|
| 1 | +--- |
| 2 | +RFC: |
| 3 | +Author: Ilya Sazonov |
| 4 | +Status: Draft |
| 5 | +SupercededBy: n/a |
| 6 | +Version: 0.1 |
| 7 | +Area: Cmdlet |
| 8 | +Comments Due: |
| 9 | +--- |
| 10 | + |
| 11 | +# Get-StringHash cmdlet |
| 12 | + |
| 13 | +Add the new cmdlet to PowerShell to get cryptographically strong hashes for strings. |
| 14 | + |
| 15 | +Current .Net implementation of GetHashCode method calculates a hash that is not a global (across application domains) safe and is not a permanent value. |
| 16 | +According to the documentation, this method has many practical limitations. |
| 17 | +https://msdn.microsoft.com/en-us/library/system.object.gethashcode%28v=vs.110%29.aspx |
| 18 | +https://msdn.microsoft.com/en-us/library/system.string.gethashcode%28v=vs.110%29.aspx |
| 19 | +>As a result, hash codes should never be used outside of the application domain in which they were created, they should never be used as key fields in a collection, and they should never be persisted. |
| 20 | +
|
| 21 | +Currently Powershell only has Get-FileHash cmdlet to get a file hashes. |
| 22 | +Users are forced to use a workaround to get a string hashes: |
| 23 | +```powershell |
| 24 | +Get-FileHash -InputStream ([System.IO.MemoryStream]::new([System.Text.Encoding]::UTF8.GetBytes("test string"))) |
| 25 | +``` |
| 26 | + |
| 27 | +## Motivation |
| 28 | + |
| 29 | +With the new cmdlet users can use native Powershell cmdlet syntax without a workaround. |
| 30 | + |
| 31 | +With the new cmdlet users can get hashes which: |
| 32 | + |
| 33 | +* is a cryptographically strong hashes |
| 34 | +* is across-platform |
| 35 | +* may be sended across application domains |
| 36 | +* may be saved in databases |
| 37 | +* may be used as key in collections |
| 38 | +* may be used to compare strings and texts |
| 39 | + |
| 40 | +## Specification |
| 41 | + |
| 42 | +### Parameters |
| 43 | + |
| 44 | +1. InputString |
| 45 | + |
| 46 | + Type = array of strings |
| 47 | + |
| 48 | + Position = 0 |
| 49 | + |
| 50 | + ##### Attributes |
| 51 | + |
| 52 | + ValueFromPipeline = true |
| 53 | + |
| 54 | + AllowNull() |
| 55 | + |
| 56 | + AllowEmptyString() |
| 57 | + |
| 58 | +2. Algorithm |
| 59 | + |
| 60 | + Type = string |
| 61 | + |
| 62 | + Position = 1 |
| 63 | + |
| 64 | + ##### Attributes |
| 65 | + |
| 66 | + ValidateSet = SHA1, SHA256, SHA384, SHA512, MD5 |
| 67 | + |
| 68 | +3. Encoding |
| 69 | + |
| 70 | + Type = [Microsoft.PowerShell.Commands.FileSystemCmdletProviderEncoding] |
| 71 | + |
| 72 | + Position = 2 |
| 73 | + |
| 74 | +### Encoding |
| 75 | + |
| 76 | +.Net hash algorithm methods work on byte buffer. So the cmdlet must convert a input string to byte array. |
| 77 | +This process is a encoding sensitive. |
| 78 | +To correctly process the user must specify the encoding of incoming strings. |
| 79 | + |
| 80 | +### InputString accept null and empty input strings |
| 81 | + |
| 82 | +.Net hash algorithm methods can calculate a hash for empty string without exception. |
| 83 | + |
| 84 | +.Net hash algorithm methods throw for null input buffer. |
| 85 | +This behavior is not convenient when processing an array of strings by using a pipeline: |
| 86 | +```powershell |
| 87 | + "test1", $null, "test2" | Get-StringHash |
| 88 | +``` |
| 89 | +Best behavior is to create null as result hash for null string and generate non-terminating error. |
| 90 | + |
| 91 | +## Alternate Proposals and Considerations |
| 92 | + |
| 93 | +None |
0 commit comments