
> output).

This is only slightly related to MySQL, so perhaps you would find a more
authoritative response on a cryptography-related newsgroup.

I think what you want is a "collision-resistant" hash function or a "message
authentication code" such as HMAC. I don't think this algorithm is provided
for in MySQL. PostgreSQL has in its contrib directory pgcrypto, which
includes an HMAC function.

I'd recommend creating the message digests in application code, instead of
relying on the cryptography functions in the DBMS. You'll have access to
more robust implementations, and a greater range of digest algorithms.
Also, you won't be beholden to the differing support for encryption
functions in different DBMS'.

RSA has released BSAFE Crypto-J, an implementation in Java including HMAC
and also SHA-512 to give you your 512-bit digests:
http://www.rsasecurity.com/node.asp?id=1204

It seems to be released under a free license, and downloadable from a site
in Australia (I assume to avoid USA's cryptography export restrictions).
Read https://eval.rsasecurity.com.au/cgi-...al/license.cgi to make
certain the license is compatible with your usage in your application.

> An alternative would be to source a function that takes an ASCII string
> argument and returns an ASCII string result

When presented with problems like this, I run the digest string through
Base-64 encoding to force the characters to be printable.

Regards,
Bill K.