simple_hash - Cryptographic Hashing for Eiffel

Features

SHA-256 - Secure hash, 256-bit output (FIPS 180-4)
SHA-512 - Secure hash, 512-bit output (FIPS 180-4)
HMAC-SHA256 - Keyed-hash message authentication (RFC 2104)
HMAC-SHA512 - Keyed-hash with 512-bit output
MD5 - Legacy hash for checksums (not for security)
File Hashing - Stream files directly without loading into memory
Design by Contract - Full preconditions and postconditions
Pure Eiffel - No external dependencies

Quick Start

Installation

Add to your ECF:

<library name="simple_hash" location="$SIMPLE_HASH\simple_hash.ecf"/>

SHA-256 Hashing

local
    hasher: SIMPLE_HASH
    digest: STRING
do
    create hasher.make

    -- Hash a string
    digest := hasher.sha256 ("Hello, World!")
    -- Result: "dffd6021bb2bd5b0af676290809ec3a53191dd81c7f70a4b28688a362182986f"
end

HMAC-SHA256 (for JWT, API signatures)

local
    hasher: SIMPLE_HASH
    signature: STRING
do
    create hasher.make

    -- Create keyed hash
    signature := hasher.hmac_sha256 ("secret-key", "message to sign")
    -- 64-character hex string
end

SHA-512 (Stronger security)

local
    hasher: SIMPLE_HASH
    digest: STRING
do
    create hasher.make

    -- 512-bit hash for maximum security
    digest := hasher.sha512 ("sensitive data")
    -- 128-character hex string

    -- HMAC-SHA512 for signatures
    signature := hasher.hmac_sha512 ("secret", "message")
end

File Hashing (Streaming)

local
    hasher: SIMPLE_HASH
    file_hash: detachable STRING
do
    create hasher.make

    -- Hash a file without loading it into memory
    file_hash := hasher.sha256_file ("path/to/large/file.dat")
    if attached file_hash as h then
        print ("SHA-256: " + h)
    end

    -- Also available:
    -- hasher.sha512_file (path)
    -- hasher.md5_file (path)
end

MD5 (Legacy checksums only)

local
    hasher: SIMPLE_HASH
    checksum: STRING
do
    create hasher.make

    -- WARNING: MD5 is cryptographically broken
    -- Use only for checksums, never for security
    checksum := hasher.md5 ("file contents")
end

Algorithm Comparison

Algorithm	Output Size	Security	Use Case
SHA-256	256 bits (64 hex chars)	Secure	Passwords, signatures, integrity
SHA-512	512 bits (128 hex chars)	Secure	High-security applications
HMAC-SHA256	256 bits (64 hex chars)	Secure	JWT signatures, API auth, MACs
HMAC-SHA512	512 bits (128 hex chars)	Secure	High-security MACs
MD5	128 bits (32 hex chars)	Broken	Checksums only (legacy)

Use Cases

JWT Tokens - HMAC-SHA256 for HS256 signatures
Password Hashing - SHA-256 with salt (prefer bcrypt for production)
API Authentication - HMAC signatures for request verification
Data Integrity - SHA-256 checksums for file verification
Content Addressing - Hash-based content identifiers

Specifications

FIPS 180-4 - Secure Hash Standard (SHA-256)
RFC 2104 - HMAC: Keyed-Hashing for Message Authentication
RFC 1321 - The MD5 Message-Digest Algorithm